urlscan.io logo urlscan.io
SecurityTrails logo

www.winzily.com Open in urlscan Pro
162.215.129.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.winzily.com/
Effective URL: https://www.winzily.com/
Submission: On November 03 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 1 countries across 15 domains to perform 100 HTTP transactions. The main IP is 162.215.129.109, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.winzily.com.
TLS certificate: Issued by R3 on September 5th 2023. Valid for: 3 months.
This is the only time www.winzily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 162.215.129.109 46606 (UNIFIEDLA...)
14 142.251.167.154 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
4 172.253.62.95 15169 (GOOGLE)
3 172.253.122.102 15169 (GOOGLE)
3 11 172.253.62.154 15169 (GOOGLE)
4 142.251.167.94 15169 (GOOGLE)
1 172.253.115.97 15169 (GOOGLE)
1 142.250.31.155 15169 (GOOGLE)
13 172.253.62.132 15169 (GOOGLE)
3 172.253.115.94 15169 (GOOGLE)
14 142.251.16.148 15169 (GOOGLE)
2 142.251.16.156 15169 (GOOGLE)
3 5 172.64.151.101 13335 (CLOUDFLAR...)
2 3 68.67.160.76 29990 (ASN-APPNEX)
1 2 142.251.16.104 15169 (GOOGLE)
3 34.107.189.102 396982 (GOOGLE-CL...)
2 172.253.115.155 15169 (GOOGLE)
100 19
22    162.215.129.109 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 7151133.server757.com
www.winzily.com
14    142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net
pagead2.googlesyndication.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net
fonts.googleapis.com
3    172.253.122.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f102.1e100.net
www.google-analytics.com
11    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
4    142.251.167.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net
fonts.gstatic.com
1    172.253.115.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f97.1e100.net
www.googletagmanager.com
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
partner.googleadservices.com
13    172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net
tpc.googlesyndication.com
3    172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net
www.gstatic.com
14    142.251.16.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f148.1e100.net
s0.2mdn.net
2    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
www.googletagservices.com
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    68.67.160.76 (Fairfield, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    142.251.16.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f104.1e100.net
www.google.com
3    34.107.189.102 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.189.107.34.bc.googleusercontent.com
ctxtfl.com
2    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
398 KB
22 winzily.com
www.winzily.com
2 MB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
114 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
105 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
111 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
4 KB
3 ctxtfl.com
ctxtfl.com — Cisco Umbrella Rank: 18439
8 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
124 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2855
pixel.wp.com — Cisco Umbrella Rank: 2799
3 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
601 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
80 KB
100 15
Domain Requested by
22 www.winzily.com 1 redirects www.winzily.com
14 s0.2mdn.net www.winzily.com
s0.2mdn.net
14 pagead2.googlesyndication.com www.winzily.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
13 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.winzily.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.winzily.com
googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com www.winzily.com
googleads.g.doubleclick.net
3 ctxtfl.com s0.2mdn.net
ctxtfl.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 www.google-analytics.com www.winzily.com
www.google-analytics.com
www.googletagmanager.com
2 googleads4.g.doubleclick.net www.winzily.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com www.winzily.com
googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.google-analytics.com
1 pixel.wp.com www.winzily.com
1 stats.wp.com www.winzily.com
100 20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
youtube.com
Subject Issuer Validity Valid
winzily.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ctxtfl.com
GTS CA 1D4		 2023-09-11 -
2023-12-10		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://www.winzily.com/
Frame ID: B6CFE28646F492B36722B672D0EE4E5D
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: C3EF0A797953C3A77F5E22F96069159E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6899360315203369&output=html&adk=1812271804&adf=3025194257&lmt=1699036248&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.winzily.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699036411325&bpp=5&bdt=439&idt=161&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4844064694194&frm=20&pv=2&ga_vid=308175241.1699036411&ga_sid=1699036412&ga_hid=669960947&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C44807047%2C44807334%2C44807454%2C31078297%2C31079424&oid=2&pvsid=2956234937058213&tmod=1689622738&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=205
Frame ID: F50CC76290DC97B2F5E1093371BB4E20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9ECC31D52B5A55673BAD29B97647A217
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 22C0CE923894477CCD4D0CF20B68C305
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGL-hrPkBMAE&v=APEucNWePp-8Pxt_rkHV4qibbGqp8a0LSgsxIcaweAnhvp30LxGYjahYMRp6_YbEfpu-GrxWw3hMkBk8GPejFIywvBBmVFpqkQ
Frame ID: CC6E4D56FF2FC491DD41267A398B9198
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 374F8B971392462F830A9A1E496DDA30
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AC2D952C2496EFA7B897B8FA189E59C1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 59ECBEDCE21576721EA74A9CDB1D8EF0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 41F81893BDB22EE9186EB891B6E6E88B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8635F4A9BCCF6A58C8B2A6CB51AD4083
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB270EB399ECFCF8677F7E1D26F89893
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
Frame ID: 9863271E4E176B5AB7C0D0604E2B292B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: DBAF07820A185E730F3937187BC3C6B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Winzily: Sweepstakes 2023, Rare Pieces, Code Words & More

Page URL History Show full URLs

  1. http://www.winzily.com/ HTTP 301
    https://www.winzily.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

100
Requests

95 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

19
IPs

1
Countries

2862 kB
Transfer

6715 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.winzily.com/ HTTP 301
    https://www.winzily.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1&C=1
Request Chain 82
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUU8-W9ZwLDCIHmWOWJk-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1
Request Chain 83
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENQj8SjE8gAsmW-dzCP_B94&google_cver=1
Request Chain 84
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzMDg4MzY1MzE1NzA5OTU4Nw%3D%3D
Request Chain 89
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.winzily.com/
Redirect Chain
  • http://www.winzily.com/
  • https://www.winzily.com/
126 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
1cb575409c54b62366f3e8f257da2cd6bf6469641710c88f5f9f8d87e77cf3b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=3, must-revalidate max-age=5
content-encoding
gzip
content-length
19464
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 18:33:29 GMT
expires
Fri, 03 Nov 2023 18:33:34 GMT
last-modified
Fri, 03 Nov 2023 18:30:48 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Cookie,User-Agent

Redirect headers

Cache-Control
max-age=5
Connection
Keep-Alive
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 03 Nov 2023 18:33:28 GMT
Expires
Fri, 03 Nov 2023 18:33:33 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.winzily.com/
Server
Apache
autoptimize_3861ca6a956b41b1f0afd4d981e717c7.css
www.winzily.com/wp-content/cache/autoptimize/css/ 		2 MB
198 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.winzily.com/wp-content/cache/autoptimize/css/autoptimize_3861ca6a956b41b1f0afd4d981e717c7.css
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
ab5373d0849a0826a32a01a08447d360f898815708da85ffe48b237dce93f246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Fri, 03 Nov 2023 17:17:52 GMT
server
Apache
vary
Accept-Encoding,Cookie
content-type
text/css
cache-control
max-age=3, must-revalidate, public, immutable
accept-ranges
bytes
expires
Wed, 23 Oct 2024 18:33:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
762a2cc98552b4e7ed581d8075f04a50344bf4a066ff1b1ee5300a813419c9a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52567
x-xss-protection
0
server
cafe
etag
4976012061811254059
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 18:33:30 GMT
e-202344.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202344.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT yyz
date
Fri, 03 Nov 2023 18:33:31 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684465101925.7249
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 28 Oct 2024 16:29:30 GMT
autoptimize_26fb554e64db746a10524830a4a50a1a.js
www.winzily.com/wp-content/cache/autoptimize/js/ 		763 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winzily.com/wp-content/cache/autoptimize/js/autoptimize_26fb554e64db746a10524830a4a50a1a.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
13ffc04f0c99df692f89c29ca37cce97ad8d4bde0d34843efbb456a07e5a9ae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Fri, 03 Nov 2023 17:17:51 GMT
server
Apache
vary
Accept-Encoding,Cookie
content-type
application/javascript
cache-control
max-age=3, must-revalidate, public, immutable
accept-ranges
bytes
expires
Wed, 23 Oct 2024 18:33:30 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
515fbfeb51a45e120dc53c8bfda86c38d3b8e7f3163ff22515437237ea3ea0f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 18:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 17:44:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 18:33:31 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/webp
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Nov 2023 18:18:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
907
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 03 Nov 2023 20:18:24 GMT
truncated
/ 		135 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae140ac69f33874a675edd87207c83e7128cdd1579b33e6cd6c73b37d099359f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		126 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93e5959b76001ab73f75a32755ec71d62aa1063a8bb9edf85a51af93f96ba6bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
587a2fe91cc75743413ea4c6c5830e6815eb78027cb36c5d72c1a58f558fce86

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		307 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e22625725b6e32988a4f589eb2efb906aae1154c431ad3287314ed0e169e49b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01f95ae0c6e7b6d49d8f5c04b21a34bc3f0aaade1cb2fed1cef300b29dd3dca6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		202 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
218f8091a417a8b7bce5c14052365016f5b9b053e8e8f4c726f6051963c77331

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d947f14e03b2312f4e5cb73acc8e421df93c89643ba63cdd9482d6af345a2d1e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		202 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
665d8870733c4f11fa5b24ea6fa014bd4073bcafb5c0c7d5727a6b3ef07c1da1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		580 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db3160a09cc4aa39298760b6ae84b9f7b098ddc249d2944c3c4251edaf986c8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		163 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea11bfd4421a63ead498dba7ddeef6c7fa0c1aa3fdfea4e4192faa8d55ae1ae5

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		186 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0b4214bcf5ce0bf367424fd48c912c21b0625c0193767db27b9417ad1badd9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43f7dc7668dbd7b36027a374242d6ba11eae14a2f8000e49e4726f9064a93a7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8a17c6ca4df0c10d6ad83b93b376d9654b1848dc3e4de1ccd4bbf9ae2b7e70f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		134 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
932751dd4ec653fa752b52880500a41ed3f8944a9dd6dcc1fadde5c24dad5b7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
www.winzily.com/wp-content/themes/Newspaper/images/icons/ 		33 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.winzily.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/wp-content/cache/autoptimize/css/autoptimize_3861ca6a956b41b1f0afd4d981e717c7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.winzily.com/wp-content/cache/autoptimize/css/autoptimize_3861ca6a956b41b1f0afd4d981e717c7.css
Origin
https://www.winzily.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Thu, 21 Sep 2023 17:33:06 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff
cache-control
max-age=5
accept-ranges
bytes
content-length
21389
expires
Fri, 03 Nov 2023 18:33:35 GMT
ec2e0535-3f80-4415-abf9-53f649a01aef
https://www.winzily.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.winzily.com/ec2e0535-3f80-4415-abf9-53f649a01aef
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
8181a61a66862f1c1d8f785a7a57d4c64a8b5d368f7daee9a694cc913309dd38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138447
x-xss-protection
0
server
cafe
etag
543973227738138766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 18:33:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame C3EF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.winzily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
7961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 16:20:51 GMT
etag
251720774729838433
expires
Fri, 17 Nov 2023 16:20:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
g.gif
pixel.wp.com/ 		50 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=105276078&post=59&tz=-4&srv=www.winzily.com&j=1%3A12.7.1&host=www.winzily.com&ref=&fcp=0&rand=0.2921926607289025
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 18:33:31 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
515fbfeb51a45e120dc53c8bfda86c38d3b8e7f3163ff22515437237ea3ea0f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 18:33:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 17:53:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 18:33:31 GMT
collect
www.google-analytics.com/j/ 		15 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=669960947&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winzily.com%2F&ul=en-us&de=UTF-8&dt=Winzily%3A%20Sweepstakes%202023%2C%20Rare%20Pieces%2C%20Code%20Words%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=726228882&gjid=626896468&cid=308175241.1699036411&tid=UA-72491923-1&_gid=1277118795.1699036411&_r=1&_slc=1&z=211720345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
b0e89b85e55518d66a127dc91c8f155ab24fd38649b197409046be1510022231
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.winzily.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.winzily.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
www.winzily.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.winzily.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Wed, 20 Sep 2023 13:24:09 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
5039
expires
Fri, 10 Nov 2023 18:33:30 GMT
winzily_logo-new.png.webp
www.winzily.com/wp-content/uploads/2020/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2020/10/winzily_logo-new.png.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
bbdb3a72f675cb83b6e99ca419c7adf88054e0fbc952dd8ec4d43fce5d275617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Fri, 14 Jan 2022 19:56:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
4233
expires
Fri, 03 Nov 2023 18:33:35 GMT
mcdonalds-monopoly-canada-rare-pieces-2023.webp
www.winzily.com/wp-content/uploads/2022/10/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2022/10/mcdonalds-monopoly-canada-rare-pieces-2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
6effa77e83f72356593b5b9453cdf14a6d3fbb4c4eda6d877f94142746d34be4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Fri, 29 Sep 2023 14:29:03 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
55511
expires
Fri, 03 Nov 2023 18:33:35 GMT
celebrity-wheel-of-fortune-giveaway-sept2023.jpg.webp
www.winzily.com/wp-content/uploads/2023/05/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/05/celebrity-wheel-of-fortune-giveaway-sept2023.jpg.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
dc76b5232da1ec1fbb78b6abd379b2ac1264def3179375ea41bc83d584b99281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Mon, 25 Sep 2023 01:45:32 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:35 GMT
tmz-high-roller-sweepstakes-palms.webp
www.winzily.com/wp-content/uploads/2021/10/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2021/10/tmz-high-roller-sweepstakes-palms.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
97b7d11dde9047e6fbfd16f5a4cb93f22e5beaddc2e15ed6b26b74155dd604fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Tue, 24 Oct 2023 02:00:44 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:35 GMT
wheel-of-fortune-bonus-puzzle-answer.png
www.winzily.com/wp-content/uploads/2017/05/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2017/05/wheel-of-fortune-bonus-puzzle-answer.png
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
f73311b32fd7d0aded39378bef48d023a906d61df43e5c90078353fecfcb68ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Tue, 17 Oct 2017 14:47:30 GMT
server
Apache
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
206629
expires
Fri, 10 Nov 2023 18:33:30 GMT
dave-ramsey-christmas-cash-giveaway-2023.webp
www.winzily.com/wp-content/uploads/2022/11/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2022/11/dave-ramsey-christmas-cash-giveaway-2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
5eb9abe439d9020b032652a5d177ed6fe8cf04d0f6b338b92f48bff514a4ec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Wed, 01 Nov 2023 13:32:13 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
47693
expires
Fri, 03 Nov 2023 18:33:35 GMT
big-bang-theory-sweepstakes-barbie-2023.webp
www.winzily.com/wp-content/uploads/2023/09/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/09/big-bang-theory-sweepstakes-barbie-2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
44e519a72c81a3c08856084410d1a0a186e95112490a6e6c36d52a2a6dc41469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Tue, 31 Oct 2023 14:39:56 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:35 GMT
disney-wish-dwts-giveaway-2023.webp
www.winzily.com/wp-content/uploads/2023/10/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/10/disney-wish-dwts-giveaway-2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
e908ed7c7bcd72f9cbf75a5a932d15ef6d6f637f913b307a7e12aa580f37288d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Wed, 18 Oct 2023 13:10:16 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:35 GMT
young-sheldon-sweepstakes-oct2023.webp
www.winzily.com/wp-content/uploads/2023/02/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/02/young-sheldon-sweepstakes-oct2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
e1cdc543ae03a331390c7564453cbed30ee4e252e60435e54d8f422cc6f1b09e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Mon, 09 Oct 2023 18:47:55 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
43494
expires
Fri, 03 Nov 2023 18:33:35 GMT
disney-wish-together-sweepstakes-2023.webp
www.winzily.com/wp-content/uploads/2023/10/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/10/disney-wish-together-sweepstakes-2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
bc3afe5fa8fb8cf80404ecc18fc94d955f134b86b38bc6c7d53e6fc551f5c910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:30 GMT
last-modified
Thu, 05 Oct 2023 01:45:05 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
44080
expires
Fri, 03 Nov 2023 18:33:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.winzily.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:36:37 GMT
x-content-type-options
nosniff
age
86215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:36:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.winzily.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:16:05 GMT
x-content-type-options
nosniff
age
87447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:16:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.winzily.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:16:15 GMT
x-content-type-options
nosniff
age
87437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:16:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.winzily.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:41:38 GMT
x-content-type-options
nosniff
age
85914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:41:38 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LCSNVNW2D7&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8ed7f3637712612728854f7c763eea7d34e643c11f247193bbeb76326a8ee83b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 18:33:32 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.winzily.com&callback=_gfp_s_&client=ca-pub-6899360315203369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
cb37394ff44c1d6e4d1bafb56df1ebfd443a6824b89a24a2d38e4e9d786deff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F50C 		319 KB
90 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6899360315203369&output=html&adk=1812271804&adf=3025194257&lmt=1699036248&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.winzily.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699036411325&bpp=5&bdt=439&idt=161&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4844064694194&frm=20&pv=2&ga_vid=308175241.1699036411&ga_sid=1699036412&ga_hid=669960947&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C44807047%2C44807334%2C44807454%2C31078297%2C31079424&oid=2&pvsid=2956234937058213&tmod=1689622738&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
2e3fe40f9b8eaa50e9e2ff9048b40d68de3a498fab0dd96f3bcbc9eaed3e83cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.winzily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
91921
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 18:33:33 GMT
expires
Fri, 03 Nov 2023 18:33:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
food-network-sink-your-teeth-10k-sweepstakes-2023.webp
www.winzily.com/wp-content/uploads/2023/10/ 		324 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/10/food-network-sink-your-teeth-10k-sweepstakes-2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
60524084b30596a2d4f4b731d003d82d983ea184beb64852b3f63680fb103afb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:31 GMT
last-modified
Wed, 04 Oct 2023 19:10:24 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:36 GMT
food-network-air-wick-scents-of-the-season-sweepstakes-2023.webp
www.winzily.com/wp-content/uploads/2023/10/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/10/food-network-air-wick-scents-of-the-season-sweepstakes-2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
807df58b5fdf05bb40682e9af7009e96488d9fec61f3bf8a7c4f79b352fb63fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:31 GMT
last-modified
Wed, 04 Oct 2023 19:03:36 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
24729
expires
Fri, 03 Nov 2023 18:33:36 GMT
fox-5-giveaway-code-word-oct2023.webp
www.winzily.com/wp-content/uploads/2023/09/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/09/fox-5-giveaway-code-word-oct2023.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
a9c8a5ff70d91a749fc2a1c540079aecb6749f41ecd898c37eef826aa198e435
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:31 GMT
last-modified
Mon, 02 Oct 2023 14:10:49 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
48830
expires
Fri, 03 Nov 2023 18:33:36 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LCSNVNW2D7&gtm=45je3b11v9107858135&_p=1699036411459&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=308175241.1699036411&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.winzily.com%2F&dt=Winzily%3A%20Sweepstakes%202023%2C%20Rare%20Pieces%2C%20Code%20Words%20%26%20More&sid=1699036412&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCSNVNW2D7&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.winzily.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
1ab86cb4e664413512bd469feb14f14043276af34575f6f678e6b5a8bb7c5c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12102
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js?bust=31079424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
15bc163132163d6d1c051c9ce268ac3d0e1e66f9fe1c8cb6f643e73ad0f71e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55820
x-xss-protection
0
server
cafe
etag
16206115030588563097
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 18:33:33 GMT
celebrity-wheel-of-fortune-giveaway-sept2023.jpg.webp
www.winzily.com/wp-content/uploads/2023/05/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2023/05/celebrity-wheel-of-fortune-giveaway-sept2023.jpg.webp
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/wp-content/cache/autoptimize/js/autoptimize_26fb554e64db746a10524830a4a50a1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
dc76b5232da1ec1fbb78b6abd379b2ac1264def3179375ea41bc83d584b99281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:32 GMT
last-modified
Mon, 25 Sep 2023 01:45:32 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:37 GMT
insp-com-gunsmoke-sweepstakes-secret-code.jpg.webp
www.winzily.com/wp-content/uploads/2021/05/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2021/05/insp-com-gunsmoke-sweepstakes-secret-code.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
fff45da559304f256213c21e3a521279ddb98a1a33121947c946ee147c58e5ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:32 GMT
last-modified
Fri, 14 Jan 2022 19:22:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:37 GMT
hgtv-luxe-for-less-2022-scaled.jpg.webp
www.winzily.com/wp-content/uploads/2022/11/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.winzily.com/wp-content/uploads/2022/11/hgtv-luxe-for-less-2022-scaled.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.215.129.109 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7151133.server757.com
Software
Apache /
Resource Hash
388c93479dbe61315f6b05d3648a303686f392b72ee3e7a212aab76fd8908e67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 03 Nov 2023 18:33:32 GMT
last-modified
Tue, 29 Nov 2022 17:43:44 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
37268
expires
Fri, 03 Nov 2023 18:33:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 9ECC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.winzily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
77848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 20:56:05 GMT
etag
251720774729838433
expires
Thu, 16 Nov 2023 20:56:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 22C0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.winzily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
77848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 20:56:05 GMT
etag
251720774729838433
expires
Thu, 16 Nov 2023 20:56:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 18:33:33 GMT
css2
fonts.googleapis.com/ Frame 9ECC 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 17:01:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 18:33:33 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ECC 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 05:49:06 GMT
x-content-type-options
nosniff
age
45867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 02 Nov 2024 05:49:06 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ECC 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 06:40:28 GMT
x-content-type-options
nosniff
age
561185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 27 Oct 2024 06:40:28 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 9ECC 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 23:08:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
69909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
server
cafe
etag
11986448221276412250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 23:08:24 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 9ECC 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:28:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
83111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8796
x-xss-protection
0
server
cafe
etag
1225823381704108053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:28:22 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CC6E 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGL-hrPkBMAE&v=APEucNWePp-8Pxt_rkHV4qibbGqp8a0LSgsxIcaweAnhvp30LxGYjahYMRp6_YbEfpu-GrxWw3hMkBk8GPejFIywvBBmVFpqkQ
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 18:33:33 GMT
expires
Fri, 03 Nov 2023 18:33:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 374F 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 05:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Nov 2023 05:10:47 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 374F 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:23:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
83413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:23:20 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 374F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:23:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
83413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:23:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 374F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
103918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 13:41:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 374F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
83634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:19:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 374F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
83577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 374F 		197 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
sffe /
Resource Hash
d7c05d8c6f495c524f49c9471a52522108aba2f62a4849b13756edad3c3511e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63354
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 18:33:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 374F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQLtlRvyao_KKvozbVnjfpZVPdHlpxWn0qhi9eve9NMVhAfy--eMwTE1qkLDmg-Vavrm1oOF1ldXmA2iOCwjkru-B0_TITLon4n0COgGjrfCDAZXo
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame AC2D 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 18:19:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 18:33:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame AC2D 		2 KB
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
83576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame AC2D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
83634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:19:39 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 59EC 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 17:48:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame AC2D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
83634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:19:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame AC2D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
83577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AC2D 		197 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
sffe /
Resource Hash
d7c05d8c6f495c524f49c9471a52522108aba2f62a4849b13756edad3c3511e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63354
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 18:33:33 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame AC2D 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f94.1e100.net
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 06:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 19:42:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Jan 2024 06:35:08 GMT
rum
dsum-sec.casalemedia.com/ Frame CC6E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1&C=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGL-hrPkBMAE&v=APEucNWePp-8Pxt_rkHV4qibbGqp8a0LSgsxIcaweAnhvp30LxGYjahYMRp6_YbEfpu-GrxWw3hMkBk8GPejFIywvBBmVFpqkQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rED49c1oHhJTAeGcMlhwvNizvSmcxEs%2BnDbQ4zabnmMWVGpFszYLuUs%2BHE06qJTKnLEE4YgaLgHBbpd%2BMGRYOMXGHaYyFNw0KbIjR1FiZMDIZOWvh%2FRYjVYKr5DGf7U3o7%2FAr27DfqW2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8206b4d1be887139-YUL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1G8a%2FH8YcA%2BYFTvtdCTt%2F0%2Fe4748vjMXIonR1K6RB4bV5C7CeECffoO%2BdpNdJV4L0XK91d%2BIQGmkkBfHTzSQIB6gqNkDzTZk9tX4IWy4JqBtNRBQ82abOCKOaysRAn%2Fo6PC7pXpNBcqTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1&C=1
cache-control
no-cache
cf-ray
8206b4d0ec9f7139-YUL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame CC6E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUU8-W9ZwLDCIHmWOWJk-wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGL-hrPkBMAE&v=APEucNWePp-8Pxt_rkHV4qibbGqp8a0LSgsxIcaweAnhvp30LxGYjahYMRp6_YbEfpu-GrxWw3hMkBk8GPejFIywvBBmVFpqkQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuPDgBUHqmebb7W3GDi4tLvUn6U62l7IjYhPMMkw09rmlPnpAtQ421HikyVmLkbiT%2BuPwtgPGZ%2B0sbldfurcYEpYMGeOvgkHBiImyGXLG09cc2tMc8eatxfZAWzOaBgLWoTDQgDAKMoSRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8206b4d26fa17139-YUL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKvJm7gld-PFcV7srJ7gXl4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame CC6E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENQj8SjE8gAsmW-dzCP_B94&google_cver=1
0
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENQj8SjE8gAsmW-dzCP_B94&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGL-hrPkBMAE&v=APEucNWePp-8Pxt_rkHV4qibbGqp8a0LSgsxIcaweAnhvp30LxGYjahYMRp6_YbEfpu-GrxWw3hMkBk8GPejFIywvBBmVFpqkQ
Protocol
H2
Server
68.67.160.76 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
an-x-request-uuid
5952f926-e196-4866-b7b3-86d2e2d12240
server
nginx/1.21.3
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.193.64.80; 185.193.64.80; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENQj8SjE8gAsmW-dzCP_B94&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC6E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzMDg4MzY1MzE1NzA5OTU4Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzMDg4MzY1MzE1NzA5OTU4Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL-7v_oDEIC9jf0DGL-hrPkBMAE&v=APEucNWePp-8Pxt_rkHV4qibbGqp8a0LSgsxIcaweAnhvp30LxGYjahYMRp6_YbEfpu-GrxWw3hMkBk8GPejFIywvBBmVFpqkQ
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:33 GMT
an-x-request-uuid
ec85c950-a54a-4cbf-9427-3aaf57033f7c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYzMDg4MzY1MzE1NzA5OTU4Nw%3D%3D
x-proxy-origin
185.193.64.80; 185.193.64.80; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 374F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68379b2d6a35091f61f5be2534be2fd524b5ace542dc3d1ab7d7d525e00d8c32

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 41F8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
103917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 13:41:36 GMT
expires
Fri, 01 Nov 2024 13:41:36 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8635 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.winzily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
211662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 07:45:51 GMT
expires
Thu, 31 Oct 2024 07:45:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FB27 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f104.1e100.net
Software
GSE /
Resource Hash
d20c6a81d2f8307c5e18e72f18e62f2c165849320eb98990ca88333f2d1d9f54
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UzFIwrArj1AFgZJvN7WmpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.winzily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UzFIwrArj1AFgZJvN7WmpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 18:33:33 GMT
expires
Fri, 03 Nov 2023 18:33:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 59EC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 18:33:35 GMT
expires
Fri, 03 Nov 2023 18:33:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 18:33:33 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
m.js
ctxtfl.com/scripts/js/ Frame 374F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=568716892&adv=12410607&buy=30716475&cid=204445191&pid=377336636&ok=ok
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.189.102 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.189.107.34.bc.googleusercontent.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
651f05e5f113dd061fb17cb4816f542ae9f204439f7742f11c71e5f3acc0ea2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:33 GMT
content-encoding
gzip
via
1.1 google
server
Apache/2.4.52 (Ubuntu)
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7529
index.html
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		102 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
274c198230d05dc62c11b75b2eef3077c0d583df8d1508851e32556f14193211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21295
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 14:23:28 GMT
expires
Sat, 02 Nov 2024 14:23:28 GMT
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 374F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYyTmRH7V7m1gGPYIlAeY1r4mj7zEWsi4BYgmepnMsfzxKvtYwE7CKFUJ3Yh7MYa6J6P0eOFgb1VCvSm_exsTuO7Th9SupniXj6n8B6hbRjn9iS31M9WoB5F9ywSCXies7dFROA7WGdUbzoFrN_5B1azjVkH4eTnclh3vUU0YjcQlLZJ55Y-I_VosmOPYl4x17mwaDMTZ39JUmhFwzpyzs_dgs-VMr4gvjYVkAGtS0r9RimV_CpdVdyRjQ8YepTtH-89jiwi6rfL8FcWheo8PEdzyb1eDP6_59FPUBWaAY_jGb_zbItq_7O6rsxSF5wU0Na6IJPf2XLoIEmAdHkxOM4HHyOVW45CLf5H1bCfuXV5IOWJSUuiYVrvqL9cG9f7edQRBZcULdyavuRMu0uud5Bbd1gdf97QPNkN7vnbJcDnCs_bOi8y_X1W-9DA_rhl8gzRvKCnDc3M-eonzRVh8F50nOUVp1HavLTaUGasaxWDKseVoP2GwT4QR39mhqgqZ5UeQTeELlZlIhZ5kgxjQRyQLyPh1dNmnkLuhImeOsoI8rcQxLIVDeYK1uWWdokIZxcKsE23kGYKfw_CI81vWUIOBj2wYpxUbHPDtKUSr3B1hI0Zw_F_mrYo4pEa0GtmkfAQBeNVLPh_R5bZ7zTDBCJIrHYxbbeqQZ7WB_xtZgTgiEe_TwUTmfZh8f0CMweSKaVYRSnJ-IfdBVGZO-3bE5a7qBC1zSk9yTjMEdnckX19kFyU8dXX7qbE15ZywsjcJODzf3jwPlBGsae7tBCGTzad1aKzS3zW7dfhA1aZhIpNKXJlkgQOE2ysgrRtZc5dwop-MLt8gqMA9hACEynZlIR0WfHM2O-StJs_5yq8HoVjrU5QRyC_bfLQdOTF_WySkbMA7U-sZThKhf811Uyhzzpmnwu5_ISQk1z8whQkXM_2chtAjRMh2Z6-CaLxLJrD2NAg9F0Np1aCeIYttz-qPgeVQEmPQY1LaUqv1dRWgLKVSqvl5wjMD0QSkzWs0eupqH0fAEd4a459J7aHBQob4zdcBGYlkBVI4CAJGm9NeJyMV4SCbgF3GZhG3EgOvTXMk9K9PDA06eHC3Q4qAwgrQ6FQyoSgNHgEHXiXBVDZZyL3oeuJ67BwyedAETskRp7onNmMwOy5VAhYxUZBwTtW9JEhUIuAPrqzsDTKbzfLDeFDYIAFjEBMYGs0WM6ZA_wtbtkcMrBgC798lebrpIcE6p4alcpLGGteXzJEtF4P-ODQd-emO3stZAzUm6AMLOYOBVm7KZzQQjvFYm5Dxtz8k&sai=AMfl-YQRSLOm86FZqdiyRNTKS3-IgTtzAEf0xlCxsfN58tESLZNofpA1mli0yQkqXH60AGQqH49A1tYnf9VFt-LRGFqXFBHaeDa1pMac2DkYV4jaWOmxLj_ptpcM3ht6YkHDthl9z2c1e_obLnrlvLTO_N8YAHw5QPkUbQSXn7dlbaaj_BmxXTX9CUkDQkCyrHK3RwyWltr0noI6wW26o8VQICey8I7xTsona7lpGZl3rxnzTXCgMK4qwyat97NSxqZDAAZ6D9t9TFYzjxddWHYR0gTHvByEyneV9zFskenP-aMmWDZ4FPe0MBVx4VJSBb0dClGPu1umesfJkS9LY-iAoRoGhbxxlf9ultWdTyBPla3ZNPMvpmTjfJ00b60PhqznsSGAsTcwBPrDkpfDRUI6oqfHKckoG970rttV4a4hSTo6aDqiSOPtL3E1vnfrPuZWpD1iqm6-Ctvm3rANHOm5xYvlZR0sgc7cGcWwtoRtzec5Dp2GPKmE_mik_Wv6Fw&sig=Cg0ArKJSzFhkAAsBkzrZEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=161&cisv=r20231101.16819&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 03 Nov 2023 18:33:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 41F8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 16:20:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
7961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 16:20:52 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 8635 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 16:20:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
7961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 16:20:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FB27 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=2956234937058213&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
cracq
ctxtfl.com// Frame 374F 		18 B
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com//cracq
Requested by
Host: ctxtfl.com
URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=568716892&adv=12410607&buy=30716475&cid=204445191&pid=377336636&ok=ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.189.102 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.189.107.34.bc.googleusercontent.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/octet-stream

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 18:33:33 GMT
via
1.1 google
server
Apache/2.4.52 (Ubuntu)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18
content-type
text/html
cracq
ctxtfl.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com//cracq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.189.102 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.189.107.34.bc.googleusercontent.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 03 Nov 2023 18:33:33 GMT
server
Apache/2.4.52 (Ubuntu)
via
1.1 google
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 9863 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 02:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Nov 2023 02:05:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJY3k_DxFZfjQA8GbhAa6pr-QBwAAAAA4AeAEAg&bg=!zs2lzYLNAAb4oU7C2KE7ADQBe5WfOBK__XHhpoMMCDUT9xe9ummCPf9Ti4Zw6JM2WzJECjRCQ8PMvgsoZbjshUYg_MbtAgAAAglSAAAABmgBBwoACdadsSY4u2Nak5kDVdwcjxV3eWPZ3MAWG4mySZlcw8ovE3vXgTCxAFniD3nD8kfpJVhzv4_yLQboT0fbikVmV4uqlLSqGp_WdIhYUlwkQ159j-5UPEoqnBeLrxUUbFaNqorbz_7RIfIxNHGCUG8WfgY2JS8q3HEngYAZLmX2E1TTOfVSKBpd9R0_nKyGFrnu7YPW41htw1gwzezju8_AhiGBUvVBciA3O4xZhHs1Gub9qQ_STXjkGQrHJKknSOB3Aft8TIkzsWKzYXehQQaJRBn-F1rcuZNcKXe1PeTQv9SiFy0r1pkAoPii1mUX-ky3rOPTtqcc1dDvEiA5DrvECXvj0HgPt2zyUu1VjVDKrk_GTiy6fxOfE5XiPFp-5lNJZ1YAsB31AKS-v0Y9eTOU86tH7e9mlV_9ELsJuAj7JMyjfh0W5Ul5IwXgvCULoA3kIqYpqcEXx_qmaj_ZqKTlLYi4bhVzCeRBP6DVLhbyqkGjyqiQK8P6xHJZ0y9zJ3DAUqeWdSIQdbBQWcypu1RtrWTjeLhlki6-RI4Q27z7TbWWKU4-0gBlfwiGxsQnUO1ZhpgltODwnC-Zo_i2YpsoefnecKGx7IARoXbJ5mcfNuAkQR0as2R0fg00Ryhqt-W7H5VWdNX9DqWzXzYA9EJQL_4g_beygtIRzNpdd0DU4G7An0CYjILPP2MEZQGvA2BUKI5HW8j-iS3kGW52zTv642laLGnt1tO9EnD8fP0sHkuknaPoaeSjo575-JN_gINTyzgp434QZgmHgzUVdJm0OaQfwBslr51s6_ZZhZ1Buwmyh0LPoEyyf_lKJQ_ka7FyMXsaR2P3vlvAZgwRA_UWukRrThuaqcV4XYQic7yjKfi4oBbolJ6TlIgcAi8P5PXsBaXyDfb1fmV3wpCjJdL1J35WrDAvLFPsWCdnOHjKfcoakyWuPnxrjDV-a3pUZP4f8NMk-eKHqC5gxbxo_tESwXQgBXO_7F61_I4MDCjdKiQcNOHvX0VyAEF1P9A9Vw6wHwG_7yPJRDJjqmg6XoGuO8jOmlsJZ9mVJR2HRyC2mmYuKzRBwZYBS9xmH-32RH6wfpEWX2-3dD7eQ_Yau6N8bkjMvAUFQPZTO-4pGYFjKhCUWwYooN2a7PykDiPM6vmt-Xo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 374F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYyTmRH7V7m1gGPYIlAeY1r4mj7zEWsi4BYgmepnMsfzxKvtYwE7CKFUJ3Yh7MYa6J6P0eOFgb1VCvSm_exsTuO7Th9SupniXj6n8B6hbRjn9iS31M9WoB5F9ywSCXies7dFROA7WGdUbzoFrN_5B1azjVkH4eTnclh3vUU0YjcQlLZJ55Y-I_VosmOPYl4x17mwaDMTZ39JUmhFwzpyzs_dgs-VMr4gvjYVkAGtS0r9RimV_CpdVdyRjQ8YepTtH-89jiwi6rfL8FcWheo8PEdzyb1eDP6_59FPUBWaAY_jGb_zbItq_7O6rsxSF5wU0Na6IJPf2XLoIEmAdHkxOM4HHyOVW45CLf5H1bCfuXV5IOWJSUuiYVrvqL9cG9f7edQRBZcULdyavuRMu0uud5Bbd1gdf97QPNkN7vnbJcDnCs_bOi8y_X1W-9DA_rhl8gzRvKCnDc3M-eonzRVh8F50nOUVp1HavLTaUGasaxWDKseVoP2GwT4QR39mhqgqZ5UeQTeELlZlIhZ5kgxjQRyQLyPh1dNmnkLuhImeOsoI8rcQxLIVDeYK1uWWdokIZxcKsE23kGYKfw_CI81vWUIOBj2wYpxUbHPDtKUSr3B1hI0Zw_F_mrYo4pEa0GtmkfAQBeNVLPh_R5bZ7zTDBCJIrHYxbbeqQZ7WB_xtZgTgiEe_TwUTmfZh8f0CMweSKaVYRSnJ-IfdBVGZO-3bE5a7qBC1zSk9yTjMEdnckX19kFyU8dXX7qbE15ZywsjcJODzf3jwPlBGsae7tBCGTzad1aKzS3zW7dfhA1aZhIpNKXJlkgQOE2ysgrRtZc5dwop-MLt8gqMA9hACEynZlIR0WfHM2O-StJs_5yq8HoVjrU5QRyC_bfLQdOTF_WySkbMA7U-sZThKhf811Uyhzzpmnwu5_ISQk1z8whQkXM_2chtAjRMh2Z6-CaLxLJrD2NAg9F0Np1aCeIYttz-qPgeVQEmPQY1LaUqv1dRWgLKVSqvl5wjMD0QSkzWs0eupqH0fAEd4a459J7aHBQob4zdcBGYlkBVI4CAJGm9NeJyMV4SCbgF3GZhG3EgOvTXMk9K9PDA06eHC3Q4qAwgrQ6FQyoSgNHgEHXiXBVDZZyL3oeuJ67BwyedAETskRp7onNmMwOy5VAhYxUZBwTtW9JEhUIuAPrqzsDTKbzfLDeFDYIAFjEBMYGs0WM6ZA_wtbtkcMrBgC798lebrpIcE6p4alcpLGGteXzJEtF4P-ODQd-emO3stZAzUm6AMLOYOBVm7KZzQQjvFYm5Dxtz8k&sai=AMfl-YQRSLOm86FZqdiyRNTKS3-IgTtzAEf0xlCxsfN58tESLZNofpA1mli0yQkqXH60AGQqH49A1tYnf9VFt-LRGFqXFBHaeDa1pMac2DkYV4jaWOmxLj_ptpcM3ht6YkHDthl9z2c1e_obLnrlvLTO_N8YAHw5QPkUbQSXn7dlbaaj_BmxXTX9CUkDQkCyrHK3RwyWltr0noI6wW26o8VQICey8I7xTsona7lpGZl3rxnzTXCgMK4qwyat97NSxqZDAAZ6D9t9TFYzjxddWHYR0gTHvByEyneV9zFskenP-aMmWDZ4FPe0MBVx4VJSBb0dClGPu1umesfJkS9LY-iAoRoGhbxxlf9ultWdTyBPla3ZNPMvpmTjfJ00b60PhqznsSGAsTcwBPrDkpfDRUI6oqfHKckoG970rttV4a4hSTo6aDqiSOPtL3E1vnfrPuZWpD1iqm6-Ctvm3rANHOm5xYvlZR0sgc7cGcWwtoRtzec5Dp2GPKmE_mik_Wv6Fw&sig=Cg0ArKJSzFhkAAsBkzrZEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=862&vt=11&dtpt=697&dett=3&cstd=161&cisv=r20231101.16819&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
textf3_728x90_EN.svg
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/textf3_728x90_EN.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
4bc7f2d9861e7d915a3285b5cb5502efa647ca7390813d366f949f4b23442f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134914
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2714
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Nov 2024 05:05:00 GMT
prodf3_728x90_EN.png
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/prodf3_728x90_EN.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
92dc5b22bd820559a0bd382da976febad1c2ceaf23cb8e285fbbeedd28c61b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5911
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
prixf3_728x90_EN.svg
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/prixf3_728x90_EN.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
2f29a46efe1dc174efb3f4ff5685073669dcdd10f4717611015303615b9e8b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1278
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
textf2_728x90_EN.svg
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/textf2_728x90_EN.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
dded9b4850cf80a744b3a3bdf102bbf32b94d9e28a1ae231e0b12d88c9de4196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2566
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
prodf2_728x90_EN.png
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/prodf2_728x90_EN.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
a64e074fdfa5c3d7674c2c07bbf07ec93dacc545ab258f5629114e76807d5170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6291
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
prixf2_728x90_EN.svg
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/prixf2_728x90_EN.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
01037cdfec2d64c86cea9e7e5b84dd9967503e3ecae947dd9ffd86d87613737b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1204
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
textf1_728x90_EN.svg
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/textf1_728x90_EN.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
9c6b5f3c3233570b4eb8b64d849a2654d861e45524b0d8c39de1186342af7926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2359
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
prodf1_728x90_EN.png
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/prodf1_728x90_EN.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
bb7282be2c6c89fb81414ef9e8756b6db25ad01ec960dc88ce91617382ccf6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7143
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
prixf1_728x90_EN.svg
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/prixf1_728x90_EN.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
2b5945b7a9d225621c8da330878e65498f13a7f6e246fbaefe38c7057da7a016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1398
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
legalf1_728x90_EN.svg
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		12 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/legalf1_728x90_EN.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
ce12255997115e22e0401a70dc255c6df54fff233782f981c4520dd1dfcfd1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2332
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
fondf1_728x90_EN_5.png
s0.2mdn.net/sadbundle/9637652650709513390/ Frame 9863 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9637652650709513390/fondf1_728x90_EN_5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
969258a43f55fee210c3ce2a91f1b284d71a49c3c92a087de841c524249bb931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9637652650709513390/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:23:28 GMT
x-content-type-options
nosniff
age
15006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9710
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 13:23:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Nov 2024 14:23:28 GMT
generate_204
tpc.googlesyndication.com/ Frame 8635 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Lt_p5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:33:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=2956234937058213&bg=!NDelN3jNAAb4oU7C2KE7ADQBe5WfONvbPqnbb1jH4JMJiJyzjFj33cEzAX2qxRKs1WSpzolT-Zx0E_WZBQ3ChGQeTdRLAgAAAJVSAAAACGgBB5kC-4NlJTjLG5KTT68ApeFpkK8IJMOus-qRZ7IE2Vps_2pHOVHz6QtDgAIF8Nm81fvmpeEts-qrTG1zwJvTh_tTJ66bejBgU2SrD1RiYRaDF3V-oUMOYynRcL-H7MIM_qVRW2hbfUtjfrZjrsu-9GTjqAynSfKLwU78gesMpENz-TA92k-SAXyygcxbwVD6xFjInHar-puRgHC2_Uwsqv3GPR5k0wjoNpNH1o5z5A8lf4wWcNl-NjeRRAthY_PJUpU0oTkDeW_9DS291KPrHYSIA1ozo4rbv4-aLplExoYRJiIRdetZFL3VSME81JYpep-CBiTbgHzRrqFNPNHznjrSaXde8c6Rb9jYWmjn8uqMRGlpPnzCqMk1upupZqFk-VR7S6ymA2CQPbI1g0JkviiTJZNVi0TcNkJgvp8m8kZnldgostak1b1FURV1QGYqw18f827uujRcutV_7CZDaxFCO_hpIZ3jXKJXJKWomMbtHTA1cVALvbQyNj36zjAqWRXWmgriE_pRey8kr3M4CoMF-xohhqPoZhFot6cFrHSgGscENQMU-Te08D6KzPbiPAyDRx1aIohanUj9FEiqnhxeWWETcXogs3huKoRYqHzkXzY3bw9M3b-xSgqVIEXnTQJOr4XPSMDKSIi-WaoV2eNBsUa0WKXDiTSjELQEZ_CXFzXthXUNYDSMSkMGM4sSRjpF8jbY1q9j2XVVri88GQhTvZhVCtKieUKmWzC871aIfAy_y0cHDUK_4FjBrWjwFdnoPD9z1_XeqZoPVgZWhwAR7wUP5re7Lx5FETvPp9QBgIdQyvqvrhNlXOVOSwGfrhI4g8MJwLZP1s9EEZ5QFyhtULpL_fG9I1rp4azR61IDtDCHJzlugupBSc2dui3Wxz9FRtp5NF6ydtzVjvHu-tCqnC_dTzqDANFx9mcyxxQlI2e_f15Q50mExCix2fgeDFq-dj0dEw5L7DTb3F8nugObVj4v_GvGSLFGU8-gCExB65rDyfP9Z7ZwaSacJ24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.winzily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 374F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssx6IEQiKnx4iac2AB5vWQ4_AEUvDhsT6ov5n45PppwPSP8FnLHXU2mUNoLxnqZWGquXRdEyZuFa_P9uLIXoUw1FFgXEXrRUevGCbZdgzw8Y4v75cymLKGpajGreuCdTpY70yVBPQVRKA&sai=AMfl-YT8y6q0MQHOcBqfJRXLQyoBb3r5yFgYkNGp3qjYcdeYm6O1PVc5uCuTLhOjl60L91mUjgr2W3xewmExW7j6iRNcBNvv0mnkVtAtZoL5TlPMKagU8L4ryEsYaR2hO_vYgE_UXj7PI9_tbSdJxOVdcw&sig=Cg0ArKJSzI9HvOcYv2PdEAE&cid=CAQSTwDICaaNFAPUzKtoWXUJgzs7RAgoEXP5uJqTrixzQcTArVGqA6TZSzk2zyL3Rj0EO_7ybZk4Y6VvTFeO2IPSt6B_UX2jgOiN5DxPlAiuGOgYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=875,1000,1000,1000,1000&tos=875,125,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699036413444&rpt=797&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
pagead2.googlesyndication.com/bg/ Frame DBAF 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Requested by
Host: www.winzily.com
URL: https://www.winzily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
sffe /
Resource Hash
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:24:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
169775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19628
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:24:00 GMT

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture boolean| ewww_webp_supported function| check_webp_feature object| Arrive function| ewwwLoadImages function| ewwwWebPInit function| ewwwAttr function| ewwwJSONParserInit function| ewwwWooParseVariations function| ewwwNggParseGalleries function| ewwwNggLoadGalleries function| ewwwNggParseImageList object| _wpemojiSettings object| tdb_globals object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_ad_background_click_link string| td_ad_background_click_target string| GoogleAnalyticsObject function| ga object| block_tdi_5 object| block_tdi_8 object| block_tdi_13 object| eio_lazy_vars object| pp_ajax_form object| _stq object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| st_go function| linktracker_init object| wpcom string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| tdbAutoload object| $jscomp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdPopupModal object| tdReadingProgressBar object| tdTabbedContent object| tdConfirm undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdbLocationFinder object| tdbLocationDisplay object| tdbFormTaxonomies object| tdbFormFileUpload object| tdbPostsList object| tdbModal object| tdbFilters object| tdbFiltersLoop object| tdbFiltersList object| tdbFiltersDropdown object| tdbReviewsList object| tdbCustomForms object| tdbTOC undefined| $ function| jQuery function| flatpickr object| lazySizesConfig object| lazySizes function| ppFormRecaptchaLoadCallback object| ppressCheckoutForm function| _ function| Hammer function| $f function| onYouTubeIframeAPIReady object| addComment object| tdcPostSettings function| tdbGetMobileTemplates object| dataLayer function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| google_tag_manager object| google_llp object| GoogleGcLKhOms object| googletag object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

12 Cookies

Domain/Path Name / Value
.winzily.com/ Name: _ga
Value: GA1.2.308175241.1699036411
.winzily.com/ Name: _gid
Value: GA1.2.1277118795.1699036411
.winzily.com/ Name: _gat
Value: 1
.winzily.com/ Name: _ga_LCSNVNW2D7
Value: GS1.2.1699036412.1.0.1699036412.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUnYR-IFUVeH9ZEYKAVMI1aMYbPL2ayRO9ys0LAKMpq7u4Hnep4VbSHOJ4ZU
.winzily.com/ Name: __gads
Value: ID=dc6657f31f3e9d5c:T=1699036412:RT=1699036412:S=ALNI_MaDER3JHCuEd533DPpIiPTObEvMiw
.winzily.com/ Name: __gpi
Value: UID=00000d9f586a4b52:T=1699036412:RT=1699036412:S=ALNI_MYZmmMOJSHsde4r7WMj-giY9BXpDg
.adnxs.com/ Name: uuid2
Value: 7630883653157099587
.casalemedia.com/ Name: CMID
Value: ZUU8-W9ZwLDCIHmWOWJk-wAA
.casalemedia.com/ Name: CMPS
Value: 1372
.casalemedia.com/ Name: CMPRO
Value: 1372
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
javascript warning URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020Tsb95W9PdgIrK1GED5D&cb=568716892&adv=12410607&buy=30716475&cid=204445191&pid=377336636&ok=ok(Line 33)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
ctxtfl.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
s0.2mdn.net
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.winzily.com
142.250.31.155
142.251.16.104
142.251.16.148
142.251.16.156
142.251.167.154
142.251.167.94
162.215.129.109
172.253.115.155
172.253.115.94
172.253.115.97
172.253.122.102
172.253.62.132
172.253.62.154
172.253.62.95
172.64.151.101
192.0.76.3
34.107.189.102
68.67.160.76
01037cdfec2d64c86cea9e7e5b84dd9967503e3ecae947dd9ffd86d87613737b
01f95ae0c6e7b6d49d8f5c04b21a34bc3f0aaade1cb2fed1cef300b29dd3dca6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
13ffc04f0c99df692f89c29ca37cce97ad8d4bde0d34843efbb456a07e5a9ae1
15bc163132163d6d1c051c9ce268ac3d0e1e66f9fe1c8cb6f643e73ad0f71e69
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ab86cb4e664413512bd469feb14f14043276af34575f6f678e6b5a8bb7c5c2e
1cb575409c54b62366f3e8f257da2cd6bf6469641710c88f5f9f8d87e77cf3b1
1e22625725b6e32988a4f589eb2efb906aae1154c431ad3287314ed0e169e49b
218f8091a417a8b7bce5c14052365016f5b9b053e8e8f4c726f6051963c77331
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e
274c198230d05dc62c11b75b2eef3077c0d583df8d1508851e32556f14193211
2b5945b7a9d225621c8da330878e65498f13a7f6e246fbaefe38c7057da7a016
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e3fe40f9b8eaa50e9e2ff9048b40d68de3a498fab0dd96f3bcbc9eaed3e83cd
2f29a46efe1dc174efb3f4ff5685073669dcdd10f4717611015303615b9e8b0f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
388c93479dbe61315f6b05d3648a303686f392b72ee3e7a212aab76fd8908e67
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f7dc7668dbd7b36027a374242d6ba11eae14a2f8000e49e4726f9064a93a7a
44e519a72c81a3c08856084410d1a0a186e95112490a6e6c36d52a2a6dc41469
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4bc7f2d9861e7d915a3285b5cb5502efa647ca7390813d366f949f4b23442f25
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
515fbfeb51a45e120dc53c8bfda86c38d3b8e7f3163ff22515437237ea3ea0f3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587a2fe91cc75743413ea4c6c5830e6815eb78027cb36c5d72c1a58f558fce86
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eb9abe439d9020b032652a5d177ed6fe8cf04d0f6b338b92f48bff514a4ec87
60524084b30596a2d4f4b731d003d82d983ea184beb64852b3f63680fb103afb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
651f05e5f113dd061fb17cb4816f542ae9f204439f7742f11c71e5f3acc0ea2c
665d8870733c4f11fa5b24ea6fa014bd4073bcafb5c0c7d5727a6b3ef07c1da1
68379b2d6a35091f61f5be2534be2fd524b5ace542dc3d1ab7d7d525e00d8c32
6effa77e83f72356593b5b9453cdf14a6d3fbb4c4eda6d877f94142746d34be4
762a2cc98552b4e7ed581d8075f04a50344bf4a066ff1b1ee5300a813419c9a5
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
807df58b5fdf05bb40682e9af7009e96488d9fec61f3bf8a7c4f79b352fb63fa
8181a61a66862f1c1d8f785a7a57d4c64a8b5d368f7daee9a694cc913309dd38
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
8ed7f3637712612728854f7c763eea7d34e643c11f247193bbeb76326a8ee83b
913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969
92dc5b22bd820559a0bd382da976febad1c2ceaf23cb8e285fbbeedd28c61b79
932751dd4ec653fa752b52880500a41ed3f8944a9dd6dcc1fadde5c24dad5b7c
93e5959b76001ab73f75a32755ec71d62aa1063a8bb9edf85a51af93f96ba6bc
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
969258a43f55fee210c3ce2a91f1b284d71a49c3c92a087de841c524249bb931
97b7d11dde9047e6fbfd16f5a4cb93f22e5beaddc2e15ed6b26b74155dd604fd
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c6b5f3c3233570b4eb8b64d849a2654d861e45524b0d8c39de1186342af7926
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a64e074fdfa5c3d7674c2c07bbf07ec93dacc545ab258f5629114e76807d5170
a8a17c6ca4df0c10d6ad83b93b376d9654b1848dc3e4de1ccd4bbf9ae2b7e70f
a9c8a5ff70d91a749fc2a1c540079aecb6749f41ecd898c37eef826aa198e435
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab5373d0849a0826a32a01a08447d360f898815708da85ffe48b237dce93f246
ae140ac69f33874a675edd87207c83e7128cdd1579b33e6cd6c73b37d099359f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e89b85e55518d66a127dc91c8f155ab24fd38649b197409046be1510022231
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb7282be2c6c89fb81414ef9e8756b6db25ad01ec960dc88ce91617382ccf6b0
bbdb3a72f675cb83b6e99ca419c7adf88054e0fbc952dd8ec4d43fce5d275617
bc3afe5fa8fb8cf80404ecc18fc94d955f134b86b38bc6c7d53e6fc551f5c910
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb37394ff44c1d6e4d1bafb56df1ebfd443a6824b89a24a2d38e4e9d786deff5
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
ce12255997115e22e0401a70dc255c6df54fff233782f981c4520dd1dfcfd1cd
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d20c6a81d2f8307c5e18e72f18e62f2c165849320eb98990ca88333f2d1d9f54
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d7c05d8c6f495c524f49c9471a52522108aba2f62a4849b13756edad3c3511e2
d947f14e03b2312f4e5cb73acc8e421df93c89643ba63cdd9482d6af345a2d1e
db3160a09cc4aa39298760b6ae84b9f7b098ddc249d2944c3c4251edaf986c8f
dc76b5232da1ec1fbb78b6abd379b2ac1264def3179375ea41bc83d584b99281
dded9b4850cf80a744b3a3bdf102bbf32b94d9e28a1ae231e0b12d88c9de4196
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e1cdc543ae03a331390c7564453cbed30ee4e252e60435e54d8f422cc6f1b09e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e908ed7c7bcd72f9cbf75a5a932d15ef6d6f637f913b307a7e12aa580f37288d
ea11bfd4421a63ead498dba7ddeef6c7fa0c1aa3fdfea4e4192faa8d55ae1ae5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b4214bcf5ce0bf367424fd48c912c21b0625c0193767db27b9417ad1badd9c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f73311b32fd7d0aded39378bef48d023a906d61df43e5c90078353fecfcb68ee
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fff45da559304f256213c21e3a521279ddb98a1a33121947c946ee147c58e5ab