Submitted URL: https://sendgb.com/sHSNoGWBrQd
Effective URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Submission Tags: falconsandbox
Submission: On May 12 via api from US

Summary

This website contacted 33 IPs in 7 countries across 27 domains to perform 118 HTTP transactions. The main IP is 2606:4700:20::ac43:446f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sendgb.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.
This is the only time www.sendgb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
30 185.59.220.199 60068 (CDN77 (^_^)/)
3 2a00:1450:400... 15169 (GOOGLE)
2 23.111.9.35 33438 (HIGHWINDS2)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.12.176 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
10 151.101.129.21 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 104.111.228.123 16625 (AKAMAI-AS)
3 151.101.193.35 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.59.220.197 60068 (CDN77 (^_^)/)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 35.186.253.211 15169 (GOOGLE)
5 142.250.186.130 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 54.250.196.226 16509 (AMAZON-02)
1 1 217.182.200.20 16276 (OVH)
1 52.38.167.254 16509 (AMAZON-02)
118 33
Domain Requested by
30 sendgb.b-cdn.net www.sendgb.com
ajax.cloudflare.com
sendgb.b-cdn.net
10 www.paypal.com ajax.cloudflare.com
www.paypal.com
www.paypalobjects.com
10 pagead2.googlesyndication.com ajax.cloudflare.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.googleadservices.com
googleads.g.doubleclick.net
6 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 www.sendgb.com 1 redirects www.sendgb.com
ajax.cloudflare.com
5 cm.g.doubleclick.net googleads.g.doubleclick.net
4 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 www.google.com 2 redirects
3 t.paypal.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 js.stripe.com ajax.cloudflare.com
js.stripe.com
3 fonts.googleapis.com www.sendgb.com
googleads.g.doubleclick.net
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.de
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 maxcdn.bootstrapcdn.com www.sendgb.com
maxcdn.bootstrapcdn.com
2 use.fontawesome.com www.sendgb.com
use.fontawesome.com
2 code.jquery.com www.sendgb.com
ajax.cloudflare.com
1 m.stripe.com m.stripe.network
1 googlecm.hit.gemius.pl 1 redirects
1 cc.adingo.jp googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 m.stripe.network js.stripe.com
1 www.gstatic.com googleads.g.doubleclick.net
1 cdn.sendgb.com sendgb.b-cdn.net
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.sendgb.com
1 cdn.muicss.com ajax.cloudflare.com
1 ajax.cloudflare.com www.sendgb.com
1 sendgb.com 1 redirects
118 38
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-14 -
2021-08-14
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA
2020-11-11 -
2021-11-11
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-11 -
2022-08-16
2 years crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2021-04-14 -
2021-08-04
4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-04-16 -
2022-03-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-11-17 -
2021-11-21
a year crt.sh
www.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
www.google.de
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
cdn.sendgb.com
R3
2021-04-30 -
2021-07-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1
2021-03-26 -
2022-04-14
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-16 -
2021-08-04
4 months crt.sh

This page contains 13 frames:

Primary Page: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Frame ID: E3313F11E44E0B280BFE120C6C4E58F6
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: 029A57898EE778D58AEA480027E8B96C
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Frame ID: 2CC2C0C3C2EF3D0F37AEC74417202CFE
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 79CB7E645F9603DFC7703BBD82433AC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&adk=1559050123&adf=2739833515&lmt=1620818512&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511566&bpp=26&bdt=2028&idt=551&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8231259228626&frm=20&pv=2&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=675
Frame ID: 80D05933C79EA9C6836D16DB0E4CB3ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Frame ID: 689CCE7BC995E28EB358497C67B10DD5
Requests: 13 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html?frameId=9a02cb63-0cdd-4523-8bce-abf98549a3cc&propertyId=4RQRGB7XMVPX8-1&flow=visitor-info&variant=analytics&mrid=4RQRGB7XMVPX8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Frame ID: FA7D35B206E8B050A8D4D27CE63AB5C3
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Frame ID: 4085D438503B00F45958540308D725CF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AF878A9EA4E64ACE6AD7FB4912352704
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03CFFABB8D8277ADBCFE373EB6B9A04D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2E2AFC5C28D93116D31B3E888780735C
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: BF749DDB9B52146D679194F048E113F4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: 0E8C662C01AC3DCD61F2354D82A88114
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sendgb.com/sHSNoGWBrQd HTTP 301
    https://www.sendgb.com/sHSNoGWBrQd HTTP 302
    https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

118
Requests

99 %
HTTPS

56 %
IPv6

27
Domains

38
Subdomains

33
IPs

7
Countries

1787 kB
Transfer

5190 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sendgb.com/sHSNoGWBrQd HTTP 301
    https://www.sendgb.com/sHSNoGWBrQd HTTP 302
    https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ULqbYJniLt3U7_UP9fCNsAs&sscte=1&crd=&eitems=ChEI8PnthAYQ3YTz9c-u-6iOARIdABXJKBRsCLXJHG0yiuzQKsd36P_fatbZpXar7S8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ULqbYJniLt3U7_UP9fCNsAs&cid=CAQSKQCNIrLMr4wvEU1irHXgZRZ9mkfXe_bDcsDL2HHHNMpT90opWqKGdobD&eitems=ChEI8PnthAYQ3YTz9c-u-6iOARIdABXJKBT7Tyi1ftTNsvZ6_R4Na2q18z9FlULgD-0&random=2337965902&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ULqbYJniLt3U7_UP9fCNsAs&cid=CAQSKQCNIrLMr4wvEU1irHXgZRZ9mkfXe_bDcsDL2HHHNMpT90opWqKGdobD&eitems=ChEI8PnthAYQ3YTz9c-u-6iOARIdABXJKBT7Tyi1ftTNsvZ6_R4Na2q18z9FlULgD-0&random=2337965902&resp=GooglemKTybQhCsO&ipr=y
Request Chain 107
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIRIHBwFxqFQKogVvCkVXsk&google_cver=1&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qrug HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIRIHBwFxqFQKogVvCkVXsk&google_cver=1&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qrug&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qrug&google_hm=oSJPmbSCwMYn9bpjK6LW3A==
Request Chain 108
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEtfKf72fT0L9shBmmMfA_k&google_cver=1&google_push=AQvitUJ7zwY_sxM5ev_9nP9ef_VBifcB7FI4YL7UqNXRmodFQyWnw454xtyClNG15GjW98ffdVwF-8S8LvQeiRufL28ptJ36msTtmw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEtfKf72fT0L9shBmmMfA_k&google_cver=1&google_push=AQvitUJ7zwY_sxM5ev_9nP9ef_VBifcB7FI4YL7UqNXRmodFQyWnw454xtyClNG15GjW98ffdVwF-8S8LvQeiRufL28ptJ36msTtmw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-tRFQ4kQy2D4572lyQSwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJ7zwY_sxM5ev_9nP9ef_VBifcB7FI4YL7UqNXRmodFQyWnw454xtyClNG15GjW98ffdVwF-8S8LvQeiRufL28ptJ36msTtmw
Request Chain 109
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOqwzlgOvvbJPGKtbROvqQU&google_cver=1&google_push=AQvitULf5PujzObsbIDo_2vo5lIQ8V7VqW0SMOF7a3DDB0l0cWQyYKzzof5I0jpYED8bQCCPre2EMFsylCy3pul1CCgrF-l8RkHigg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREhVOTYtMTItREZHRw==&google_push=AQvitULf5PujzObsbIDo_2vo5lIQ8V7VqW0SMOF7a3DDB0l0cWQyYKzzof5I0jpYED8bQCCPre2EMFsylCy3pul1CCgrF-l8RkHigg
Request Chain 110
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc=
Request Chain 112
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEABSnY6frP-pYYZOM0CF9lw&google_cver=1&google_push=AQvitUJQrWcaxJ6SYQ2JpaxDNW7D08YVBLai5uzj5RgKcGMKtOMyPk6ElbSDJj2bomPsmhNvWBWZESlEo0PRi8M8Fv7l0om6w6K0n7k HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJQrWcaxJ6SYQ2JpaxDNW7D08YVBLai5uzj5RgKcGMKtOMyPk6ElbSDJj2bomPsmhNvWBWZESlEo0PRi8M8Fv7l0om6w6K0n7k&google_hm=
Request Chain 114
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

118 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.sendgb.com/upload/
Redirect Chain
  • https://sendgb.com/sHSNoGWBrQd
  • https://www.sendgb.com/sHSNoGWBrQd
  • https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
93 KB
19 KB
Document
General
Full URL
https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:446f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c6bb9e16ea67f2724629de899b500121feb256f19440a58843f9d537b4c507
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Host
www.sendgb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__cflb=02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKfMtbqo3BiZhYS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 11:21:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
sendgb_ses=3biect9c65vp24sbv23hkequn5; expires=Thu, 13-May-2021 11:21:49 GMT; Max-Age=86400; path=/; domain=.sendgb.com; secure; HttpOnly; SameSite=lax
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
CF-Cache-Status
DYNAMIC
set-cookie
sendgb_ses=3biect9c65vp24sbv23hkequn5; expires=Thu, 13-May-2021 11:21:49 GMT; Max-Age=86400; path=/; domain=.sendgb.com l_code_3=en; expires=Sat, 10-May-2031 11:21:49 GMT; Max-Age=315360000; path=/; domain=.sendgb.com
cf-request-id
0a01e8d6190000073ef3928000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mzoOLLPTEizi54NCX07m0FF%2F2GQ8fEM9JvJMcXNerYG2M3BWuwIHcZ894gmxeKDFB6rbCTEoHVDY8JN1g3agx0THPz19PQP76uTzNcYDQDkq77i7dkRnEO27jw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security
max-age=0; includeSubDomains; preload
Server
cloudflare
CF-RAY
64e344035b7e073e-FRA
Content-Encoding
gzip

Redirect headers

Date
Wed, 12 May 2021 11:21:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
X-Frame-Options
SAMEORIGIN
CF-Cache-Status
DYNAMIC
cf-request-id
0a01e8d5d20000073e0f34c000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=stgDxq0ElYLq4GKQkhgqewiFiALIULa52wiHwVxC4AdXcuNSc3GMdfCWmR9JCFxfHK19cP2K%2FY3BxGB5ZqpV7%2BLjYm56%2BgSSWfL%2FmIYwc5auoZHZYy9PWItZ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Set-Cookie
__cflb=02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKfMtbqo3BiZhYS; SameSite=None; Secure; path=/; expires=Sat, 15-May-21 11:21:49 GMT; HttpOnly
Strict-Transport-Security
max-age=0; includeSubDomains; preload
Server
cloudflare
CF-RAY
64e34402ea6c073e-FRA
jquery-ui.min.css
code.jquery.com/ui/1.11.2/themes/smoothness/
29 KB
7 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.min.css
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4bf30ddd888c25e3ee55a8d75d4af44331af5c9bf70a2fcec7c820f9b076130e

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
W/"54499a48-7545"
vary
Accept-Encoding
x-hw
1620818509.dop008.fr8.t,1620818509.cds230.fr8.hc,1620818509.cds098.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7323
bootstrap.min.css
sendgb.b-cdn.net/src/mdb/css/
139 KB
25 KB
Stylesheet
General
Full URL
https://sendgb.b-cdn.net/src/mdb/css/bootstrap.min.css?v=5.5.1
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
25dd44ce52f5899b4214d668df8830cf43e1ab84e985adbcd38a8ec21139b23f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-09 00:28:42
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09efb1f36e00002b12543a8000000001
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pVGkCjlyBd79fQ9iTQu12wFPP57qycOT%2BpE6eczOGn2sCzbIJSlItsr8JFw8ELyW1CQjvgM733UpEJGFo6xfdR%2BL1Qd%2BEfs1bBAirDXlXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
2d08de1440d31663cbb7856b9d1afc18
cdn-requestcountrycode
US
cf-ray
64c61f657a812b12-FRA
link
<https://www.sendgb.com/src/mdb/css/bootstrap.min.css?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
mdb.min.css
sendgb.b-cdn.net/src/mdb/css/
535 KB
69 KB
Stylesheet
General
Full URL
https://sendgb.b-cdn.net/src/mdb/css/mdb.min.css?v=5.5.1
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
94d927ba55402e39e5dcd5f7ae35e8003b3fdd8ea2d810c1d15ae7a7c71c02af
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
723
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-12 13:06:35
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a01dae54c00004eda3d392000000001
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jwZeb1K9Sbfa8zk8cS9NmTcYW5Gqnb7uTan%2FBIp15p3DoOW04cFpd%2Fcuu9uq4%2B0NkOi266wEvT0EQCCvmU70xmwedF%2BOn%2BA7glD8Fq0SYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
8d37cdb60a029ebb28d04c8067bfac44
cdn-requestcountrycode
US
cf-ray
64e32db5482e4eda-FRA
link
<https://www.sendgb.com/src/mdb/css/mdb.min.css?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
sendgb.min.css
sendgb.b-cdn.net/src/css/
84 KB
19 KB
Stylesheet
General
Full URL
https://sendgb.b-cdn.net/src/css/sendgb.min.css?v=5.5.1
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
45b8b07612597efd8ef05339cd39f4a6303ff243675d3c8fe3bc07c40f0771ff
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
723
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-12 13:20:30
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a01e7a2190000c2a91a028000000001
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 12 Jan 2021 19:31:03 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jRR9%2BSOeC7iSWWq4EoLBzQCPrCjB5ZJUKniXfSU%2FEl%2BNlXE0ecC3bT6gtK6rYBB3tCbbqXmQWGpoSWIX5IoX0l8xbaq7wK4eZQtt37d7BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
0e6dea292147a9f89d54eaf768d44a6c
cdn-requestcountrycode
US
cf-ray
64e342168da8c2a9-FRA
link
<https://www.sendgb.com/src/css/sendgb.min.css?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
animate.css
sendgb.b-cdn.net/src/css/
58 KB
8 KB
Stylesheet
General
Full URL
https://sendgb.b-cdn.net/src/css/animate.css?v=5.5.1
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
c7bdbfe659a00bb5c850be597b3b23466194c780d01c5772cae345f39e11d8a3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
565
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-08 18:11:35
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09ee58b0690000dff386828000000001
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Sun, 26 Jul 2020 18:46:56 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VW%2BPqR57kgm44H2UXXIO8MgzxENu1Y3DVR9bpIoOaGFFOZBmytXd8wDQhnhDdZqFhLvqgITny4MLMGKw5kS4WNhepMsiu1%2BRuFgMQ4fSIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
0da8842c34a66caa48bb07df955c9f16
cdn-requestcountrycode
US
cf-ray
64c3f6fa4c5edff3-FRA
link
<https://www.sendgb.com/src/css/animate.css?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
7 KB
794 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,400italic&subset=latin,latin-ext&display=swap
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
809681679f064ecc24f372d390b2b77cd1b33f28cbc8605d318c9ffbdbbd4065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 11:21:49 GMT
server
ESF
date
Wed, 12 May 2021 11:21:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 11:21:49 GMT
css
fonts.googleapis.com/
1 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Varela+Round&display=swap
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 10:52:57 GMT
server
ESF
date
Wed, 12 May 2021 11:21:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 11:21:49 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/
54 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin
https://www.sendgb.com
Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
4371865
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a01e8d73800004a748085d000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
50f270cef956c80b14f61fa9ad96c573
cf-ray
64e344051ec34a74-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
api.js
www.sendgb.com/cdn-cgi/bm/cv/669835187/
35 KB
10 KB
Script
General
Full URL
https://www.sendgb.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:446f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.sendgb.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.sendgb.com/
Cookie
__cflb=02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKfMtbqo3BiZhYS; sendgb_ses=3biect9c65vp24sbv23hkequn5; l_code_3=en
Connection
keep-alive
Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 11:21:49 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security
max-age=0; includeSubDomains; preload
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X9Osa%2FMeG6AGfTRqwM63LTymYvW6L7Y5g6M6ak%2Fsmjwa81hcgBsKAiK7fOgGE0XYDOPWZAnf4pHioMYfeF7ByGgUK0A%2F%2BC2uSs2uo%2FcdHEQJ3YHcUQQmQbyp9g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript
cache-control
max-age=604800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
64e34404bece073e-FRA
Vary
Accept-Encoding
cf-request-id
0a01e8d6f50000073ef122f000000001
sendgb_logo.png
sendgb.b-cdn.net/img/
6 KB
7 KB
Image
General
Full URL
https://sendgb.b-cdn.net/img/sendgb_logo.png
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
1f8252f61b26e0acddfe4ff023f9870b64380eb8f2965802ee7b849cb33dafd0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
age
1012
cf-polished
origSize=8440
cdn-cachedat
2021-05-08 23:58:44
cdn-pullzone
26154
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-bgj
imgq:100,h2pri
content-length
5697
cf-request-id
09ef96854a000097b48caf1000000001
access-control-allow-origin
*
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DxtNbhR3sWfTTGilJ7iuKGiKIgeiHurxltlZ9uQm7qJw8iBdrF2upHTKOkn1ulio3Q%2FZgejTUp3pWPLR276WBAzzQVN9R45%2F9Jx4%2BnC%2B0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cdn-requestid
6f70cb82123de358919471fd4dc8eb7b
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64c5f3820fc597b4-FRA
link
<https://www.sendgb.com/img/sendgb_logo.png>; rel="canonical"
cdn-requestpullsuccess
True
sendgb-extra-w.png
sendgb.b-cdn.net/img/
4 KB
6 KB
Image
General
Full URL
https://sendgb.b-cdn.net/img/sendgb-extra-w.png
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
1ac1fa8c871caac481a3d555f524d1fddf1fae74f1c860f06354ee324489962e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
age
2766
cf-polished
origSize=6604
cdn-cachedat
2021-05-08 23:58:44
cdn-pullzone
26154
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-bgj
imgq:100,h2pri
content-length
4569
cf-request-id
09ef96854c00004e145719c000000001
access-control-allow-origin
*
last-modified
Fri, 08 Jan 2021 14:04:03 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j1aifyR8jCqZsQO0hajEXFMCxxj5ZZvDitBruNiyZGxT5Fm%2B4JWX85nDgRxrqXhQs4qTxt9ljUEjKQ0WRaTGaNZy%2FexUb5%2B4%2B00fUVCNWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cdn-requestid
48618f3ff5386c68a0ba4702712db5d3
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64c5f3821a384e14-FRA
link
<https://www.sendgb.com/img/sendgb-extra-w.png>; rel="canonical"
cdn-requestpullsuccess
True
bmc-new-btn-logo.svg
sendgb.b-cdn.net/img/
3 KB
2 KB
Image
General
Full URL
https://sendgb.b-cdn.net/img/bmc-new-btn-logo.svg
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
1d5d6a84e422162b752937ac706144ac9804bd0f25615198271cb787dea5299f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
age
6848
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-10 14:20:47
cdn-pullzone
26154
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09f7d219530000d6e9c62a4000000001
access-control-allow-origin
*
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0jjYkky2Qf8%2BT1bYgDaqaOhboQ4zJCW%2BCqGoyUJZzWYH4rbc%2Fyie8LfbKLGVLOJfa%2Bcoa6ulB5zWUaVdnXSAZtcU%2B72wKi%2FD%2BCTz%2Bpnwgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
4046f283421aef4d4b944c3e03f54ec6
cdn-requestcountrycode
US
cf-ray
64d31fa21fdfd6e9-FRA
link
<https://www.sendgb.com/img/bmc-new-btn-logo.svg>; rel="canonical"
cdn-requestpullsuccess
True
linkedin.png
sendgb.b-cdn.net/img/
762 B
2 KB
Image
General
Full URL
https://sendgb.b-cdn.net/img/linkedin.png
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
edceb654599585fec23b444be834776ef349cff7f119c8e33013ea4350330ffb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
723
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-12 07:48:39
cdn-pullzone
26154
content-length
762
cf-request-id
0a00b7d1df0000bf238da33000000001
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 12 Jan 2021 14:22:06 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NXZrqVeHwWYruDpA4N8nvMh76XyPpRvbyJ%2Fu7gztgTaAo0MUD%2FeggbmIxrGHVJX9R20njil3DHD%2BL6U1P4BLpz4PsPcqos79pp5j3n7TDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
d8e49d5948de95237f49ee5d61e8da34
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64e15bfc99bfbf23-FRA
link
<https://www.sendgb.com/img/linkedin.png>; rel="canonical"
cdn-requestpullsuccess
True
twitter.png
sendgb.b-cdn.net/img/
895 B
2 KB
Image
General
Full URL
https://sendgb.b-cdn.net/img/twitter.png
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
b91ba687f4714983a4ef374a515d8892f167f329e3d49d38ad587300a2b95986
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
age
868
cf-polished
origSize=968
cdn-cachedat
2021-05-08 16:53:48
cdn-pullzone
26154
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-bgj
imgq:100,h2pri
content-length
895
cf-request-id
09ee117a6400004e2cdc273000000001
access-control-allow-origin
*
last-modified
Tue, 12 Jan 2021 14:21:26 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uXusufe7V9cI6p9Q66%2F4V3J3VQ14tLJqLxcui9TP4g9C02726qhyMpZGWDKKJIh7kIgrpKaF0vIr%2BL45sFIAVMcEH1QRuh5QhHpP23QtMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cdn-requestid
bbb870943e55635b93294a5e6f158a0a
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64c3850a3dc74e2c-FRA
link
<https://www.sendgb.com/img/twitter.png>; rel="canonical"
cdn-requestpullsuccess
True
whatsapp.png
sendgb.b-cdn.net/img/
1 KB
3 KB
Image
General
Full URL
https://sendgb.b-cdn.net/img/whatsapp.png
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
fe44acaad81496bc89732f68b5ee7b1bb5a3dd5564dcc26672a6a1bddce0da95
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
age
2420
cf-polished
origSize=1531
cdn-cachedat
2021-05-08 23:58:44
cdn-pullzone
26154
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cf-bgj
imgq:100,h2pri
content-length
1458
cf-request-id
09ef96854900004dbe0bb30000000001
access-control-allow-origin
*
last-modified
Tue, 12 Jan 2021 14:56:29 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BUomLPxR%2Fnq2fubjQhDy33H7Y5cjKGUMYfrUD0A1j%2BApZCkLwYsxWQEmRafQJpAFT%2Bkk3KcFNWXMhvHGzHKL%2FBFndnkAYTsPFWLkd%2BSiCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cdn-requestid
7ae56d415aabb6c0692caba85d7f3448
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64c5f3820ff54dbe-FRA
link
<https://www.sendgb.com/img/whatsapp.png>; rel="canonical"
cdn-requestpullsuccess
True
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
5 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0a01e8d73000004ed90539b000000001
last-modified
Fri, 07 May 2021 18:48:32 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60958b80-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MvZPNF76b%2BFyqQnVGI4lRbHzRsOHl6nd7nghAOkFanhiCfhTrJVhHpwhj420pQobgx28lAz5dtJPJWHcCvSz0PNBuspI4wlBMqC3%2BgNCY7G11FNv6ruMABNr63RMmKA1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
64e344051fb14ed9-FRA
expires
Fri, 14 May 2021 11:21:49 GMT
/
js.stripe.com/v3/
230 KB
55 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c6af677d436fb6ff5882d3e36f3f9dfd698e3d865099edbf6c40230fc0b28e8
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:51 GMT
content-encoding
br
vary
Accept-Encoding
age
155
via
1.1 varnish
x-cache
HIT
content-length
55713
x-amz-id-2
ovukpRK3ZdR6UO2pRTQQFRb4Mcyo9dIS1q3OjbNZNbTrGbN+9OT0V9Igq2HySmq7yOK99I+6mXc=
x-served-by
cache-fra19175-FRA
timing-allow-origin
*
last-modified
Tue, 11 May 2021 18:28:16 GMT
server
AmazonS3
etag
"e6e2d54cfe213b50ae317e9bd55e36f6"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
FETZWXSC8KX5YPBM
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
46
background2.min.js
www.sendgb.com/src/js/
1 KB
1 KB
Script
General
Full URL
https://www.sendgb.com/src/js/background2.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:446f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31f5ec4cbe07f5cc35b55e8adee84ecdb253a39aaedc1e6fe077e32381f93356
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.sendgb.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.sendgb.com/
Cookie
__cflb=02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKfMtbqo3BiZhYS; sendgb_ses=3biect9c65vp24sbv23hkequn5; l_code_3=en
Connection
keep-alive
Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 11:21:49 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DR9S1GIaMtDmXT56sc6M7AazeJgMU3%2BAyghbSkt6BeqNtGRJM%2Fo6OgmloNp4Eo2VwcVCvv5VJ30bBj0B3YVTwcVMc%2FvWzP3uzh%2BSx2sTFzrW2JSoQJ4X5ZdgzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Connection
keep-alive
cf-request-id
0a01e8d82e0000073ea99c1000000001
Last-Modified
Sun, 26 Jul 2020 18:45:27 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5f1dcf47-4b8"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=0; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
CF-RAY
64e34406bb6a073e-FRA
browser-alert.min.js
sendgb.b-cdn.net/src/js/
770 B
1 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/browser-alert.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
106836ab0f8b9d70b6cc2f07a7203a7eac7e46bb22a96c8a4446559b141a52fd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
cdn-cachedat
2021-05-12 03:24:00
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09ffc5859f00002b4198a41000000001
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=88nCmHAY6xhrLdeuJKUO82tHP0c97gJRl5%2F2bXtkJRukQ1Hb0Fjrlp6g0eYr9CwQgPZoxNC0ffQYqb3E7xLrSS9k39DxQoPlELjbi5lirA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
5686f39120d33c69c5a67d96a145063e
cdn-requestcountrycode
US
cf-ray
64dfd84f6bba2b41-FRA
link
<https://www.sendgb.com/src/js/browser-alert.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
sendgb-c.min.js
sendgb.b-cdn.net/src/js/
29 KB
9 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/sendgb-c.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
59091a90f94c6f6c1aa3fc6c468949476e8ab1727f40a42a25b0b2d22bd3f49a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
cdn-cachedat
2021-05-09 23:03:10
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09f48a00b900004a916b845000000001
last-modified
Mon, 11 Jan 2021 10:47:15 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wXV6rBcWtuLud%2FeeyQOStcBn4T88%2F8RT1nMYc3NsptEdKEgZ%2BT2VLeRthDRjNA%2FxvVJYTNd%2BCyTSVdPx7vL5XjMHwjfPn9ujSH2DgNCPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
d3d6a9d39e6a7c1b839c7aac93e534d2
cdn-requestcountrycode
US
cf-ray
64cddf7accd24a91-FRA
link
<https://www.sendgb.com/src/js/sendgb-c.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
dnd.min.js
sendgb.b-cdn.net/src/js/
28 KB
9 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/dnd.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
0616bad6c2fcac05ee501c969bcde956164175cbe0b03c7d7695511aad88652c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
565
cdn-cachedat
2021-05-09 10:18:13
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09f1cdac7800004eda40be3000000001
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nm98ATRR74h8UDVw31qzB7G8uTAWFTF8Yy2qXq8KnzS08r7G8boFTe%2F0j3yUiU3LIUic6xZy0O8dfCHsFOW%2Fzf4dt1IP8J%2FoLM%2FVqU%2BzRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
a5e78d3f8319c6dcbedfb6b0b7992b04
cdn-requestcountrycode
US
cf-ray
64c97ef3fc9c4eda-FRA
link
<https://www.sendgb.com/src/js/dnd.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
jquery.fine-uploader.min.js
sendgb.b-cdn.net/src/js/
214 KB
57 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/jquery.fine-uploader.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
a85c68b65334deca20d94a75e37634861baf2604937f5d7234266c698801acfa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
cdn-cachedat
2021-05-08 22:40:50
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09ef4f339a0000c2f417299000000001
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6MkRNMDdcluRprB07%2BfO8l5n7jsPgJgaE5Nem6MSzChvAGCHwznsCsbChS9vuhPpJgbdt9qLKD06IIEF0tWlw86P09XhEo7%2BMY071lnL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
e80adc79d67a4429d32037a211b927d2
cdn-requestcountrycode
US
cf-ray
64c58165cca2c2f4-FRA
link
<https://www.sendgb.com/src/js/jquery.fine-uploader.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
md5.min.js
sendgb.b-cdn.net/src/js/
4 KB
2 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/md5.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
cdn-cachedat
2021-05-08 17:35:00
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09ee37309700004a865f313000000001
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7t%2F3pzAUON%2BiggSW720CXtfVel8PCtarNGFDSsDZWE6ACdtplcScD3f%2BQ%2Bd9%2B3Dw%2FPKIYSxNLScwYGJs0wqzzZkpEEHAQkpxFXYFFZvwdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
f67c185cdc4081aff363eb0f616d2cc2
cdn-requestcountrycode
US
cf-ray
64c3c160eb234a86-FRA
link
<https://www.sendgb.com/src/js/md5.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
jquery.knob.min.js
sendgb.b-cdn.net/src/js/
11 KB
5 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/jquery.knob.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
cdn-cachedat
2021-05-08 18:19:07
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09ee5f959d00004a865bbf2000000001
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fjg3TjgOSaCUYnRPQAXt1BMPmOO61VWc3azRIGuVqzEdLpTrn5eFqmU30rI0L2FnkXMhqOej4z8IisONIAxvqRheiF%2FH7TChkBCuaXl2Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
fb7e736bd2ac945e69d5e33574ca8d8e
cdn-requestcountrycode
US
cf-ray
64c402029ead4a86-FRA
link
<https://www.sendgb.com/src/js/jquery.knob.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
form-control-js.js
sendgb.b-cdn.net/src/js/
5 KB
3 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/form-control-js.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
a99587d55c95cfe0c845a55eed7f36a330d9c69943ff13d9c43a76fc949ffa94
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
cdn-cachedat
2021-05-12 09:32:24
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a0116cca000002bb9fe277000000001
last-modified
Wed, 12 Aug 2020 10:04:40 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s8ac39UdNiyPyvf6eblyTUGzV0dfDwJq1vNQUqvE7Ly6oXCjsM2jpEp8pVWfWrw8AN%2FtNypha1%2FWbVQN10toc%2B1tAyyUQMNYfODsACxwaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
b066d3d3c84d3bb2def5b3d5b3d3e6c5
cdn-requestcountrycode
US
cf-ray
64e1f3f43f762bb9-FRA
link
<https://www.sendgb.com/src/js/form-control-js.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
Cookie set lang-js.php
www.sendgb.com/src/js/
6 KB
3 KB
Script
General
Full URL
https://www.sendgb.com/src/js/lang-js.php?v=1620818509501
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:446f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0701cd339a069fb80f8b5d1b4550061e9f82dd054edc6a3f1bae961c96f9d5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.sendgb.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.sendgb.com/
Cookie
__cflb=02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKfMtbqo3BiZhYS; sendgb_ses=3biect9c65vp24sbv23hkequn5; l_code_3=en
Connection
keep-alive
Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 11:21:50 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pryheLGZL5OdOXLcij%2BWgTPUAazFvlIARHPNTTSBHYGUpNxGMBjL8d86iscorLfiim4ggiLIdxzsU0LdXcerumd8qXIOIlweXuwtyE%2BdH%2FB7BQOdlJIOMNE2iw%3D%3D"}],"group":"cf-nel","max_age":604800}
Connection
keep-alive
cf-request-id
0a01e8d84c00004eda72a75000000001
Pragma
no-cache
Last-Modified
Wed, 12 May 2021 11:21:50 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=0; includeSubDomains; preload
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate
Set-Cookie
sendgb_ses=3biect9c65vp24sbv23hkequn5; expires=Thu, 13-May-2021 11:21:50 GMT; Max-Age=86400; path=/; domain=.sendgb.com
CF-RAY
64e34406df8a4eda-FRA
Expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.validate.min.js
sendgb.b-cdn.net/src/js/
25 KB
9 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/jquery.validate.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
0886d8101f7306cbc2dbfe95d574c6bf2e37f8a15b4a820974e43e4934a2f8be
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
cdn-cachedat
2021-05-09 02:06:47
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09f00bbeea0000176e003c7000000001
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jNaOIwnpZiocPPhIL32tY6DUBcHL9nZAjMclcnpRGA2lX4eBYQhegCtyPhwXmYJe1RDLx51P0jKNCMfUIDj1FGhE6M51TiWiXgP%2F6RLhRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
fad20613ce839975437c2308169b070a
cdn-requestcountrycode
US
cf-ray
64c6af117b87176e-FRA
link
<https://www.sendgb.com/src/js/jquery.validate.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
mui-combined.min.js
cdn.muicss.com/mui-0.9.38/extra/
62 KB
13 KB
Script
General
Full URL
https://cdn.muicss.com/mui-0.9.38/extra/mui-combined.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:418 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a255f7339be3cdca2906640eb20969717cc88e2acd8d7d0dbf2dac7a8069fdc7

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
17708
x-envoy-upstream-service-time
2
cf-request-id
0a01e8de580000c29f110b9000000001
last-modified
Sat, 26 Dec 2020 08:05:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AzEyVF6gsWdn%2FU6B5VDLeUCMxkNGkB4lChvhDkMJt%2BdEjiA%2FiT2S2%2F4U201iURAlvYxxIGxBJnIkUVSHmha7U%2BMkjp2ahviVX756j5C54LPPV0sie2aZJaRbEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64e344108d5ec29f-FRA
expires
Wed, 12 May 2021 18:26:43 GMT
perfect-scrollbar.min.js
sendgb.b-cdn.net/src/js/
19 KB
7 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/perfect-scrollbar.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
ba5a0b541af8b1879049dc4662e53c76916d46f26b570101a8eff8af1c1fb902
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
565
cdn-cachedat
2021-05-10 03:28:36
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09f57d04400000dfc3bb848000000001
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A7Y9c4OUiHUjNAANoKnjmhiYnW6KcZbUfxgSqYXfK6q9OhHdEWJLIEjyUm9x8SvvSIOAcAzVm5f1tqXalc2JBd4Q9gAdJxJwWFbFvQEEHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
56a0162b9906c71a9ab9fe3290d17bc8
cdn-requestcountrycode
US
cf-ray
64cf644d3ab7dfc3-FRA
link
<https://www.sendgb.com/src/js/perfect-scrollbar.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
multiple-emails.js
sendgb.b-cdn.net/src/js/
12 KB
5 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/multiple-emails.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
7225c7ed5d81ba9fe7aaceb6b59093abc6502dd18c3a6d6059ab2d8c1ec465ba
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
cdn-cachedat
2021-05-11 16:08:38
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09fd5b3592000016f24a02f000000001
last-modified
Sun, 13 Dec 2020 19:12:19 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B92a1ig2EFTX6rqpbzdhS93Nvo3u%2Flm6C5XVZ6iVU89IKzeZwr7mUk0%2FMOBdbQljjSv2ZcJ%2B0DhgOSCWCOZF%2FuJRNK%2BhDNPSuAW3AEZpWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
ff02471d8326fa2840551e081e313e7e
cdn-requestcountrycode
US
cf-ray
64dbfb028a1416f2-FRA
link
<https://www.sendgb.com/src/js/multiple-emails.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
mdb.min.js
sendgb.b-cdn.net/src/mdb/js/
408 KB
129 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/mdb/js/mdb.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
5b7342dac6d3a1943e4e7f4136574ae766097ecadfea71d5d679ca7910800af3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
cdn-cachedat
2021-05-12 05:46:33
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a004807da00002bad2e235000000001
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mXmUknrqQDcSwOBV%2B64yeLVV3r6trjBD33fLby93YA07B8zIst1mK5aWU94myONI06TFIGMD6A0TuG0UKJ2OBZpH9rSAx1q51LYn6zjUXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
92becd915f87cb9aa73e674a1df82691
cdn-requestcountrycode
US
cf-ray
64e0a91fcff32bad-FRA
link
<https://www.sendgb.com/src/mdb/js/mdb.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
bootstrap.bundle.min.js
sendgb.b-cdn.net/src/mdb/js/
69 KB
23 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/mdb/js/bootstrap.bundle.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
723
cdn-cachedat
2021-05-12 11:26:40
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a017f6bff000005ed81afe000000001
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e4vNrPx8v5X93XVb37LxlCvqshe3wnlGuw3eAB5nMl%2FniJHh0W%2FF5B%2B29Fei0acMiO%2BvP9YNODHi2XGxbAsOJ83WT9EO%2BLuLsXf6c0vZIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
bb296a4a843cf1a0c251d613adcb864c
cdn-requestcountrycode
US
cf-ray
64e29b599d5505ed-FRA
link
<https://www.sendgb.com/src/mdb/js/bootstrap.bundle.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
popper.min.js
sendgb.b-cdn.net/src/mdb/js/
20 KB
8 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/mdb/js/popper.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
cdn-cachedat
2021-05-12 07:24:51
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a00a2074700004e5b30819000000001
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=acvvPv6CqWrMzgCwdDpFBUSvwQ1r7Ahtfje%2Fx3qVOtixLZueyAufCqJrFagE9uCaWINH2hASsIvgutJn%2FgSl0KKrICK6YPAcRYDLuEhgeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
a22d89726705cc8f947912699f3b013d
cdn-requestcountrycode
US
cf-ray
64e1391edc1f4e5b-FRA
link
<https://www.sendgb.com/src/mdb/js/popper.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
demo.js
sendgb.b-cdn.net/src/plugins/ion-sound/
2 KB
2 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/plugins/ion-sound/demo.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
82643bb981b98780b1a05ae44a9821b04638bce0f008e78b92d93a1268c64a8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
cdn-cachedat
2021-05-12 04:18:46
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09fff7aa4200004a91bb159000000001
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=48dU%2B1s9m3ipiMUwzvHsLB7fdKQgVb43YHLMMfn2146M1blN5QF%2F5DuVNRhMKDha7xl9p%2FZ3SB8EHOpBc5EUXKb1t1SAvjpeWKzFoMOdrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
9295b3cca9b272400fc5df57a397c8bb
cdn-requestcountrycode
US
cf-ray
64e0288a081a4a91-FRA
link
<https://www.sendgb.com/src/plugins/ion-sound/demo.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
ion.sound.js
sendgb.b-cdn.net/src/plugins/ion-sound/
28 KB
6 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/plugins/ion-sound/ion.sound.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
a102c0ba3835fdf4898ad229f14b68b879cc54063494a7ae0bf70c1aa82b3e27
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
601
cdn-cachedat
2021-05-10 08:46:58
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09f6a07a99000005d09d389000000001
last-modified
Sun, 26 Jul 2020 18:48:01 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9RUhIB1p6HTa8LoYxiz5s1%2FrJhowIFdUoq%2B5xVGk%2BhZOrp%2FEG7MH%2BTKyhJ3UFKD65tjFKMTIH1fI8gVg1wOG8JvqvOynGRUi0NOdrgJQgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
8c6861b227e450acd71233daaa2f79a4
cdn-requestcountrycode
US
cf-ray
64d136a42b2305d0-FRA
link
<https://www.sendgb.com/src/plugins/ion-sound/ion.sound.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
engine.js
sendgb.b-cdn.net/src/plugins/ion-sound/
3 KB
2 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/plugins/ion-sound/engine.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
cf1933deb1987bcaf3664b7656526c9099216391b640b5fd4e6b7c65472d25b1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
cdn-cachedat
2021-05-12 06:28:31
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a006e716e0000178689b8e000000001
last-modified
Sun, 26 Jul 2020 18:46:56 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=67n%2B4sUBeMFBJaAMYvQRTrQDiTA0wbEOMAKjKbQfAfUw3WqjC5xtcGZdmDR5HoBhONoAm9%2FTpF7bFPBTXHrx4%2FT4%2F%2BxP%2FhzT9zR%2BRV0koQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
03f32266ace0d47d12d74ca698f528c2
cdn-requestcountrycode
US
cf-ray
64e0e6957e421786-FRA
link
<https://www.sendgb.com/src/plugins/ion-sound/engine.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
jquery.rating.js
sendgb.b-cdn.net/src/js/
11 KB
3 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/jquery.rating.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
669262b59378f4a6e7a67129ad60d31b47ca5d5be734ed03db6575e241a30320
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
722
cdn-cachedat
2021-05-12 11:53:23
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
0a0197df8c00004a862b396000000001
last-modified
Sun, 26 Jul 2020 18:45:27 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B8eAUp9uBjkqxIUV19BAcI4jjFYXGjT7hL4zTkOfKisksbm4dWJ1tkcNJfeiJM6OAzZqzMag4l382KxnWVxqSZs%2BUyvlC3GNF0p%2B%2Bq4KYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
dc2fa311fc20b252e00ba9b48a529605
cdn-requestcountrycode
US
cf-ray
64e2c278dce44a86-FRA
link
<https://www.sendgb.com/src/js/jquery.rating.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
jquery-ui.min.js
code.jquery.com/ui/1.12.0/
247 KB
66 KB
Script
General
Full URL
https://code.jquery.com/ui/1.12.0/jquery-ui.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2016 17:14:47 GMT
server
nginx
etag
W/"577fdf87-3ddc9"
vary
Accept-Encoding
x-hw
1620818509.dop008.fr8.t,1620818509.cds230.fr8.hc,1620818509.cds154.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67684
jquery-3.4.0.min.js
sendgb.b-cdn.net/src/js/
86 KB
33 KB
Script
General
Full URL
https://sendgb.b-cdn.net/src/js/jquery-3.4.0.min.js?v=5.5.1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
cdn-cachedat
2021-05-11 23:23:37
cdn-pullzone
26154
strict-transport-security
max-age=0; includeSubDomains; preload
cf-request-id
09fee972fa00004e9d5c232000000001
last-modified
Sun, 26 Jul 2020 18:46:56 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nWKwyTB%2FNaPCwyCLE2o9%2FUzGYSRNYizhMIKTj1MLNqirckTf%2FgVvvEoZRjcAuvh0T%2BPB00p%2B9EXc5hIx67nQnPhJz8HYz7XtcEFyFHLuTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
90e83df695441d7fbcd48edf4a4866fc
cdn-requestcountrycode
US
cf-ray
64de78318abf4e9d-FRA
link
<https://www.sendgb.com/src/js/jquery-3.4.0.min.js?v=5.5.1>; rel="canonical"
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
142 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49908
x-xss-protection
0
server
cafe
etag
13815580874420029976
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 12 May 2021 11:21:50 GMT
js
www.paypal.com/sdk/
291 KB
90 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aba39b35515c23ce1375962e32f7c56722dc370490f9ba084720324b5a5719d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
9977
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
p3p
true
paypal-debug-id
8f7832684e005
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
90969
x-xss-protection
1; mode=block
x-served-by
cache-hhn4043-HHN, cache-fra19152-FRA
x-timer
S1620818510.908114,VS0,VE2
x-frame-options
SAMEORIGIN
date
Wed, 12 May 2021 11:21:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 12 May 2021 09:35:33 GMT
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"16359-bhRMK8DC/iVsUz99NstHYM5UZoU"
accept-ranges
bytes
x-cache-hits
0, 1
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.sendgb.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617, 617
age
1663624
cdn-cachedat
2021-04-23 07:11:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
0a01e8d8d00000bef615801000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5a6b001db97f1698b00c87094a0e7c3f
accept-ranges
bytes
cf-ray
64e34407bdf7bef6-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Origin
https://www.sendgb.com
Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:50 GMT
last-modified
Thu, 21 Mar 2019 21:32:28 GMT
server
NetDNA-cache/2.2
etag
"418dad87601f9c8abd0e5798c0dc1feb"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74256
Roboto-Regular.woff2
sendgb.b-cdn.net/src/mdb/font/roboto/
48 KB
49 KB
Font
General
Full URL
https://sendgb.b-cdn.net/src/mdb/font/roboto/Roboto-Regular.woff2
Requested by
Host: sendgb.b-cdn.net
URL: https://sendgb.b-cdn.net/src/mdb/css/mdb.min.css?v=5.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.sendgb.com
Referer
https://sendgb.b-cdn.net/src/mdb/css/mdb.min.css?v=5.5.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:50 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-11 11:06:54
cdn-pullzone
26154
content-length
49236
cf-request-id
09fc46f5dd0000dfef5b39e000000001
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Sun, 26 Jul 2020 18:46:56 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aWw9fPRVcrFYelbjTpBSMj9MovaoMHLWawtFjg9z8W81R5NRv5bM5aNWfimszEmK1DVwAxYsrE9SQMcYcSQjTZ%2FfLF9ZvcWGeg6CETBRHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
54a80a019fd5559c55b08f0154deee1f
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64da4102ff17dfef-FRA
link
<https://www.sendgb.com/src/mdb/font/roboto/Roboto-Regular.woff2>; rel="canonical"
cdn-requestpullsuccess
True
Roboto-Bold.woff2
sendgb.b-cdn.net/src/mdb/font/roboto/
49 KB
50 KB
Font
General
Full URL
https://sendgb.b-cdn.net/src/mdb/font/roboto/Roboto-Bold.woff2
Requested by
Host: sendgb.b-cdn.net
URL: https://sendgb.b-cdn.net/src/mdb/css/mdb.min.css?v=5.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-199.datapacket.com
Software
BunnyCDN-DE1-722 /
Resource Hash
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.sendgb.com
Referer
https://sendgb.b-cdn.net/src/mdb/css/mdb.min.css?v=5.5.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:50 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
632
age
1883
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-06 12:30:06
cdn-pullzone
26154
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
49976
cf-request-id
09e2d356b700002bc6ca18b000000001
access-control-allow-origin
*
last-modified
Sun, 26 Jul 2020 18:46:56 GMT
server
BunnyCDN-DE1-722
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5xXn13barUzU6CyOyaVA%2BMaLk94KBoqswxBCFnUXNhKuQvWT0WJ5V3HkNxmh1f4HbzlSJXiXJpwv8HIDF0r%2FZC675JxdvyhOpOrbBI0MOQ%3D%3D"}]}
content-type
font/woff2
cdn-cache
HIT
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
5303fa7625f5caab4687d57b0c2e03b1
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64b188045c172bc6-FRA
link
<https://www.sendgb.com/src/mdb/font/roboto/Roboto-Bold.woff2>; rel="canonical"
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/
90 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PX7DLT2
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/upload/?utm_source=sHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0d741ffc7bfab4e8a4142873c8069a22a7ed46b787048047cea215f9169c7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35528
x-xss-protection
0
last-modified
Wed, 12 May 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 May 2021 11:21:50 GMT
Cookie set result
www.sendgb.com/cdn-cgi/bm/cv/
0
1007 B
XHR
General
Full URL
https://www.sendgb.com/cdn-cgi/bm/cv/result?req_id=64e344035b7e073e
Requested by
Host: www.sendgb.com
URL: https://www.sendgb.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:446f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.sendgb.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
__cflb=02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKfMtbqo3BiZhYS; sendgb_ses=3biect9c65vp24sbv23hkequn5; l_code_3=en
Connection
keep-alive
Content-Length
445
Pragma
no-cache
Host
www.sendgb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
*/*
Cache-Control
no-cache
Referer
https://www.sendgb.com/
Sec-Fetch-Site
same-origin
Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 12 May 2021 11:21:50 GMT
Vary
Accept-Encoding
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security
max-age=0; includeSubDomains; preload
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aorT%2B3mEucPFN64g34PM%2BSDORnIMAmf1gwLlSxc4%2FP0eRdkIYMjOGBHqj98j%2FUyc2PVxJKb2Cho%2BxdjrVmCjWMkuYouJJEGod%2F%2BkMIDNzmw2hcop2C2eQBAX7g%3D%3D"}],"group":"cf-nel","max_age":604800}
Set-Cookie
__cf_bm=3d9d193df4b196b199fe28643166c575a572bfbc-1620818510-1800-AaGoytEEnake4Up6UsB4xkF3VWGQw2kcWnI+wXDfUsA8mFciR+/AhZVWz9D+5yN/P1GNcQHA+i6VY0ffBT4b/6pHYTtp3LtZGb3sulO1Ql84KySz4eLzu3LhS6voSxjaawYVpFIa+N6PcD/uG55y4vY=; path=/; expires=Wed, 12-May-21 11:51:50 GMT; domain=.sendgb.com; HttpOnly; Secure; SameSite=None
Connection
keep-alive
CF-RAY
64e3440b0a964eda-FRA
cf-request-id
0a01e8dae600004eda5396e000000001
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/
223 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84099
x-xss-protection
0
server
cafe
etag
12011922212658401594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 12 May 2021 11:21:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame 029A
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210510/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sendgb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sendgb.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 11 May 2021 18:01:56 GMT
expires
Tue, 25 May 2021 18:01:56 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
62395
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pptm.js
www.paypal.com/tagmanager/
14 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.sendgb.com&t=xo&v=5.0.227&source=payments_sdk&client_id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f625b342312ce4478f03121fedb5abb55a5b03a71cedd1d2c2cfac9583a34f0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-cob3mRCB4Q1oMqHJSOHYgmpEwdqgsg4k752KRIk7q0F51/mi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-cob3mRCB4Q1oMqHJSOHYgmpEwdqgsg4k752KRIk7q0F51/mi' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
44970
x-cache
HIT, HIT
paypal-debug-id
5b54f5343f679
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4824
x-xss-protection
1; mode=block
x-served-by
cache-hhn4057-HHN, cache-fra19152-FRA
x-timer
S1620818512.729117,VS0,VE1
x-frame-options
SAMEORIGIN
date
Wed, 12 May 2021 11:21:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"3607-TUESMqD6aYpBIvgmnz7Dgel6AZM"
accept-ranges
bytes
x-cache-hits
1, 14
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
142 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49908
x-xss-protection
0
server
cafe
etag
13815580874420029976
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 12 May 2021 11:21:51 GMT
buttons
www.paypal.com/smart/ Frame 2CC2
228 KB
97 KB
Document
General
Full URL
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4be3ddba480d3da340e16b96e968191fc5fd8f50e349fe192e92833458c23954
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sendgb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sendgb.com/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"38e4f-xyGyjaM+q4ftOkRA23atVAE1zNA"
p3p
true
paypal-debug-id
a67d4e9de372
set-cookie
tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Sat, 15 May 2021 11:21:51 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Wed, 12 May 2021 11:51:51 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1715512911%26vteXpYrS%3D1620820311%26vr%3D604fc8521790a7886e34e1bfffa2a558%26vt%3D604fc8521790a7886e34e1bfffa2a557%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sat, 11 May 2024 11:21:51 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D604fc8521790a7886e34e1bfffa2a558%26vt%3D604fc8521790a7886e34e1bfffa2a557; Path=/; Domain=paypal.com; Expires=Sat, 11 May 2024 11:21:51 GMT; Secure; SameSite=None x-cdn=fastly:FRA; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Wed, 12 May 2021 11:21:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn11544-HHN, cache-fra19152-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1620818512.854644,VS0,VE213
vary
Accept-Encoding
content-encoding
br
truncated
/ Frame 79CB
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX7DLT2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3299
date
Wed, 12 May 2021 10:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 12 May 2021 12:26:52 GMT
conversion_async.js
www.googleadservices.com/pagead/
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX7DLT2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14057
x-xss-protection
0
server
cafe
etag
15306424688967737279
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 12 May 2021 11:21:51 GMT
cookie.js
partner.googleadservices.com/gampad/
200 B
640 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.sendgb.com&callback=_gfp_s_&client=ca-pub-3672675116345653
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
b0d1fb6d1593fde97aee455618a8c264ed08d9abb93a3899fc0c691fad953837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tn=DIV&id=loading&ign=false
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sendgb.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
313 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sendgb.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 80D0
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&adk=1559050123&adf=2739833515&lmt=1620818512&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511566&bpp=26&bdt=2028&idt=551&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8231259228626&frm=20&pv=2&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=675
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3672675116345653&output=html&adk=1559050123&adf=2739833515&lmt=1620818512&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511566&bpp=26&bdt=2028&idt=551&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8231259228626&frm=20&pv=2&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=675
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sendgb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sendgb.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 12 May 2021 11:21:52 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 12-May-2021 11:36:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 11:21:52 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696588139699"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Wed, 12 May 2021 11:21:52 GMT
muse.js
www.paypalobjects.com/muse/
66 KB
18 KB
Script
General
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.sendgb.com&t=xo&v=5.0.227&source=payments_sdk&client_id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ed2f2d7c628db91a04792253a2b3311211902eb9be34c3b28c40acd0ca26d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 20:16:33 GMT
etag
W/"60944ea1-10826"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
54b6c8113701d
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=31536000
dc
phx-origin-www-1.paypal.com
content-length
17902
expires
Wed, 12 May 2021 11:21:52 GMT
ts
t.paypal.com/
42 B
510 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A4RQRGB7XMVPX8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A4RQRGB7XMVPX8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=9c15c1c2-6279-4f14-882c-c6873838ec83&fltp=analytics&mrid=4RQRGB7XMVPX8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1620818512279&g=-120&completeurl=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:52 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1620818512.294057,VS0,VE162
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slca.slc
expires
Wed, 12 May 2021 11:21:52 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11534-HHN, cache-fra19172-FRA
ec.js
www.google-analytics.com/plugins/ua/
3 KB
3 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 10:46:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2104
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2779
x-xss-protection
0
expires
Wed, 12 May 2021 11:46:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 689C
72 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8faf748685a3f096f64ae64452823ed3dbe9470f3e1f0bc788edcc6112e0f46a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sendgb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmxdzdPxTMu4esXsPE7xzYtfm6wtpCyFrE1UYU0sJ1cYJVhJRrq_QI2U-lL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sendgb.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 12 May 2021 11:21:54 GMT
server
cafe
content-length
25749
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.googleadservices.com/pagead/conversion/977766457/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/977766457/?random=1620818512447&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
fadb40e79a84c08cada08286b8f6c281105fab704cc5aa10ef71758aeeb7c8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/977766457/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977766457/?random=1620818512457&cv=9&fst=1620818512457&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f51ca50a278d2b7a72342deb0a17f60ae3501509d97c053347de6f4006c8c16f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1050
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
85 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-60745031-1&cid=1233291239.1620818512&jid=133965595&gjid=634225240&_gid=1054117159.1620818512&_u=aChAgEALAAAAAE~&z=1119127745
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 12 May 2021 11:21:52 GMT
content-type
text/plain
access-control-allow-origin
https://www.sendgb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1602053499&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&ul=en-us&de=UTF-8&dt=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgEAL~&jid=133965595&gjid=634225240&cid=1233291239.1620818512&tid=UA-60745031-1&_gid=1054117159.1620818512&gtm=2wg550PX7DLT2&z=1128723150
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 May 2021 22:33:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46132
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame FA7D
220 KB
66 KB
Document
General
Full URL
https://www.paypalobjects.com/muse/analytics/index.html?frameId=9a02cb63-0cdd-4523-8bce-abf98549a3cc&propertyId=4RQRGB7XMVPX8-1&flow=visitor-info&variant=analytics&mrid=4RQRGB7XMVPX8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68f623d1ece2bb2668c8bb516492ef372b518f6d7474cf6c8aadb39a07d7f501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.paypalobjects.com
:scheme
https
:path
/muse/analytics/index.html?frameId=9a02cb63-0cdd-4523-8bce-abf98549a3cc&propertyId=4RQRGB7XMVPX8-1&flow=visitor-info&variant=analytics&mrid=4RQRGB7XMVPX8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sendgb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sendgb.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
W/"60944ea1-36fcd"
last-modified
Thu, 06 May 2021 20:16:33 GMT
paypal-debug-id
ecc6036e7f705
surrogate-control
max-age=31536000
dc
phx-origin-www-2.paypal.com
content-length
67331
expires
Wed, 12 May 2021 11:21:53 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Wed, 12 May 2021 11:21:53 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
js
www.paypal.com/sdk/ Frame 2CC2
291 KB
90 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aba39b35515c23ce1375962e32f7c56722dc370490f9ba084720324b5a5719d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PkFwieHAOlzO88GtMrCoQiIYcrwLAj/kVzgKrk0uYFmgapGY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
9981
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
p3p
true
paypal-debug-id
8f7832684e005
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
90969
x-xss-protection
1; mode=block
x-served-by
cache-hhn4043-HHN, cache-fra19152-FRA
x-timer
S1620818514.636414,VS0,VE1
x-frame-options
SAMEORIGIN
date
Wed, 12 May 2021 11:21:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 12 May 2021 09:35:33 GMT
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"16359-bhRMK8DC/iVsUz99NstHYM5UZoU"
accept-ranges
bytes
x-cache-hits
0, 2
truncated
/ Frame 2CC2
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.google.de/pagead/1p-conversion/977766457/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=250505...
  • https://www.google.com/pagead/1p-conversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=160...
  • https://www.google.de/pagead/1p-conversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ULqbYJniLt3U7_UP9fCNsAs&cid=CAQSKQCNIrLMr4wvEU1irHXgZRZ9mkfXe_bDcsDL2HHHNMpT90opWqKGdobD&eitems=ChEI8PnthAYQ3YTz9c-u-6iOARIdABXJKBT7Tyi1ftTNsvZ6_R4Na2q18z9FlULgD-0&random=2337965902&resp=GooglemKTybQhCsO&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/977766457/?random=924171514&cv=9&fst=1620818512447&num=1&value=0&label=lrALCPTl350BELmQntID&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ULqbYJniLt3U7_UP9fCNsAs&cid=CAQSKQCNIrLMr4wvEU1irHXgZRZ9mkfXe_bDcsDL2HHHNMpT90opWqKGdobD&eitems=ChEI8PnthAYQ3YTz9c-u-6iOARIdABXJKBT7Tyi1ftTNsvZ6_R4Na2q18z9FlULgD-0&random=2337965902&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/977766457/
42 B
138 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/977766457/?random=1620818512457&cv=9&fst=1620817200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&async=1&fmt=3&is_vtc=1&random=2572839198&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/977766457/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/977766457/?random=1620818512457&cv=9&fst=1620817200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg550&sendb=1&frm=0&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&tiba=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&async=1&fmt=3&is_vtc=1&random=2572839198&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
noop.js
www.paypalobjects.com/muse/ Frame FA7D
18 B
352 B
Fetch
General
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html?frameId=9a02cb63-0cdd-4523-8bce-abf98549a3cc&propertyId=4RQRGB7XMVPX8-1&flow=visitor-info&variant=analytics&mrid=4RQRGB7XMVPX8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/muse/analytics/index.html?frameId=9a02cb63-0cdd-4523-8bce-abf98549a3cc&propertyId=4RQRGB7XMVPX8-1&flow=visitor-info&variant=analytics&mrid=4RQRGB7XMVPX8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
1a82e8f517fa8
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
18
x-client-location
DE
pragma
no-cache
last-modified
Thu, 04 Feb 2021 18:25:25 GMT
etag
"601c3c15-12"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Wed, 12 May 2021 11:21:54 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame 2CC2
877 B
1 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c6d51d22790ac934bdc13c0f6a969dbde2f6a3d2f88610791030cf441b05805
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
88e79a1f363cb
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4062-HHN, cache-fra19152-FRA
x-timer
S1620818514.087868,VS0,VE162
etag
W/"36d-gwGHbrvtJJct++LFtsFzliLnaGU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 2CC2
864 B
689 B
Ping
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
762d1eccbe8ddc81134dde2bdd63dbca047b04f9f8b46aa332672cc613569c8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=black&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhHZkxGZDRmSTd6N1RRa2s4U0tOeExIVWk3T3pLT0RzcWMyUGE2czZadzdEUTVYajNubmQyeUJuQThnZlVmRUZQUGttUzlGN3VUbjQ1UWkmY3VycmVuY3k9RVVSIiwiYXR0cnMiOnsiZGF0YS11aWQiOiIzMGUxODQ0YmZhX210ZTZtamU2bnRlIn19&clientID=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&sdkCorrelationID=676dedf7fe237&storageID=6fd083e4dc_mte6mje6nte&sessionID=1c33e20905_mte6mje6nte&buttonSessionID=ad20d9953a_mte6mje6nte&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
a425765e9a379
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn11581-HHN, cache-fra19152-FRA
x-timer
S1620818514.097552,VS0,VE166
etag
W/"360-b9cUCl9sZnwtcvDDvAFu9qfQH14"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
8c94e3e1981793dbfe39.chunk.js
www.paypalobjects.com/muse/analytics/chunk/ Frame FA7D
7 KB
3 KB
Script
General
Full URL
https://www.paypalobjects.com/muse/analytics/chunk/8c94e3e1981793dbfe39.chunk.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html?frameId=9a02cb63-0cdd-4523-8bce-abf98549a3cc&propertyId=4RQRGB7XMVPX8-1&flow=visitor-info&variant=analytics&mrid=4RQRGB7XMVPX8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b9ca8f2d3b659c9747a3dab679a9bea4aff5f26cab43223e560893371f50bc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypalobjects.com/muse/analytics/index.html?frameId=9a02cb63-0cdd-4523-8bce-abf98549a3cc&propertyId=4RQRGB7XMVPX8-1&flow=visitor-info&variant=analytics&mrid=4RQRGB7XMVPX8&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 20:16:33 GMT
etag
W/"60944ea1-1a55"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
927f37b3ec2e8
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-1.paypal.com
content-length
2659
expires
Wed, 12 May 2021 11:21:54 GMT
ts
t.paypal.com/
42 B
489 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A4RQRGB7XMVPX8-1&page=muse%3Aoffer%3A%3A%3A4RQRGB7XMVPX8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=9c15c1c2-6279-4f14-882c-c6873838ec83&es=visitorInfoFlowStarted&mrid=4RQRGB7XMVPX8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1620818514180&g=-120&completeurl=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:54 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1620818514.186797,VS0,VE159
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slca.slc
expires
Wed, 12 May 2021 11:21:54 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11532-HHN, cache-fra19172-FRA
graphql
www.paypal.com/targeting/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.paypalobjects.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
5d2fc135dc405
dc
phx-origin-www-2.paypal.com
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
date
Wed, 12 May 2021 11:21:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4059-HHN, cache-fra19143-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1620818514.211018,VS0,VE171
graphql
www.paypal.com/targeting/ Frame FA7D
435 B
1 KB
Fetch
General
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/chunk/8c94e3e1981793dbfe39.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e7b4ac1f0bda4d37b9a49e005259699e3ee451abd74effc6deaf4c02906b378
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ahFqw/P+VLmNn5oY19cWLyVbSIV7yI2djTgtLy1G4Ll7WLil' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-ahFqw/P+VLmNn5oY19cWLyVbSIV7yI2djTgtLy1G4Ll7WLil' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
ea26e3b3f9c41
date
Wed, 12 May 2021 11:21:54 GMT
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn11526-HHN, cache-fra19152-FRA
x-timer
S1620818514.402048,VS0,VE250
x-frame-options
SAMEORIGIN
etag
W/"1b3-Pv+zHyZlOAcJHdZ5nnBqzD04wz8"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
content-encoding
br
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
m-outer-0369f5784d64b5d8df5e262d4b12f588.html
js.stripe.com/v3/ Frame 4085
215 B
533 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sendgb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sendgb.com/

Response headers

x-amz-id-2
LM2/XV9S90ziItfwVgNI8MNCb4+FYqM3nzgTyIFN1okx3j5YIqavgX9/MewQ84/YbqOKHkKipZM=
x-amz-request-id
50E6Q0VV7QA0BXP8
last-modified
Mon, 03 May 2021 20:41:45 GMT
etag
"0369f5784d64b5d8df5e262d4b12f588"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Wed, 12 May 2021 11:21:54 GMT
via
1.1 varnish
age
82
x-served-by
cache-fra19175-FRA
x-cache
HIT
x-cache-hits
123
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
129
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8eb447b749043072296a5e0896f9583eb8821e80a9d8c45969ce758176e9d198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 11:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7782
x-xss-protection
0
sendgb.mp3
cdn.sendgb.com/src/plugins/ion-sound/sounds/
39 KB
40 KB
XHR
General
Full URL
https://cdn.sendgb.com/src/plugins/ion-sound/sounds/sendgb.mp3?1620818514337
Requested by
Host: sendgb.b-cdn.net
URL: https://sendgb.b-cdn.net/src/plugins/ion-sound/ion.sound.js?v=5.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-197.datapacket.com
Software
BunnyCDN-DE1-487 /
Resource Hash
2cdf01843b513efbec95706f4c28221b52ee8d2520e1351bad8d63555f705637
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
487
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
2021-05-12 11:21:54
cdn-pullzone
26154
content-length
39450
cf-request-id
0a01e8e9ce00004edf5d844000000001
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Sun, 26 Jul 2020 18:45:28 GMT
server
BunnyCDN-DE1-487
cdn-requestpullcode
206
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9vAG5oUidfZQBJv8mn5me3uX1XA3A4UkhR90CHTFIkXiQvJmU%2BgsoeKmi0OqbhgoVzXEtCszFIgykRvkdAS5zEgQK4nCvgjT14A6n%2B7Dfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cdn-cache
MISS
cdn-uid
7e35c5a2-57de-4fb0-b864-fa6aea99f095
cache-control
public, max-age=31919000
cdn-requestid
1533e657457d4b24ca7e2e086eca9e86
cdn-requestcountrycode
US
accept-ranges
bytes
cf-ray
64e34422eb0f4edf-FRA
link
<https://www.sendgb.com/src/plugins/ion-sound/sounds/sendgb.mp3?1620818514337>; rel="canonical"
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 689C
3 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 10:06:20 GMT
server
ESF
date
Wed, 12 May 2021 11:21:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 11:21:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3672675116345653&plah=www.sendgb.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 12 May 2021 11:21:54 GMT
logger
www.paypal.com/xoplatform/logger/api/
862 B
998 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXGfLFd4fI7z7TQkk8SKNxLHUi7OzKODsqc2Pa6s6Zw7DQ5Xj3nnd2yBnA8gfUfEFPPkmS9F7uTn45Qi&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6ec5fc2810ce23ca32f4a81eeabc6ad7238a0ea01a5f8ad2ec6722e0372b1e4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
90b725fd253e1
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4020-HHN, cache-fra19143-FRA
x-timer
S1620818515.553902,VS0,VE171
etag
W/"35e-xHhgMGpUc9fHb74HpJK3Fx+LlrM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sendgb.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame
0
0
Preflight
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.sendgb.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.sendgb.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
c05826a6ee6f6
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
date
Wed, 12 May 2021 11:21:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn11536-HHN, cache-fra19143-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1620818514.367027,VS0,VE176
content-encoding
br
vary
accept-encoding
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 689C
1 KB
990 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 11:18:40 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 689C
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
8099588968410230469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 11:20:03 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 689C
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 11:10:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 689C
116 KB
35 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696594685118"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36097
x-xss-protection
0
expires
Wed, 12 May 2021 11:21:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 689C
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 11:21:06 GMT
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 689C
25 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 08:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 07:08:25 GMT
server
sffe
age
8553
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Tue, 10 Aug 2021 08:59:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 689C
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMF6UUbqbYL-CH4TCmwe7xaCQA-3Zn8xi_oKDg_UM2tkeEAEgxav-e2CVAqAByLGpzQPIAQGoAwHIA8sEqgTSAU_QfliEN43Ga3g_4ePG8R2LsXacS9F0k92oNiICoNEAmR9wPuHSKPC0_vIxD8niqU_0OQGhiHRow8Amob68GKu6vYZBVkbK-ohtCviKsEEpZl4J-wH57VCxux19HQKRIO3ipIBAHOuF1PN5oo0jBrJsIvq_3gZMKMmI3IEiLM9yxRtOSDC3G--kTpopbUzfZcGoqBFsbCQCmFO1zA8h-4wZirH-AQ8WsNMXzkXzKalsIy31Pw0xPYReYzN6JraKBb2hNdSv2nxZeS9yVY7i2zjNE8AEhr_vpKIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB-Tq4jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwUQ8rDRA9IICQiA4YAQEAEYH4AKAcgLAdgTDIgUBNAVAYAXAbIXGgoYCAASFHB1Yi0zNjcyNjc1MTE2MzQ1NjUz&sigh=f4wtkHJDDnc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 12 May 2021 11:21:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
m-outer-b43290c4d50222c50d9f53f06af22482.js
js.stripe.com/v3/fingerprinted/js/ Frame 4085
1 KB
810 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-0369f5784d64b5d8df5e262d4b12f588.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:54 GMT
content-encoding
br
vary
Accept-Encoding
age
281
via
1.1 varnish
x-cache
HIT
content-length
628
x-amz-id-2
A82wmh9WghK3jKvi5doo9tw2jNc+dJf4HRwnT8XKQp81gTcdmixgwZvOm1RKCeP6QqxdzSrBIes=
x-served-by
cache-fra19175-FRA
timing-allow-origin
*
last-modified
Mon, 03 May 2021 20:41:41 GMT
server
AmazonS3
etag
"356a16407e7a019ffdf35f454b7438a9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
ABGAZ7Q1EZ7SZEPP
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
347
s
googleads.g.doubleclick.net/pagead/drt/ Frame AF87
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmxdzdPxTMu4esXsPE7xzYtfm6wtpCyFrE1UYU0sJ1cYJVhJRrq_QI2U-lL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 12 May 2021 10:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1484
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 03CF
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 12 May 2021 06:38:34 GMT
expires
Thu, 13 May 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
17000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 689C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6e509cffb64f288e476236b981cfdec0e33b8b995c15226f4b904f0ff07bd1e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2E2A
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sendgb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sendgb.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 12 May 2021 11:11:51 GMT
expires
Thu, 12 May 2022 11:11:51 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
603
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
inner.html
m.stripe.network/ Frame BF74
33 KB
13 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b43290c4d50222c50d9f53f06af22482.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:ca00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx
last-modified
Fri, 04 Dec 2020 19:17:49 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
date
Wed, 12 May 2021 11:19:54 GMT
cache-control
public, max-age=300
etag
W/"5fca8b5d-84a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
SE-HSpWBNGaqQxpbOUONxmp46s-kkKDmiAYsCq8r2TWIjL_St2dsjw==
age
122
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 689C
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
553792
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 06 May 2022 01:32:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 689C
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
553823
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 06 May 2022 01:31:31 GMT
ts
t.paypal.com/
42 B
489 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A4RQRGB7XMVPX8-1&page=muse%3Aoffer%3A%3A%3A4RQRGB7XMVPX8-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=9c15c1c2-6279-4f14-882c-c6873838ec83&es=visitorInfo&mrid=4RQRGB7XMVPX8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=SendGB%20%7C%20Send%20Large%20Files%20%7C%20Free%20file%20transfer&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1620818514958&g=-120&completeurl=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:55 GMT
via
1.1 varnish, 1.1 varnish
server
akka-http/10.1.11
x-timer
S1620818515.968808,VS0,VE158
x-cache
MISS, MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator
slca.slc
expires
Wed, 12 May 2021 11:21:55 GMT
cache-control
no-cache, no-store, max-age=0, no-transform
x-cache-hits
0, 0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn11538-HHN, cache-fra19172-FRA
dpixel
cms.quantserve.com/ Frame 03CF
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBXYLiSj9o81-UkRbYK7qa0&google_cver=1&google_push=AQvitULe-pePK84BFNILqCqGg3BG02uWo2TEL9OPmABML3hQyVC_Zxye6R0XHFTvgghtBQIKtmh6nce0pz1KE-FYlrJ2PzU_DBKLEg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 03CF
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIRIHBwFxqFQKogVvCkVXsk&google_cver=1&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qrug
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIRIHBwFxqFQKogVvCkVXsk&google_cver=1&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qru...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qrug&google_hm=oSJPmbSCwMYn9bpjK6LW3A==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qrug&google_hm=oSJPmbSCwMYn9bpjK6LW3A==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:54 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKaBsTjw1DX10ZRyuHqnFTAoMv8yXAZSXKw36jfUKYyqA1OyPBVO_HIS9HMYl_BPfU_MyTHQZrQBdULlRzxVApMrXCZn5qrug&google_hm=oSJPmbSCwMYn9bpjK6LW3A==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
tfoehc59odikvujsbsl16ml963r86mku
pixel
cm.g.doubleclick.net/ Frame 03CF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-tRFQ4kQy2D4572lyQSwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-tRFQ4kQy2D4572lyQSwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJ7zwY_sxM5ev_9nP9ef_VBifcB7FI4YL7UqNXRmodFQyWnw454xtyClNG15GjW98ffdVwF-8S8LvQeiRufL28ptJ36msTtmw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P-tRFQ4kQy2D4572lyQSwA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJ7zwY_sxM5ev_9nP9ef_VBifcB7FI4YL7UqNXRmodFQyWnw454xtyClNG15GjW98ffdVwF-8S8LvQeiRufL28ptJ36msTtmw
Date
Wed, 12 May 2021 11:21:53 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 03CF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOqwzlgOvvbJPGKtbROvqQU&google_cver=1&google_push=AQvitULf5PujzObsbIDo_2vo5lIQ8V7VqW0SMOF7a3DDB0l0cWQyYKzzof5I0jpYED8bQCCPre2...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREhVOTYtMTItREZHRw==&google_push=AQvitULf5PujzObsbIDo_2vo5lIQ8V7VqW0SMOF7a3DDB0l0cWQyYKzzof5I0jpYED8bQCCPre2EMFsylCy3pul1CCgrF-l8RkHigg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREhVOTYtMTItREZHRw==&google_push=AQvitULf5PujzObsbIDo_2vo5lIQ8V7VqW0SMOF7a3DDB0l0cWQyYKzzof5I0jpYED8bQCCPre2EMFsylCy3pul1CCgrF-l8RkHigg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09MREhVOTYtMTItREZHRw==&google_push=AQvitULf5PujzObsbIDo_2vo5lIQ8V7VqW0SMOF7a3DDB0l0cWQyYKzzof5I0jpYED8bQCCPre2EMFsylCy3pul1CCgrF-l8RkHigg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 03CF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4...
0
0

/
cc.adingo.jp/adx/push/ Frame 03CF
0
44 B
Image
General
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEBfUMimLMJwrdJcO3y9gDPc&google_cver=1&google_push=AQvitUIby_tWZkFKGtnh_WL4n-AFUDKFap4ypY1Jb1XXE4b9l6-LDDQVnVtTIWTKEwPzg9h4chakBVin8-lXsihAWxgB8sLEXGVt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.196.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-196-226.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:55 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 03CF
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEABSnY6frP-pYYZOM0CF9lw&google_cver=1&google_push=AQvitUJQrWcaxJ6SYQ2JpaxD...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJQrWcaxJ6SYQ2JpaxDNW7D08YVBLai5uzj5RgKcGMKtOMyPk6ElbSDJj2bomPsmhNvWBWZESlEo0PRi8M8Fv7l0om6w6K0n7k&google_hm=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJQrWcaxJ6SYQ2JpaxDNW7D08YVBLai5uzj5RgKcGMKtOMyPk6ElbSDJj2bomPsmhNvWBWZESlEo0PRi8M8Fv7l0om6w6K0n7k&google_hm=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:55 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJQrWcaxJ6SYQ2JpaxDNW7D08YVBLai5uzj5RgKcGMKtOMyPk6ElbSDJj2bomPsmhNvWBWZESlEo0PRi8M8Fv7l0om6w6K0n7k&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 11 May 2021 11:21:55 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 03CF
0
227 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFVdt0o3W0ZYMTiNL6_2vleWg48idYJnfMDVI8srZUa5X-EUuWMokZi7ReJvcBHTW__LM4Qw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 11:21:55 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame AF87
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmxdzdPxTMu4esXsPE7xzYtfm6wtpCyFrE1UYU0sJ1cYJVhJRrq_QI2U-lL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 12 May 2021 11:21:55 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 12-May-2021 12:21:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 11:21:55 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 12 May 2021 11:21:55 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 0E8C
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672675116345653&output=html&h=280&slotname=1789935411&adk=2871120342&adf=2781362899&pi=t.ma~as.1789935411&w=728&fwrn=4&fwrnh=100&lmt=1620818512&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.sendgb.com%2Fupload%2F%3Futm_source%3DsHSNoGWBrQd&flash=0&fwr=0&rh=300&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620818511709&bpp=7&bdt=2171&idt=717&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8231259228626&frm=20&pv=1&ga_vid=1233291239.1620818512&ga_sid=1620818512&ga_hid=1602053499&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=542&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060711%2C31060828&oid=3&pvsid=1075856578979460&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j8PERGHYwp&p=https%3A//www.sendgb.com&dtd=725
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 10:37:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
2648
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 12 May 2022 10:37:47 GMT
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 2E2A
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 10:37:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
2648
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 12 May 2022 10:37:47 GMT
6
m.stripe.com/ Frame BF74
156 B
518 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.167.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-167-254.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
30a7a41122bac661cacf04306ce32052a03030b924d18029760626f5f8351216
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 May 2021 11:21:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
activeview
pagead2.googlesyndication.com/pcs/ Frame 689C
42 B
501 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnzbGPZVuHuBelPasApuLbLY8mlGXP09TBWuqN2maFPnxZkjNFdXyaGsL7NweYILxmC54KPAN0CP7QipHq1tMXrXOyATME489HqsfJTPxiun58YgYyzS1vIvwr7A&sai=AMfl-YRNpb29utN038btRtJdefO5rmmgqwsnRKgIuH9jTzVJe-3kFB-O2M5SHcWt3OeUhwpF_hbQF77ZaXgj6XHHLKzFxf68NjmXR7s&sig=Cg0ArKJSzELfIW_UCcShEAE&cid=CAASF-RoDHY668g3eTMYV1-3KlY054aFY6O6&id=lidar2&mcvt=1000&p=890,542,1170,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2871120342&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620818512441&dlt=1773&rpt=103&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210510&jk=1075856578979460&bg=!JCelJ2PNAAY59bwoOfU7ACkAdvg8Wg4hvumkzGR7t23yGu1cD6LYkdfzwbk6hJdEqcBO21w9-mdVdwIAAAHZUgAAABpoAQcKABgRDUWObPtMPfr1J_y9X1vfJqfhv9BlCKGZAkgjWlWQ62xGntbI2NhvwnG1BUPj4rQCbjDwXhdmmjWVKyBlnAbWicIhCN0QYl8AKFKkfvEElkNJeFce6GHGTgH_0S60ibbPADlU0VUfoV19Zkm3Nxisi_fQKsPPaBUEJvrsLmBlFI0DPyR93x5lzp5BvgJKSTttqpCnFmaJsIQ1wloJ0d1N89cfxLFxmKOeA_yfSYgEjy1OH7B5_8-dNQYFqL3mHieM48ERMqMURPBv_RnihgrIK1d5-0ymv5udE3ycpCk3-ffIPIEFfyibRXW8BEoGpI7ofS4P05DDjarw7FhKyR3fQybX8ChbEX_xrXQCRBjZTuvEnnqyK0dwFF0iU9yI9Yj8C__wiATQMN29mUrhrF69u9kvflIQ75iCiS7pwYdfgPb8Scj3Fh5gol-b-LAfFCE_qoJPVBQViJqkZoO0NLVEtkjzsHnOQKR2K1mr4jty4PopTeD3X3ZV5wJgbI_wTwZf3fj5KWd84qyYGIq9iXMGctQ33mNtW4mgS_7uWzNxtEZKasVBWzDGXZFSUvBQVtzepxscIbHsQz6u51irNVmEy2HsXhfrYMO-peyGshFOm8BftIem-LR868QnT-WOiyaei5C8MlERpcxf2F3ZmwGXHj9TUDyZELoBHsAwEIKM2yVbIpCjXZv6j6YuQRJENOTQdYHJU-Qohlnm2VOQQ0zms9UegYke3uPw7itSiohZPoZQo-43RUkFwcBm1jMT8yGVj6QOwgfwNIeDAzd6l-a9Ic_oYGbG9517XO3kzwAfXlfOgg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sendgb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 11:21:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu6UwCOA597uuB_w8xwqAAABJkAAAIB&google_cver=1&google_push=AQvitUK_lUCXB-afW5J-Lmcsk1W4obIR4YuawlbUGHyKa8Re6_t__aFxWhanjXfm9LP-ipBy_hb4-5kve4YD8z1foraG6pw24j0A&google_gid=CAESEIYcEoTJYa3tV7JHQ_52FyU&google_tc=

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| a0_0x433e function| a0_0x3d7e object| __CF$cv$params object| __cfQR object| dataLayer object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_manager object| __post_robot_10_0_42___30e1844bfa_mte6mje6nte object| paypal object| __zoid_9_0_65___30e1844bfa_mte6mje6nte number| google_lpabyc object| __paypal_storage__ string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| paypalDDL string| PaypalOffersObject function| ppq object| gaplugins object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __postRobot__ object| __zalgopromise__ object| PAYPAL object| ion function| Popper object| bootstrap function| WOW undefined| _this number| SMOOTH_SCROLL_DURATION object| dropdownSelectors function| dropdownEffectData function| dropdownEffectStart function| dropdownEffectEnd function| _classCallCheck function| _defineProperties function| _createClass function| initPhotoSwipeFromDOM function| objectFitImages function| Color function| Chart object| Waves object| toastr function| Hammer function| Picker function| PhotoSwipe function| PhotoSwipeUI_Default function| PerfectScrollbar object| Ps function| jarallax function| VideoWorker boolean| _muiCombinedLoadedJS boolean| _muiLoadedJS object| mui string| uploadServerUrl number| maxSizeBytes number| maxMailSend number| maxSize number| total_size_left number| maxFiles string| maxUploadSize string| disallowedFiles boolean| process_activate string| msg_seconds string| msg_minutes string| msg_hours string| msg_remaining string| siteUrl string| btn_download string| msg_download_started string| msg_fill_fields string| msg_upload_error string| msg_file_to_large string| msg_file_to_much string| msg_mail_to_much string| msg_wrong_pass string| msg_file_blocked string| msg_max_files string| msg_upload_of string| msg_uploaded_of string| msg_upload_canceled string| msg_upload_failed string| msg_unable_to_compute string| msg_files_selected string| msg_copy_url string| msg_ut_second string| msg_ut_seconds string| msg_ut_minutes string| msg_ut_hours string| msg_ut_days string| msg_ut_weeks string| msg_upload_cancel string| msg_safari_ver string| msg_sending_files string| msg_sending_files2 string| msg_peyem string| msg_wrongem string| msg_files_added string| msg_1_other string| msg_max_file_message string| fu_msg_tmi string| fu_msg_limit string| msg_same_file_name string| mt_desc string| msg_NotReported string| msg_grc_title string| msg_tkn_title string| msg_tkn_message string| s3_server_public_key string| s3_cors_url string| s3_chunk_size string| s3_retry_delay string| s3_retry_attempt string| s3_item_limit number| s3_item_size_limit string| s3_endpoint string| s3_endpoint_local string| s3_default_region_name string| s3_bucket_name string| s3_dir_name string| ms_val_required string| ms_val_email string| ms_val_passregex string| ms_val_passmatch string| ms_val_name string| ms_val_posterror string| ms_val_passnotmatch string| ms_val_passretype string| ms_val_passmaxchar string| ms_val_passminchar string| ms_val_passrequired string| ms_val_mailexists string| ms_val_mailvalid string| ms_val_mailrequired string| ms_val_nameshort string| ms_val_namechars string| ms_val_namerequired string| ms_val_addressrequired string| ms_val_addressmaxchar string| ms_val_cityrequired string| ms_val_citymaxchar string| ms_val_postalrequired string| ms_val_postalmaxchar string| ms_val_countryrequired string| ms_signing_in string| ms_sign_up_button string| ms_signing_up string| ms_send string| ms_sending string| ms_login_button2 string| ms_val_val_required string| ms_validate_button string| ms_pr_updating string| ms_pr_save_profile string| mobileVersion function| md5 function| qq function| getCookie function| inprecise_round function| precise_round function| uiPreloaderStart function| uiPreloaderTicker function| uiPreloaderStop object| emails object| files number| filesAdded function| validateEmail number| receiverId function| openInlinePage function| checkForm function| shuffle string| long_value string| long_value_fid string| value string| valuefid number| uploaded number| prevUpload number| speed number| total number| remainingBytes number| timeRemaining string| setStopVar object| started_at function| uploadProgress function| changeLanguage function| changeLanguage2 function| changeExtendTime function| uploadComplete function| uploadFailed function| uploadCanceled function| openSettings function| closeSettings function| shareEmail function| shareLink function| updateSection function| destructTrue function| destructFalse function| errorMode function| createCookie function| readCookie object| $body string| sRateName function| setRateWarning function| setCookieWarning function| setCookieChecker function| preloadImages string| url_email function| confirmExit function| copyToClipboard function| advOpen string| value_upload object| $ratewarning object| $ratebutton string| sCookieName object| $cookiewarning object| $cookiebutton string| sCookieCheckName object| $cookieCheckwarning object| $cookieCheckbutton function| get_browser function| TxtType function| formsreset object| checker object| sendbtn object| __webpackStripeJSv3Jsonp function| Stripe boolean| __cfRLUnblockHandlers object| GoogleGcLKhOms

4 Cookies

Domain/Path Name / Value
.sendgb.com/ Name: l_code_3
Value: en
.sendgb.com/ Name: __cf_bm
Value: 3d9d193df4b196b199fe28643166c575a572bfbc-1620818510-1800-AaGoytEEnake4Up6UsB4xkF3VWGQw2kcWnI+wXDfUsA8mFciR+/AhZVWz9D+5yN/P1GNcQHA+i6VY0ffBT4b/6pHYTtp3LtZGb3sulO1Ql84KySz4eLzu3LhS6voSxjaawYVpFIa+N6PcD/uG55y4vY=
.sendgb.com/ Name: sendgb_ses
Value: 3biect9c65vp24sbv23hkequn5
www.sendgb.com/ Name: __cflb
Value: 02DiuH8DSb8Twk3Gk6gL249ahaUdvQPKfMtbqo3BiZhYS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
cc.adingo.jp
cdn.muicss.com
cdn.sendgb.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
js.stripe.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
sendgb.b-cdn.net
sendgb.com
stats.g.doubleclick.net
t.paypal.com
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.sendgb.com
cm.g.doubleclick.net
104.111.228.123
142.250.185.130
142.250.186.130
151.101.12.176
151.101.129.21
151.101.193.35
172.217.23.98
185.59.220.197
185.59.220.199
185.64.190.78
2001:4de0:ac18::1:a:1b
217.182.200.20
23.111.9.35
2600:9000:2190:ca00:19:7d10:bd80:93a1
2606:4700:20::681a:418
2606:4700:20::ac43:446f
2606:4700::6810:a823
2606:4700::6812:bcf
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:803::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9b
35.186.253.211
52.38.167.254
54.250.196.226
69.173.144.138
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0616bad6c2fcac05ee501c969bcde956164175cbe0b03c7d7695511aad88652c
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0886d8101f7306cbc2dbfe95d574c6bf2e37f8a15b4a820974e43e4934a2f8be
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
106836ab0f8b9d70b6cc2f07a7203a7eac7e46bb22a96c8a4446559b141a52fd
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ac1fa8c871caac481a3d555f524d1fddf1fae74f1c860f06354ee324489962e
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d5d6a84e422162b752937ac706144ac9804bd0f25615198271cb787dea5299f
1f8252f61b26e0acddfe4ff023f9870b64380eb8f2965802ee7b849cb33dafd0
25dd44ce52f5899b4214d668df8830cf43e1ab84e985adbcd38a8ec21139b23f
27c6bb9e16ea67f2724629de899b500121feb256f19440a58843f9d537b4c507
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cdf01843b513efbec95706f4c28221b52ee8d2520e1351bad8d63555f705637
2f625b342312ce4478f03121fedb5abb55a5b03a71cedd1d2c2cfac9583a34f0
30a7a41122bac661cacf04306ce32052a03030b924d18029760626f5f8351216
31f5ec4cbe07f5cc35b55e8adee84ecdb253a39aaedc1e6fe077e32381f93356
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
45b8b07612597efd8ef05339cd39f4a6303ff243675d3c8fe3bc07c40f0771ff
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4be3ddba480d3da340e16b96e968191fc5fd8f50e349fe192e92833458c23954
4bf30ddd888c25e3ee55a8d75d4af44331af5c9bf70a2fcec7c820f9b076130e
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
4c0701cd339a069fb80f8b5d1b4550061e9f82dd054edc6a3f1bae961c96f9d5
4c6d51d22790ac934bdc13c0f6a969dbde2f6a3d2f88610791030cf441b05805
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004
59091a90f94c6f6c1aa3fc6c468949476e8ab1727f40a42a25b0b2d22bd3f49a
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b7342dac6d3a1943e4e7f4136574ae766097ecadfea71d5d679ca7910800af3
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
669262b59378f4a6e7a67129ad60d31b47ca5d5be734ed03db6575e241a30320
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68f623d1ece2bb2668c8bb516492ef372b518f6d7474cf6c8aadb39a07d7f501
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9ca8f2d3b659c9747a3dab679a9bea4aff5f26cab43223e560893371f50bc4
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
6c6af677d436fb6ff5882d3e36f3f9dfd698e3d865099edbf6c40230fc0b28e8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ec5fc2810ce23ca32f4a81eeabc6ad7238a0ea01a5f8ad2ec6722e0372b1e4b
7225c7ed5d81ba9fe7aaceb6b59093abc6502dd18c3a6d6059ab2d8c1ec465ba
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
762d1eccbe8ddc81134dde2bdd63dbca047b04f9f8b46aa332672cc613569c8e
78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
809681679f064ecc24f372d390b2b77cd1b33f28cbc8605d318c9ffbdbbd4065
82643bb981b98780b1a05ae44a9821b04638bce0f008e78b92d93a1268c64a8a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8e7b4ac1f0bda4d37b9a49e005259699e3ee451abd74effc6deaf4c02906b378
8eb447b749043072296a5e0896f9583eb8821e80a9d8c45969ce758176e9d198
8ed2f2d7c628db91a04792253a2b3311211902eb9be34c3b28c40acd0ca26d81
8faf748685a3f096f64ae64452823ed3dbe9470f3e1f0bc788edcc6112e0f46a
94d927ba55402e39e5dcd5f7ae35e8003b3fdd8ea2d810c1d15ae7a7c71c02af
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a102c0ba3835fdf4898ad229f14b68b879cc54063494a7ae0bf70c1aa82b3e27
a255f7339be3cdca2906640eb20969717cc88e2acd8d7d0dbf2dac7a8069fdc7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a85c68b65334deca20d94a75e37634861baf2604937f5d7234266c698801acfa
a99587d55c95cfe0c845a55eed7f36a330d9c69943ff13d9c43a76fc949ffa94
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
aba39b35515c23ce1375962e32f7c56722dc370490f9ba084720324b5a5719d7
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
b0d1fb6d1593fde97aee455618a8c264ed08d9abb93a3899fc0c691fad953837
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b91ba687f4714983a4ef374a515d8892f167f329e3d49d38ad587300a2b95986
ba5a0b541af8b1879049dc4662e53c76916d46f26b570101a8eff8af1c1fb902
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7bdbfe659a00bb5c850be597b3b23466194c780d01c5772cae345f39e11d8a3
cc59d406a4a87dc2cae39fbb74414e4694b7720ee57f4d1b8710e515e65a83e7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf1933deb1987bcaf3664b7656526c9099216391b640b5fd4e6b7c65472d25b1
d0d741ffc7bfab4e8a4142873c8069a22a7ed46b787048047cea215f9169c7c1
db5e38abe34e33f5d4e99c52a914c9f0fd16fc2918eb35dcea65d8b78fa617db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e509cffb64f288e476236b981cfdec0e33b8b995c15226f4b904f0ff07bd1e
edceb654599585fec23b444be834776ef349cff7f119c8e33013ea4350330ffb
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f51ca50a278d2b7a72342deb0a17f60ae3501509d97c053347de6f4006c8c16f
fadb40e79a84c08cada08286b8f6c281105fab704cc5aa10ef71758aeeb7c8cd
fe44acaad81496bc89732f68b5ee7b1bb5a3dd5564dcc26672a6a1bddce0da95