wsend.co Open in urlscan Pro
172.67.69.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.wsend.co/13474868039/
Effective URL:
https://wsend.co/13474868039/
Submission: On August 21 via manual (August 21st 2023, 5:41:06 am UTC) from PL — Scanned from PL

Summary HTTP 53 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 53 HTTP transactions. The main IP is 172.67.69.204, located in United States and belongs to CLOUDFLARENET, US. The main domain is wsend.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 1st 2023. Valid for: a year.

This is the only time wsend.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.26.7.159 104.26.7.159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	172.67.69.204 172.67.69.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
12	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2 9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
13	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
53	13

1 104.26.7.159 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wsend.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.69.204 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wsend.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wsend.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.72 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.227 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (Grosse Pointe, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.129 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	365 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	80 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	150 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	460 B
4	wsend.co 2 redirects www.wsend.co wsend.co	9 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	113 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	249 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	81 KB
53	10

	Domain	Requested by
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	wsend.co pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googleadservices.com	wsend.co
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	wsend.co fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	wsend.co	wsend.co
2	www.wsend.co	2 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	wsend.co
53	14

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.un-web.com
www.wmadaat.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://wsend.co/13474868039/
Frame ID: 14BE5CD4B7CDB4D027BE421D4272E0E2
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: FDFA69611A82E1443D1D214D8E3CD822
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&adk=1812271804&adf=3025194257&lmt=1692589262&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461747&bpp=3&bdt=303&idt=256&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3379532071720&frm=20&pv=2&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: 0A0067DD7C18B742B1FDA46B662474B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1692589262&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461750&bpp=2&bdt=307&idt=278&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3379532071720&frm=20&pv=1&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VZSR1sPE6U&p=https%3A//wsend.co&dtd=283
Frame ID: 358B2ADADBE9CA0384BD7F5FC208D370
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1692589262&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461752&bpp=1&bdt=309&idt=286&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3379532071720&frm=20&pv=1&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BfPlb7i3np&p=https%3A//wsend.co&dtd=290
Frame ID: 404F6C7C49CBDB518C7F8F7CC5ED7AAF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CEC3A388C7EF3260DB22C3C7E8336071
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Frame ID: DF8FED04D2A6843877D365A3777E020E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Frame ID: C65D0CDB552C2A2AD942FAD39600190E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC1254D674896AE64A0D41269A11A4EF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0646EE31C28938F67AA4749E0D86942C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WhatsApp 13474868039

Page URL History Show full URLs

http://www.wsend.co/13474868039/ HTTP 301
https://www.wsend.co/13474868039/ HTTP 301
https://wsend.co/13474868039/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

96 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

801 kB
Transfer

2008 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send/?phone=13474868039
Title: متابعة للدردشة

Search URL Search Domain Scan URL

URL: https://www.un-web.com/tools/whatsapp/
Title: ارسال رسالة واتس لرقم غير مسجل

Search URL Search Domain Scan URL

URL: https://www.un-web.com/tools/whatsapp_link/
Title: رابط واتساب

Search URL Search Domain Scan URL

URL: https://www.wmadaat.com/?app=article.show.2628
Title: طريقة التواصل مع فريق دعم واتساب بكل سهولة

Search URL Search Domain Scan URL

URL: https://www.un-web.com/tools/age/?utm_source=wsend.co&utm_medium=website&utm_campaign=whatsapp_to_age
Title: احسب عمرك اليوم بدقة

Search URL Search Domain Scan URL

URL: https://www.un-web.com/tools/bmi/?utm_source=wsend.co&utm_medium=website&utm_campaign=whatsapp_to_bmi
Title: احسب الوزن المثالي المناسب لطولك

Search URL Search Domain Scan URL

URL: https://www.un-web.com/tools/gold_price/?utm_source=wsend.co&utm_medium=website&utm_campaign=whatsapp_to_gold_price
Title: سعر الذهب الآن مباشر

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.wsend.co/13474868039/ HTTP 301
https://www.wsend.co/13474868039/ HTTP 301
https://wsend.co/13474868039/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://googleads.g.doubleclick.net/pagead/adview?ai=CNsEw7vjiZJT9BJiz9u8Pt6-7mAaFmLqAcuHe4Lu4Eaezz-T9OxABIIi-0iZg6eTJhdgaoAGb-J3JKcgBCakCPZodL7Y9sj6oAwHIA8sEqgTaAU_QirGnC9u6VYEKKzph4Fbcsn4aLO3-V5A-y2BeTNIIniPBiNB0XSwlJnoxIMKoTWw0Rhw_BOOQWWavvTzsx2whXMWtPM2zhnZUBoqeBcOQeS2F6hlfwLkzi-M_FzQEjNl4fgkoEini-EdfjIkfbzZZteRzd7380xVA06bPnNKFtyqT7lTkfHz1WSznpBYyKHD-tG7oXaqEx56NbivhKsSZ-v58ZnE4Ka8FPRoxHjMgEXvC827xikScoG3LrjK7qNYZsgHyspkVdDn1XmheUYA2h5dMDH9P-XPCwASElYCCywSSBQQIBBgBkgUECAUYBKAGLoAHm7DuqASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCu0ALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkjaHR0cHM6Ly93d3cuZmluZ2VycGlja3dlYXJhYmxlLmNvbS-ACgHICwG4E-QD2BMNiBQC0BUBgBcBshccChoIABIUcHViLTE5MTE5NzU3Njg2OTgyMDUYAA&sigh=UhtxoDj1Qks&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWDXty7AeCigZ1t23qOt-rg8XKRqFrDhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227698254205201909870%22,%22debug_reporting%22:true,%22destination%22:%22https://fingerpickwearable.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211159436315%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224743094307063707057%22}&andc=true

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 44

https://googleads.g.doubleclick.net/pagead/adview?ai=CSdgX7vjiZPHBBJS_9u8P6oqOoAKK7IWWaZjv6dGODmQQASCIvtImYOnkyYXYGqAB5vHHjQPIAQGoAwHIA8sEqgTcAU_QTrFoTmWEKLEL-uLfrY0s8xfMm1whFFs0VS1YPJ3v8leSVnS5j_eldQZT6X2EobS3VYe24vhLXcpHL8ww6O6iZtcyShWXS5iEEwcVEgZS461lNwa3JLit7Vbj48R-0Yf2_LhizTG3t6JjE4btEJ1mzhTKqPWSnjSCXAbi329d141sK2CjtyDp4CfnbwD56OTw6fKdW6_2vpTueONNDwDjladhFiIKT7sVvZhEXs7hMk0N-tuyhF55fZoDfM2TOmmtgJw-KRfZIgNAi1cKrOTK1V3TURIyoqdA3VvABI77pp7TAZIFBAgEGAGSBQQIBRgEgAeCjrhyqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQxbwC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJTmh0dHBzOi8vd3d3LnZpcnRvc29mdHdhcmUuY29tL29mZmljZS0zNjUvZ2FudHQtY2hhcnQtYXBwLWZvci1zaGFyZXBvaW50LW9ubGluZYAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0xOTExOTc1NzY4Njk4MjA1GAA&sigh=CLBoSiMXHjI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWqka8w3YNhwTHlPGigKi_TnhHY1xPnBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221636765867897318846%22,%22debug_reporting%22:true,%22destination%22:%22https://virtosoftware.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22833747174%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22314203656616451505%22}&andc=true

53 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wsend.co/13474868039/
Redirect Chain

http://www.wsend.co/13474868039/
https://www.wsend.co/13474868039/
https://wsend.co/13474868039/

14 KB
6 KB

148ms
140ms

Document
text/html

172.67.69.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsend.co/13474868039/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 1fbd2d59d569f7b38457bf56e5132c791797b1ed358045b2f48fecc3d6435026

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fa08b6b3d8b3bb7-WAW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 05:41:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXE56pY8e%2BR7O51DpRlO1Yz2QzjN4JanShd4Kqb6s3EBIKBbiXYGvf4OTW23Xx7zqRs%2BCGDo3M1NsQm0Xr6PT6y7T%2B2K2TFxxHJF8hd2jT15qxV1F70NHKs3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.2.34

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7fa08b6a3c453bb7-WAW
content-type: text/html; charset=iso-8859-1
date: Mon, 21 Aug 2023 05:41:01 GMT
location: https://wsend.co/13474868039/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAyLd6TsUT0uidlhIkzdJspCV3aEhaRI9wViax2%2BaxweSvxd6Ztkw9T0xQYBy9dJ9bsr0Dh6dS1MYWB5Yk1D901QlLc9F4KRjY%2Fnweylv%2BuSGu8Vw8XnQQX26ovxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 154ms
58ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2ELFHMNZ2B

Requested by

Host: wsend.co
URL: https://wsend.co/13474868039/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

614e596cd44a902a21934af00111edf8e89b2b59aded8c15c24c1cc11850de31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 05:41:01 GMT

GET
H2 200 logo.png
wsend.co/ 2 KB
2 KB 64ms
63ms Image
image/webp 172.67.69.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wsend.co/logo.png
Requested by: Host: wsend.co
URL: https://wsend.co/13474868039/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c65b940f44dc0c0e6ccba7e4b5dfad9482a287a71d49983b8e7bc06bb513d09

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/13474868039/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:01 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2023 15:47:36 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=2383
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWbEVJW4SbqnYoNzSWAPVLJjHGlmHtWVuYMfH0cvtE9hSFg9TAfdGQz1t2oJEVNaz%2FLw%2BGmliXWNUPKjz4Rqp3HtaNP6zJWdXAYuCCeoWp0GTQ7Z6eA8oBv%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
content-disposition: inline; filename="logo.webp"
accept-ranges: bytes
cf-ray: 7fa08b6c2e173bb7-WAW
content-length: 2054

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 201ms
105ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wsend.co
URL: https://wsend.co/13474868039/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ab2e1a0c51cd9f52ccb55da44da5f97e5d9bdf0a272aa1c47e8dd980b4864ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50903
x-xss-protection: 0
server: cafe
etag: 1643041138664242789
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 05:41:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 188ms
93ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1911975768698205

Requested by

Host: wsend.co
URL: https://wsend.co/13474868039/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

d3c7c6212615c3703786bd8ac08f0ecf565046f6894bf81d82e592634eb43538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsend.co/
Origin: https://wsend.co
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50914
x-xss-protection: 0
server: cafe
etag: 6629019392170767829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 05:41:01 GMT

GET
DATA 200
OK truncated
/ 428 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f711cdb3e5614a6b9c2c609f81f534bb84ae367b160147707f87815826b44b15

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tssoApxBaigK_hnnS-agtnqWow.woff2
fonts.gstatic.com/s/almarai/v5/ 46 KB
47 KB 139ms
44ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v5/tssoApxBaigK_hnnS-agtnqWow.woff2

Requested by

Host: wsend.co
URL: https://wsend.co/13474868039/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

420c7579c1de54e20027c1fc6abda9c53ac1c0872c6d147ed2759cce872c2bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsend.co/
Origin: https://wsend.co
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:36:08 GMT
x-content-type-options: nosniff
age: 288293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47520
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:42:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 21:36:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 129ms
49ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2ELFHMNZ2B&gtm=45je38g0&_p=2029657689&cid=618735505.1692596462&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692596461&sct=1&seg=0&dl=https%3A%2F%2Fwsend.co%2F13474868039%2F&dt=WhatsApp%2013474868039&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ELFHMNZ2B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 05:41:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wsend.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 104ms
103ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1911975768698205&plah=wsend.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1911975768698205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

669853e32a1201d61f36277dedc539fe6b01677f8dbdb404505e76656b999e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134726
x-xss-protection: 0
server: cafe
etag: 12419048274515457020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 05:41:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame FDFA 10 KB
5 KB 140ms
44ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1911975768698205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsend.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 61839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 12:30:22 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 12:30:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
460 B 53ms
52ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wsend.co&callback=_gfp_s_&client=ca-pub-1911975768698205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1911975768698205&plah=wsend.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

933a00a6f41d9594cf54a8650b689fd7e336c71a30ad3575818f06bd22e421a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A00 0
182 B 129ms
128ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&adk=1812271804&adf=3025194257&lmt=1692589262&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461747&bpp=3&bdt=303&idt=256&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3379532071720&frm=20&pv=2&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsend.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:41:02 GMT
expires: Mon, 21 Aug 2023 05:41:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&cls=fixed-link&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: wsend.co
URL: https://wsend.co/13474868039/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 05:41:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
78ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=myBtn&cls=qr-icon&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: wsend.co
URL: https://wsend.co/13474868039/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 05:41:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 358B 109 KB
39 KB 697ms
697ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1692589262&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461750&bpp=2&bdt=307&idt=278&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3379532071720&frm=20&pv=1&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VZSR1sPE6U&p=https%3A//wsend.co&dtd=283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3a48286e58e6605d1c9cf251405837bc016c115070721b2081d34172d13b910e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsend.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39266
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:41:02 GMT
expires: Mon, 21 Aug 2023 05:41:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 404F 101 KB
36 KB 445ms
444ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1692589262&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461752&bpp=1&bdt=309&idt=286&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3379532071720&frm=20&pv=1&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BfPlb7i3np&p=https%3A//wsend.co&dtd=290

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0927627e0842b7c81f8f0d70840e41d462cd70f1d093f040b2c303662e8b3781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsend.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36891
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:41:02 GMT
expires: Mon, 21 Aug 2023 05:41:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 404F 4 KB
1 KB 158ms
53ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1692589262&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461752&bpp=1&bdt=309&idt=286&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=3379532071720&frm=20&pv=1&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BfPlb7i3np&p=https%3A//wsend.co&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 05:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 04:11:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 05:41:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 404F 2 KB
973 B 149ms
49ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 13:28:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 404F 23 KB
9 KB 147ms
50ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 13:47:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 404F 3 KB
1 KB 157ms
60ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 11:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 11:18:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 404F 20 KB
8 KB 144ms
48ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 404F 180 KB
57 KB 170ms
73ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 05:41:02 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 404F 35 KB
15 KB 145ms
48ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12840540150418788641/ Frame 404F 26 KB
26 KB 176ms
83ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12840540150418788641/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

e2e91b53fc609276fce18a53c4524650128e0f4ed3b2eec7c69634b7fe7b898e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:15:24 GMT
x-content-type-options: nosniff
age: 325538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26213
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:34:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Aug 2024 11:15:24 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2620276003123001378/ Frame 404F 2 KB
2 KB 153ms
62ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2620276003123001378/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

32200b2296bf75ab75ea1075f8771d3be2ae14be9c4720d8fcdc1152b5f7f22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 20:16:40 GMT
x-content-type-options: nosniff
age: 552262
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1806
x-xss-protection: 0
last-modified: Fri, 12 May 2023 10:34:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Aug 2024 20:16:40 GMT

GET
DATA 200
OK truncated
/ Frame 404F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a3f91e7f4a5448070938ab358d6a4b2418221f06023d729d101e723bfd068a7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 358B 9 KB
4 KB 56ms
55ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1692589262&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461750&bpp=2&bdt=307&idt=278&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3379532071720&frm=20&pv=1&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VZSR1sPE6U&p=https%3A//wsend.co&dtd=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:17 GMT

GET
H2 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 358B 11 KB
5 KB 56ms
55ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:24:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 358B 14 KB
1 KB 57ms
56ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 05:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 04:07:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 05:41:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 358B 2 KB
926 B 44ms
44ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 13:28:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 358B 23 KB
9 KB 45ms
44ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 13:47:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 358B 3 KB
1 KB 48ms
48ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 11:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 11:18:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 358B 20 KB
8 KB 52ms
51ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 358B 180 KB
56 KB 68ms
67ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 05:41:02 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 358B 35 KB
15 KB 45ms
45ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 404F 16 KB
16 KB 44ms
43ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 183953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 404F 15 KB
15 KB 51ms
51ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 264850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:06:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CEC3 143 B
166 B 44ms
44ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1692589262&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F13474868039%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692596461750&bpp=2&bdt=307&idt=278&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3379532071720&frm=20&pv=1&ga_vid=618735505.1692596462&ga_sid=1692596462&ga_hid=2029657689&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076468%2C44759842%2C31077084%2C31077086%2C31077093%2C31077148%2C44795921%2C31076994&oid=2&pvsid=3005876224761832&tmod=1555922306&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VZSR1sPE6U&p=https%3A//wsend.co&dtd=283
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 1039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 358B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27ca459018f0865c2223f5bfa42f2477012cf543830fb341e91862dade21a592

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 404F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNsEw7vjiZJT9BJiz9u8Pt6-7mAaFmLqAcuHe4Lu4Eaezz-T9OxABIIi-0iZg6eTJhdgaoAGb-J3JKcgBCakCPZodL7Y9sj6oAwHIA8sEqgTaAU_QirGnC9u6VYEKKzph4Fbcsn4aLO3-V5A...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227698254205201909870%22,%22debug_reporting%22:true,%22destination%22:%22https://fingerpickwearable.com%22,%22event_report_w...

0
0

170ms
78ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227698254205201909870%22,%22debug_reporting%22:true,%22destination%22:%22https://fingerpickwearable.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211159436315%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224743094307063707057%22}&andc=true

Requested by

Host: wsend.co
URL: https://wsend.co/13474868039/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7698254205201909870","debug_reporting":true,"destination":"https://fingerpickwearable.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11159436315"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"4743094307063707057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 05:41:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 05:41:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7698254205201909870","debug_reporting":true,"destination":"https://fingerpickwearable.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11159436315"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"4743094307063707057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame DF8F 37 KB
14 KB 44ms
44ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 13:08:45 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 358B 33 KB
33 KB 44ms
43ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 175021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:04:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CEC3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:41:03 GMT
expires: Mon, 21 Aug 2023 05:41:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:41:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 174ms
78ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 05:41:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 358B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSdgX7vjiZPHBBJS_9u8P6oqOoAKK7IWWaZjv6dGODmQQASCIvtImYOnkyYXYGqAB5vHHjQPIAQGoAwHIA8sEqgTcAU_QTrFoTmWEKLEL-uLfrY0s8xfMm1whFFs0VS1YPJ3v8leSVnS5j_e...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221636765867897318846%22,%22debug_reporting%22:true,%22destination%22:%22https://virtosoftware.com%22,%22event_report_window...

0
0

127ms
80ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221636765867897318846%22,%22debug_reporting%22:true,%22destination%22:%22https://virtosoftware.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22833747174%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22314203656616451505%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1636765867897318846","debug_reporting":true,"destination":"https://virtosoftware.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["833747174"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"314203656616451505"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 05:41:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 05:41:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1636765867897318846","debug_reporting":true,"destination":"https://virtosoftware.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["833747174"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"314203656616451505"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 93ms
92ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

dfde6e52f9670ad82861514759352724a42f5d65049c848c884c8821bfa1570e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11760
x-xss-protection: 0

GET
H3 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame C65D 37 KB
14 KB 46ms
45ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 13:08:45 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 79ms
78ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 05:41:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
70ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 05:41:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC12 13 KB
5 KB 85ms
44ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsend.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 39450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 18:43:33 GMT
expires: Mon, 19 Aug 2024 18:43:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0646 829 B
994 B 98ms
61ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

297f89ef150994da6276e9e30572d79150902aa967f3ce19ef76094b74bc8e53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cQQIE7JJ3TUah1D7FQWyew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wsend.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-cQQIE7JJ3TUah1D7FQWyew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 05:41:03 GMT
expires: Mon, 21 Aug 2023 05:41:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 -jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js Show response
pagead2.googlesyndication.com/bg/ Frame BC12 37 KB
14 KB 46ms
44ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 13:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14691
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 13:08:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0646 0
0 77ms
77ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=3005876224761832&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BC12 0
10 B 44ms
43ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7clkhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 05:41:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
81ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=3005876224761832&bg=!19Sl1IDNAAZGPLJIZjw7ADkAdvg8WhVpgB5X7wpteL_ZiaVn984sQnPNtYhJKUln6qT7lMddMHwke9ILACDrKHqEYV1ev0EL9wcCAAAATVIAAAAJaAEHCgCaNhFvu1C1Hx1roUyPL-CUbvotH3RR1MhC47Pmf9d12uZYafaQVOPVE5nedc9qgPtoQ0wrTsegFys3Y3lEm-dW8TKcpTUEjSVIn25m4PyrZnpMkxARMlVQ6RMLUuLWwUv4XPATENy6Y1E-cKDRSMEkgpjZV0l99G-CO6SXe5JsZxFbTBeJoPG-Qt-opZ7odQ_TRF1y5yNzIxB9DpkC0sAcVcQacNu9qN3R_ResA4zqrnLA7qXxsA4Kn_DeHhJ10b116NyDPNUJ0AFUDVKMo3mJ55ROZdoZRuMxAMXaRwQSnKONAFvUrjJMZdxD0mUk1Zg6r1nwgBzFLftDlIjykKZxofL-ipetfzWk8JjGYATC2iBvUbqqtGtv1KFMr-5fbwV-j52yqsz4ROaHNyYNHG7s6UoMmlY7L9KKy8xiqLqnTYTEX491bXJIjFoeyfDAslFU22XF0q7HuWcinHTcAuAdzh_EjGYpNnSOcvsxybUQ3SuIOK2mx14RojsR3s-2uXOg3kqgFiYklkrBP1WTAbTsECsfj1CFqHgA_Tvn_5SFymGWGmg-FiymHJ4HuMFOY0_EarMmiyxLkUzt8tTVrSvICIDTZ-jphThK9ZEkMHo-zKYytSWHp33_53bXNdDRP4fDXeKbiesDnaRHavyu3wmCQ0JZYUrUC6bwQmS7YVTntej_sHlyM6ppPm7aJvN_1BHjAJ-W9WNn-L7VIggXUWxpdfz4J8iLkgYZHYmasJUQLTUKybKR5S-W2jbHHPh7A_PF0XKAwn7Mg6Mom8niUJiz4-BZF3y4AqEVvE8c-9waNHkG2YX_nLQ_LI-z1W4rSGqW-qYh1ine2Cj88Vo1iNxRtym8CRWsz-VlJ-KhApI6cRwYiauViggJXSnKb-D-E19N5g1aReSHDYGHWgyeq8m1GF2LBObuGkTnwp7DzEQF_Mdz_VkhcyKJe9KQFx3wS7-i4spQ6nVndI8nuQH2ayJiWLseC666FXA5uVTnmU9yclEfB_n13HphtPn_dUyKUsw4xJSxfQrRkUL9HiVZ7nNbraZ64Rxjv4tvtGkxLuGZ0EXvBz6xhLiwAfFwC6ePCNc9Nve7DcVPGvMnbFxA2yQJ3QfQ8-gscYJTFNX6fYhitOwRijmFDQntAPxA7wYyOMyfAB48Bt7yCGU3mWXLLEg4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://wsend.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 358B 42 B
64 B 81ms
81ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlJ6oyg0ZG8bp_R6B3IiFog7gnc-MzXFUNRcqcNf_l_F-xZkdYCw6uuu2EDdigRIpvPaR__063Kow-t8QameVYGt7eV6dQEaHI8mTfGJ8ZaETS2bEgl4DOg8zZBN6zUC0c8WuJ_TppBSIH&sai=AMfl-YTv0XCSbuJoTtreGTfbkoo69927nWm_6AWVLNtl4322-UqtAxkMEhsns7YgGNSn-1WV7WD8zmzwNCS6&sig=Cg0ArKJSzF3o-IazWI0ZEAE&cid=CAQSGwBpAlJWqka8w3YNhwTHlPGigKi_TnhHY1xPnBgB&id=lidar2&mcvt=1000&p=0,0,280,1090&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2644286354&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692596462035&rpt=1118&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 05:41:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wsend.co/	1969-12-31 23:59:59	Name: PHPSESSID Value: fde41260ccfa7a3390ea2bc40f255eca
.wsend.co/	1970-01-20 23:45:56	Name: _ga Value: GA1.1.618735505.1692596462
.wsend.co/	1970-01-20 23:45:56	Name: _ga_2ELFHMNZ2B Value: GS1.1.1692596461.1.0.1692596461.0.0.0
.wsend.co/	1970-01-20 23:31:32	Name: __gads Value: ID=8f042fc4c700fe6d-228d0af656de00d2:T=1692596462:RT=1692596462:S=ALNI_MagQAqcPMYhMOsUZ3LxjeVh3xozgQ
.wsend.co/	1970-01-20 23:31:32	Name: __gpi Value: UID=00000c64b0b5b482:T=1692596462:RT=1692596462:S=ALNI_MZ8o69tYcDx3Kp3wuCu6aAm0rYTiQ
.doubleclick.net/	1970-01-20 23:31:32	Name: IDE Value: AHWqTUkBgcxkJyVyz-i4y7CGxFhgdseymVuRF0ftHxFzuyIC4zb1H-1CVBhnEpNe8LU
.doubleclick.net/	1970-01-20 14:10:00	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:19:32	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
wsend.co
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.wsend.co
104.26.7.159
142.250.181.227
142.250.185.130
142.250.185.66
142.250.186.129
142.250.186.35
142.250.186.72
142.250.74.194
172.217.16.196
172.217.18.10
172.217.18.2
172.67.69.204
216.239.32.36
0927627e0842b7c81f8f0d70840e41d462cd70f1d093f040b2c303662e8b3781
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fbd2d59d569f7b38457bf56e5132c791797b1ed358045b2f48fecc3d6435026
27ca459018f0865c2223f5bfa42f2477012cf543830fb341e91862dade21a592
297f89ef150994da6276e9e30572d79150902aa967f3ce19ef76094b74bc8e53
2a3f91e7f4a5448070938ab358d6a4b2418221f06023d729d101e723bfd068a7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32200b2296bf75ab75ea1075f8771d3be2ae14be9c4720d8fcdc1152b5f7f22e
3a48286e58e6605d1c9cf251405837bc016c115070721b2081d34172d13b910e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
420c7579c1de54e20027c1fc6abda9c53ac1c0872c6d147ed2759cce872c2bd4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
614e596cd44a902a21934af00111edf8e89b2b59aded8c15c24c1cc11850de31
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
669853e32a1201d61f36277dedc539fe6b01677f8dbdb404505e76656b999e39
6c65b940f44dc0c0e6ccba7e4b5dfad9482a287a71d49983b8e7bc06bb513d09
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
933a00a6f41d9594cf54a8650b689fd7e336c71a30ad3575818f06bd22e421a3
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab2e1a0c51cd9f52ccb55da44da5f97e5d9bdf0a272aa1c47e8dd980b4864ed6
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
d3c7c6212615c3703786bd8ac08f0ecf565046f6894bf81d82e592634eb43538
dfde6e52f9670ad82861514759352724a42f5d65049c848c884c8821bfa1570e
e2e91b53fc609276fce18a53c4524650128e0f4ed3b2eec7c69634b7fe7b898e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f711cdb3e5614a6b9c2c609f81f534bb84ae367b160147707f87815826b44b15
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e

wsend.co Open in urlscan Pro 172.67.69.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

13 IPs

2 Countries

801 kBTransfer

2008 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wsend.co Open in urlscan Pro
172.67.69.204 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

801 kB
Transfer

2008 kB
Size

8
Cookies

53 HTTP transactions
4 data transactions