urlscan.io logo urlscan.io
SecurityTrails logo

writeoncon.com Open in urlscan Pro
144.217.107.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://writeoncon.com/coloring-pages/fairy_91/
Effective URL: https://writeoncon.com/coloring-pages/fairy_91/
Submission: On May 24 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 45 HTTP transactions. The main IP is 144.217.107.59, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is writeoncon.com.
TLS certificate: Issued by R3 on April 27th 2024. Valid for: 3 months.
This is the only time writeoncon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    144.217.107.59 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ip59.ip-144-217-107.net
writeoncon.com
6    209.85.144.156 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f156.1e100.net
pagead2.googlesyndication.com
1    142.251.174.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f97.1e100.net
www.googletagmanager.com
1    209.85.144.138 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f138.1e100.net
www.google-analytics.com
8    173.194.66.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f157.1e100.net
googleads.g.doubleclick.net
13    173.194.68.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f100.1e100.net
fundingchoicesmessages.google.com
2    74.125.130.120 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f120.1e100.net
csi.gstatic.com
2    209.85.144.132 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f132.1e100.net
tpc.googlesyndication.com
1    209.85.144.104 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f104.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
www.google.com — Cisco Umbrella Rank: 2
73 KB
10 writeoncon.com
writeoncon.com
277 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
305 KB
2 gstatic.com
csi.gstatic.com
279 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
253 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
45 7
Domain Requested by
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 writeoncon.com writeoncon.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 pagead2.googlesyndication.com writeoncon.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 csi.gstatic.com pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com writeoncon.com
45 9

This site contains no links.

Subject Issuer Validity Valid
writeoncon.com
R3		 2024-04-27 -
2024-07-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://writeoncon.com/coloring-pages/fairy_91/
Frame ID: E925A600D411DB57CF211DE062FA81A8
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Frame ID: 05FA072F9FC95C8207291824F446A3B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4477019423066143&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716585443&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585442636&bpp=14&bdt=298&idt=707&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4663545091641&rume=1&frm=20&pv=2&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=735
Frame ID: 99E4F036F10C6A4B32F9A5AAD2152DC4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4477019423066143&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.1933427550~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1716585443&rafmt=1&to=qs&pwprc=7777845978&format=1200x280&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585442650&bpp=2&bdt=311&idt=736&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=4663545091641&rume=1&frm=20&pv=1&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=94&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=744
Frame ID: 13E1C15C5EA9E1BF95B9D42862248A12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-4477019423066143&output=html&h=280&adk=1302064979&adf=3801302499&pi=t.aa~a.1103655144~i.6~rp.4&w=840&abgtt=6&fwrn=4&fwrnh=100&lmt=1716585444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7777845978&ad_type=text_image&format=840x280&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&fwr=0&pra=3&rh=200&rw=840&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585444291&bpp=1&bdt=1952&idt=-M&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26c26b70f71d2c69%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Mb11ttxpGvu7IDgVQY7hH6JMwTgkQ&gpic=UID%3D00000e2d540ba98e%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Ma-uElVmfuyVJoG1sExStKKeF8pqw&eo_id_str=ID%3D0747a95f76ae4bf6%3AT%3D1716585443%3ART%3D1716585443%3AS%3DAA-AfjZvdAzt4A2bSUQJrBgZSPfp&prev_fmts=0x0%2C1200x280&nras=3&correlator=4663545091641&rume=1&frm=20&pv=1&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fc=1408&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=126
Frame ID: 46155F4B9581FFD4C8C9003E45DE006B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-4477019423066143&output=html&h=280&adk=1302064979&adf=318991344&pi=t.aa~a.1103655144~i.8~rp.4&w=840&abgtt=6&fwrn=4&fwrnh=100&lmt=1716585444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7777845978&ad_type=text_image&format=840x280&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&fwr=0&pra=3&rh=200&rw=840&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585444291&bpp=1&bdt=1953&idt=-M&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26c26b70f71d2c69%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Mb11ttxpGvu7IDgVQY7hH6JMwTgkQ&gpic=UID%3D00000e2d540ba98e%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Ma-uElVmfuyVJoG1sExStKKeF8pqw&eo_id_str=ID%3D0747a95f76ae4bf6%3AT%3D1716585443%3ART%3D1716585443%3AS%3DAA-AfjZvdAzt4A2bSUQJrBgZSPfp&prev_fmts=0x0%2C1200x280%2C840x280&nras=4&correlator=4663545091641&rume=1&frm=20&pv=1&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fc=1408&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=129
Frame ID: 192DBCB69DCB7E4DA19B43FD4F448F28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Frame ID: BB67F21738747AC8D93B9D0CCD16B011
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Frame ID: F1FB52BF6FB09783AD9F506363C2BDE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Frame ID: 2C965AD700905A04BEB37B151AB5C626
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A8402325C8E0280A154320B1C439788
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0087B0CACD9EEEF2B9596A9D66429E9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Printable Fairy Coloring Pages, Sheets and Pictures for Adults and Kids, Girls and Boys - WriteOnCon.com

Page URL History Show full URLs

  1. http://writeoncon.com/coloring-pages/fairy_91/ HTTP 307
    https://writeoncon.com/coloring-pages/fairy_91/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

756 kB
Transfer

1651 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://writeoncon.com/coloring-pages/fairy_91/ HTTP 307
    https://writeoncon.com/coloring-pages/fairy_91/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
writeoncon.com/coloring-pages/fairy_91/
Redirect Chain
  • http://writeoncon.com/coloring-pages/fairy_91/
  • https://writeoncon.com/coloring-pages/fairy_91/
53 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache / PHP/5.4.45
Resource Hash
8378cf05cc7a8e9cf58f965664ff8790b4619cd9a171be433953b9ebe1bd9ec4

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-type
text/html
date
Fri, 24 May 2024 21:17:22 GMT
server
Apache
x-powered-by
PHP/5.4.45

Redirect headers

Location
https://writeoncon.com/coloring-pages/fairy_91/
Non-Authoritative-Reason
HttpsUpgrades
main.css
writeoncon.com/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://writeoncon.com/css/main.css
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
e0250429e17e0a41d9c6f163c4d28272588e91f82aa9929109516eb8d5834b7e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Tue, 07 May 2024 11:19:48 GMT
server
Apache
accept-ranges
bytes
content-length
5376
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4477019423066143
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
68443635d6bc530b2f9f0b115eb749aa49e7a29fd7e8329eebc2689615b56825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Origin
https://writeoncon.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51294
x-xss-protection
0
server
cafe
etag
5962375728665178383
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 24 May 2024 21:17:22 GMT
js
www.googletagmanager.com/gtag/ 		302 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RS8YFCG4B7
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f4941b213ad13917f1e6acdd4d0d983be8699c6260685c1e6b9c2bce007e95a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102489
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 May 2024 21:17:22 GMT
logo.png
writeoncon.com/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writeoncon.com/img/logo.png
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
c89a5a875d476450e9e1c2da2a16d3df17d4ae5f8b1b94809471bb483ff76658

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Fri, 10 Nov 2023 10:13:16 GMT
server
Apache
accept-ranges
bytes
content-length
7695
content-type
image/png
420_preview.png
writeoncon.com/img/pages/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writeoncon.com/img/pages/420_preview.png
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
9bc49b624e69c0b9ae1506a0534db684bf985b431fecd8e4b3cfd5097cdb6858

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Thu, 07 Dec 2023 14:38:18 GMT
server
Apache
accept-ranges
bytes
content-length
37169
content-type
image/png
423_preview.png
writeoncon.com/img/pages/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writeoncon.com/img/pages/423_preview.png
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
7935567eb11d81026019f50e7cbcdb44b2c49234f9abafa6a5a8005c2f2fbf85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Thu, 07 Dec 2023 14:39:19 GMT
server
Apache
accept-ranges
bytes
content-length
17208
content-type
image/png
422_preview.png
writeoncon.com/img/pages/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writeoncon.com/img/pages/422_preview.png
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
25b3da77e65904be1aa30ea1427cd469f517ba0e71c34420afe0eb40a584ca46

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Thu, 07 Dec 2023 14:38:58 GMT
server
Apache
accept-ranges
bytes
content-length
22221
content-type
image/png
421_preview.png
writeoncon.com/img/pages/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writeoncon.com/img/pages/421_preview.png
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
05535d35559991c199e69c68d599b978510a96015e441a81499604be0d7b1061

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Thu, 07 Dec 2023 14:38:39 GMT
server
Apache
accept-ranges
bytes
content-length
27336
content-type
image/png
424_preview.png
writeoncon.com/img/pages/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writeoncon.com/img/pages/424_preview.png
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
97e119fe1d7ddb3047968e5515832c0c7840bf567fba32702f0597f049c0462e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Thu, 07 Dec 2023 14:39:39 GMT
server
Apache
accept-ranges
bytes
content-length
34545
content-type
image/png
601_preview.png
writeoncon.com/img/pages/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writeoncon.com/img/pages/601_preview.png
Requested by
Host: writeoncon.com
URL: https://writeoncon.com/coloring-pages/fairy_91/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
1c2277f441e3ca06d0e7e5d4625e1f97cc1f66a58f11bdf66f7fb9c99431c516

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:22 GMT
last-modified
Thu, 14 Dec 2023 13:04:47 GMT
server
Apache
accept-ranges
bytes
content-length
15889
content-type
image/png
collect
www.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RS8YFCG4B7&gtm=45je45m0v9170940209za200&_p=1716585442373&gcd=13l3l3l3l1&npa=0&dma=0&cid=1473204420.1716585443&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716585442&sct=1&seg=0&dl=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&dt=Free%20Printable%20Fairy%20Coloring%20Pages%2C%20Sheets%20and%20Pictures%20for%20Adults%20and%20Kids%2C%20Girls%20and%20Boys%20-%20WriteOnCon.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=438
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RS8YFCG4B7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.138 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 24 May 2024 21:17:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://writeoncon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/ 		416 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4477019423066143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
51e745c8f0b2781ff74ba91f61dc396eb86e36f25063097b13e53f93fe9fd680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143798
x-xss-protection
0
server
cafe
etag
16862239837202185339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 May 2024 21:17:23 GMT
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240522/r20110914/ 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240522/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
667bbd5e78096c3d4ffdc7b30035694d84cd4970197173625169e8e6ffbe0ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 10:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
39151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23128
x-xss-protection
0
server
cafe
etag
15003321015969128323
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Jun 2024 10:24:52 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/ Frame 05FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
7491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 19:12:32 GMT
etag
11731753506229902092
expires
Fri, 07 Jun 2024 19:12:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 99E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4477019423066143&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1716585443&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585442636&bpp=14&bdt=298&idt=707&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4663545091641&rume=1&frm=20&pv=2&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=735
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
75138
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 21:17:24 GMT
expires
Fri, 24 May 2024 21:17:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 13E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4477019423066143&output=html&h=280&adk=3088186576&adf=2913177901&pi=t.aa~a.1933427550~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1716585443&rafmt=1&to=qs&pwprc=7777845978&format=1200x280&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585442650&bpp=2&bdt=311&idt=736&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=4663545091641&rume=1&frm=20&pv=1&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=94&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=744
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
409
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 21:17:23 GMT
expires
Fri, 24 May 2024 21:17:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
65a8e48b2c8da02bc1476f907ff0196d3dfca66ebdb59eed124a40f14109a91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57756
x-xss-protection
0
server
cafe
etag
10208815912719291998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 May 2024 21:17:24 GMT
ca-pub-4477019423066143
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4477019423066143?href=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
d339d5083adc0d4eec24c76419e5ebc34ade6ce31773b8bd0abaaddf484637a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xLMStsaMoK4-3nPUI_EocQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-xLMStsaMoK4-3nPUI_EocQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw1JBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIV4OJ60H9nEJvBh1pJ-RiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA1MjYz0Ds_gCAwDSKzai"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWopDu92PurGWIEi7WPy2QtGjAx9goBOmuWP3dbdJggQ8ITTj8nvtNu_ZZ-yB1OqDac1K-53GyIfJ8pWasHH-8xSSqB8vMQFsVhFld4DH06JHPzq4jg9QeVQHwz0MK1nNN96I6E
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWopDu92PurGWIEi7WPy2QtGjAx9goBOmuWP3dbdJggQ8ITTj8nvtNu_ZZ-yB1OqDac1K-53GyIfJ8pWasHH-8xSSqB8vMQFsVhFld4DH06JHPzq4jg9QeVQHwz0MK1nNN96I6E?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2NTg1NDQ0LDQxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93cml0ZW9uY29uLmNvbS9jb2xvcmluZy1wYWdlcy9mYWlyeV85MS8iLG51bGwsW1s4LCJZY1VXN0ZxaFE4ayJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
78477daaad3be68d6a9fb638f7cc3d901da55792b045ef5bbda98885f0f375f8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RNw71MrZ678rul16zW3k6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RNw71MrZ678rul16zW3k6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw05BiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIV4OJ60H9nEJjBh7qzbjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqZGxnoGZvEFBgDK1zaE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4615 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-4477019423066143&output=html&h=280&adk=1302064979&adf=3801302499&pi=t.aa~a.1103655144~i.6~rp.4&w=840&abgtt=6&fwrn=4&fwrnh=100&lmt=1716585444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7777845978&ad_type=text_image&format=840x280&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&fwr=0&pra=3&rh=200&rw=840&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585444291&bpp=1&bdt=1952&idt=-M&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26c26b70f71d2c69%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Mb11ttxpGvu7IDgVQY7hH6JMwTgkQ&gpic=UID%3D00000e2d540ba98e%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Ma-uElVmfuyVJoG1sExStKKeF8pqw&eo_id_str=ID%3D0747a95f76ae4bf6%3AT%3D1716585443%3ART%3D1716585443%3AS%3DAA-AfjZvdAzt4A2bSUQJrBgZSPfp&prev_fmts=0x0%2C1200x280&nras=3&correlator=4663545091641&rume=1&frm=20&pv=1&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1336&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fc=1408&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 21:17:24 GMT
expires
Fri, 24 May 2024 21:17:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 192D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&gpp_sid=-1&client=ca-pub-4477019423066143&output=html&h=280&adk=1302064979&adf=318991344&pi=t.aa~a.1103655144~i.8~rp.4&w=840&abgtt=6&fwrn=4&fwrnh=100&lmt=1716585444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7777845978&ad_type=text_image&format=840x280&url=https%3A%2F%2Fwriteoncon.com%2Fcoloring-pages%2Ffairy_91%2F&fwr=0&pra=3&rh=200&rw=840&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTEyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjExMiJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjExMiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1716585444291&bpp=1&bdt=1953&idt=-M&shv=r20240522&mjsv=m202405210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26c26b70f71d2c69%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Mb11ttxpGvu7IDgVQY7hH6JMwTgkQ&gpic=UID%3D00000e2d540ba98e%3AT%3D1716585443%3ART%3D1716585443%3AS%3DALNI_Ma-uElVmfuyVJoG1sExStKKeF8pqw&eo_id_str=ID%3D0747a95f76ae4bf6%3AT%3D1716585443%3ART%3D1716585443%3AS%3DAA-AfjZvdAzt4A2bSUQJrBgZSPfp&prev_fmts=0x0%2C1200x280%2C840x280&nras=4&correlator=4663545091641&rume=1&frm=20&pv=1&ga_vid=1473204420.1716585443&ga_sid=1716585443&ga_hid=213573161&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C95331712%2C31061691%2C31061693%2C31078668&oid=2&pvsid=327631148172344&tmod=1589197024&uas=0&nvt=1&fc=1408&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=129
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 21:17:24 GMT
expires
Fri, 24 May 2024 21:17:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/ Frame BB67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
7491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 19:12:32 GMT
etag
11731753506229902092
expires
Fri, 07 Jun 2024 19:12:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/ Frame F1FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
7491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 19:12:32 GMT
etag
11731753506229902092
expires
Fri, 07 Jun 2024 19:12:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/ Frame 2C96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240522/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
7491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 19:12:32 GMT
etag
11731753506229902092
expires
Fri, 07 Jun 2024 19:12:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lwl6nh3o&c=327631148172344&e=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C31061691%2C31061693%2C31078668&ctx=1&met.6=6.1_CgsYjBEgTioECAESAA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240522/r20110914/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 24 May 2024 21:17:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240522&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
fe35aeafa573d10879de6cd5ae43f94c27e1f08409fe14d74aa00ab545a406b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12819
x-xss-protection
0
favicon.ico
writeoncon.com/ 		60 KB
60 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://writeoncon.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.107.59 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip59.ip-144-217-107.net
Software
Apache /
Resource Hash
2bc70586d8893a9ee5a2e1485a814c83e2a9748b828f77f79075625165627427

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/coloring-pages/fairy_91/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
last-modified
Fri, 10 Nov 2023 11:46:20 GMT
server
Apache
accept-ranges
bytes
content-length
61483
content-type
image/x-icon
advert01.
fundingchoicesmessages.google.com/f/AGSKWxWf0a8uwvz8g3gqAPliIjM53efwsVa0CNlnb1Po9uRABShsl7H8Q0uGIcbup2sOIRz9FhMssFd7vUQcOThAWLEayBYuBqo_ax3soghIrtrCVOiQbmT543I5lMx6WNaE8y2941lEt4KC9gbN0ukFaLg1UqmC8... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWf0a8uwvz8g3gqAPliIjM53efwsVa0CNlnb1Po9uRABShsl7H8Q0uGIcbup2sOIRz9FhMssFd7vUQcOThAWLEayBYuBqo_ax3soghIrtrCVOiQbmT543I5lMx6WNaE8y2941lEt4KC9gbN0ukFaLg1UqmC8QrzaU_yNLN-2VGUeOv5eOSGVrfPEtA=/_/adevents./300x500_adyouporngay.com.org/ads-/advert01.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw-26T22xqd73HwoYjILgQPIb6Fvw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
b1eb9237e41e00986dc42051f133e48af5af7918490ff2e9f05b5729258a7bba
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Fgk5Q6FCt6T2_-nG5NZOFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Fgk5Q6FCt6T2_-nG5NZOFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1pBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIW4OZ62H9nEJvDg9zw3JY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDUyNjPQOz-AIDAKeCNp0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw-26T22xqd73HwoYjILgQPIb6Fvw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
a6bb2dd194e6031ab80e96915e65693caa018b5dabf80c7a746d53aaf875969e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 20:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
3474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16005
x-xss-protection
0
server
cafe
etag
12441271066952069812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 24 May 2024 21:19:31 GMT
AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P7M8IMy20yr3j0_Qlx4NUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-P7M8IMy20yr3j0_Qlx4NUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HE_bj2xiE_iw_V0jo5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1MtYzMI8vMAAA07wi6g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://writeoncon.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f1nr2-tEF6NcyPe23YTLJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f1nr2-tEF6NcyPe23YTLJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoCxELcHE_bj2xiEzjQ3Ven5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMTI2M9QzM4wsMAI9iIh8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://writeoncon.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SookPINdyAE3iVeIR8v43Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SookPINdyAE3iVeIR8v43Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0JBicEqfwRoCxELcHE_bj2xiE9iwblKdkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDUy1jMwjy8wAACasCJD"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://writeoncon.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gsSlk23Ny8reaQAsKQz0kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-gsSlk23Ny8reaQAsKQz0kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoCxEI8HE_bj2xiE_ix_nQLo5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1MtYzMI8vMAAAyYEixw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://writeoncon.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVG7fXYgzk-h6sDkPkTTX0HLUBoqHBTgHGvwRomOBXmDgtzp89MCb1daMyfhj3QU-sRt3p05ohXL0DqeoTbVkH9_Db5YKBphoaBtVueucsqCiEJlc-fSoK2YK1RkLveDU9mPBUo
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVG7fXYgzk-h6sDkPkTTX0HLUBoqHBTgHGvwRomOBXmDgtzp89MCb1daMyfhj3QU-sRt3p05ohXL0DqeoTbVkH9_Db5YKBphoaBtVueucsqCiEJlc-fSoK2YK1RkLveDU9mPBUo?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2NTg1NDQ1LDE3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3JpdGVvbmNvbi5jb20vY29sb3JpbmctcGFnZXMvZmFpcnlfOTEvIixudWxsLFtbOCwiWWNVVzdGcWhROGsiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
4e64b1b9a7a89887f9bbf649d45a22dec10820391147e6c789d5fcb2a184114e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kFzODGG72zE0TFiZSa-AbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-kFzODGG72zE0TFiZSa-AbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0ZBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIW4OZ62H9nEJrBj04YsJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDUyNjPQOz-AIDAJ0kNmM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G7I9wIwI9r0HBJp54Cqm2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G7I9wIwI9r0HBJp54Cqm2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw05BicEqfwRoCxEI8HE_bj2xiE5jxaFI7o5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1MtYzMI8vMAAAqzYiYA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://writeoncon.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXBNbDYBAzZmLiD5xo-AknMUHEQnxlKTBZBIbKUg3kSUBLoobB_8DksqiDEY_zWHSajrspZBA-y9ZK26jp2k6t_9RuL1CRRRnOs-3Avedv9dnrNf-OCIDQHt-yIWo7xDoA2TVxC
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXBNbDYBAzZmLiD5xo-AknMUHEQnxlKTBZBIbKUg3kSUBLoobB_8DksqiDEY_zWHSajrspZBA-y9ZK26jp2k6t_9RuL1CRRRnOs-3Avedv9dnrNf-OCIDQHt-yIWo7xDoA2TVxC?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2NTg1NDQ1LDI1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3JpdGVvbmNvbi5jb20vY29sb3JpbmctcGFnZXMvZmFpcnlfOTEvIixudWxsLFtbOCwiWWNVVzdGcWhROGsiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
dba0616b3648ab2496b1e16cac064ece966559947446d80019c48bdf23e81cfc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QlSq95KfE1qxJQvr1sCHhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-QlSq95KfE1qxJQvr1sCHhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0ZBiOO90h-k6EBtoPGeyAGKJry-Z1IA45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUCc9O88awEQt3--wDoViIV4OJ62H9nEJvDj_qx-RiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA1MjYz0Ds_gCAwDb6Dbh"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU_pO7ycd8e_zTBAOl_ENkhLQ0N4C9mSFcAf4g5bBDcfzLWwvS2NxqXlDPgTq6IGbObt9jwIRTUqFcpxod07eoeg7DxOpH9iYUM6yrgsRDp5aIjYjScj0sQxNwZlKcj1PgFYqlv
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU_pO7ycd8e_zTBAOl_ENkhLQ0N4C9mSFcAf4g5bBDcfzLWwvS2NxqXlDPgTq6IGbObt9jwIRTUqFcpxod07eoeg7DxOpH9iYUM6yrgsRDp5aIjYjScj0sQxNwZlKcj1PgFYqlv?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2NTg1NDQ1LDMyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93cml0ZW9uY29uLmNvbS9jb2xvcmluZy1wYWdlcy9mYWlyeV85MS8iLG51bGwsW1s4LCJZY1VXN0ZxaFE4ayJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
6bf11a72b469e7c5ef7ba2e98ce60b617cc4a0455d83ea40cc6c4d191c6bc1f9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-56YK4RPezK7zZTh8Rk-2YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-56YK4RPezK7zZTh8Rk-2YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtHikmJw1JBiWMy_i-m80x2m60BsoPGcyQKIJb6-ZFID4pjn01lTgNgpfQZrABD71M9gjQLi1pvnWCcDcdK_86wFQNz--QLrVCAW4uF42n5kE5vAh7WtmxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAxMjYz1DMziCwwAlIk4JQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405210101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.132 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 May 2024 21:17:25 GMT
AGSKWxXdQxoWDwYDM7ypU93yT6RikrHU3XnvoBj04myGRQP6FTY8KmnJP4rF6Zb4zTnLQB_tcI_Hbb1949WP_lFzVtu_qvUWJQ639hZ8lMmi-OMBFtqcSuzIlVRhDN_bM7dXzj5Qj7p1
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXdQxoWDwYDM7ypU93yT6RikrHU3XnvoBj04myGRQP6FTY8KmnJP4rF6Zb4zTnLQB_tcI_Hbb1949WP_lFzVtu_qvUWJQ639hZ8lMmi-OMBFtqcSuzIlVRhDN_bM7dXzj5Qj7p1
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GX9xdD31guxP8kkL_3tNuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-GX9xdD31guxP8kkL_3tNuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1pBicEqfwRoCxEI8HE_bj2xiE9jxfe5OJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqZKxnYB5fYAAAzgIi2A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://writeoncon.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUDSa3lWtbAmudo3c5IdYSCx69UhAHC8Lfu6GBTpGxSZBWZrba9nDi_jmB51dc5Muf2u_Mo-BXN7h9aUuDa84LbiukZANofPBw-nMHLZ3DMeeb8LKawr9unlvdoaJdy1vNT0krG
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YcUW7FqhQ8k.es5.O/am=AgM/d=1/rs=AJlcJMzdUcHZcx2tKgj_-oETeFEnAArhng/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RwQLTVuyeyKyfmcBulmJ-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 May 2024 21:17:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RwQLTVuyeyKyfmcBulmJ-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoCxEI8HE_bj2xiE5hx_tsxJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqZKxnYB5fYAAA1bsi9Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://writeoncon.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.132 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
67254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 02:36:31 GMT
expires
Sat, 24 May 2025 02:36:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0087 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.104 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f104.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uRv_D6rviH8hHoDUTTohqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://writeoncon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uRv_D6rviH8hHoDUTTohqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 May 2024 21:17:25 GMT
expires
Fri, 24 May 2024 21:17:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~lwl6nhwp&c=327631148172344&e=44759875%2C44759926%2C44759837%2C31083868%2C42531706%2C95331983%2C31061691%2C31061693%2C31078668&ctx=1&met.3=1000.cn_9__1~782.cm_a~1001.cl_b__1~164.cx~165.cj_e~247.cy~248.cz~164.cz~165.cx_2~166.c8_r~1032.w7~326.w9_2~832.wc~868.wc~216.w6_7~215.w6_7~843.w4_9~889.wv~639.xd~1032.xd~326.xe~832.xe~868.xe~216.xd_1~215.xd_1~889.xk~639.xs~112.y2_2~168.1cz~168.1cz_1~168.1cz_1~168.1d0~168.1d0~168.1d0~168.1d0~168.1d0~168.1d0~168.1d0~168.1d0_2~168.1d0_2~429.1hf_1~993.1hw_4__3~992.1i0__3~994.1i0__3~991.1ht_7__3~990.1hj_i__3~353.1hh_k~453.1i7_1~754.1ia_1__8~995.1i9_3__8~247.1id~248.1id~1032.1ie~326.1ie~832.1ie~868.1ie~164.1id_1~165.1id_2~996.1id_2__8~997.1ic_3__8~453.1if_1~754.1ig__8~995.1ig_1__8~247.1ih~248.1ih~1032.1ih~326.1ii~832.1ii~868.1ii~164.1ih_1~165.1ih_1~996.1ih_1__8~997.1ih_1__8~453.1ii_1~754.1ij__8~995.1ij_1__8~998.1i7_c__8~453.1ij_1~754.1ik_1__j~995.1ik_2__j~247.1in~248.1in~1032.1in~164.1in_1~165.1in_1~996.1in_1__j~997.1im_1__j~453.1io_1~754.1io_1__j~995.1io_1__j~998.1ij_6__j~639.1iq~453.1iq_1~754.1iq__q~995.1iq__q~998.1iq_1__q~453.1ir_1~453.1is_1~453.1is_1~454.1it_1~454.1iu_1~454.1iu_1~453.1iv_1~753.1ix~210.1mf_1~1032.1mh~326.1mh~832.1mh~868.1mh~164.1mh_1~165.1mh_1~466.1mg_1~1032.1mi~326.1mi~832.1mi~868.1mi~164.1mi_1~165.1mi_1~466.1mi_1~1032.1mj~326.1mj~832.1mj~868.1mj~164.1mj_1~165.1mj_1~466.1mj_1~522.1mg_3~889.1pz~889.1q3~525.1qd_9~525.1qm_3~525.1qo_1~639.1qx~639.1qx~639.1qx~639.1qx~639.1qx~246.1r2_2~168.1xw~168.1xw~168.1xw~168.1xw~168.1xw~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xx~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1xz~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y0~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y2~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~168.1y3~952.21e~168.21e~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.21f~168.22f~168.22f~168.22f~168.22f~168.22f~168.22f_3~168.22f_3~168.22i~168.22i~168.22i~168.22i~168.22i~168.22i~168.22i~168.22i~168.22i~168.22i~168.22i~168.22i~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22j~168.22k~168.22k~168.22k~168.22k~168.22k~168.22k~168.22v~168.22v~168.22v~168.22v~168.22v~168.22v~168.22v~168.22v~168.22v~168.22v_2~168.22v_2~168.22x~168.22x~168.22x~168.22x~168.22x~168.22x~168.22x~168.22x~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~168.22y~1228.276_1~273.276_1~1228.279~273.279~113.27c_1&met.7=CBsQCMABvor66wU~CBsQByCcATgfwAHFzumgDQ~CAEQChgBIJwBKJwBMI0DOPEBUJ4BWPoBYLABaPsBcOkCeIqTA4AB3pADiAGLnAmwAQG4AQPAAd6Ov5sB~CBsQChgBIJwBKJwBMIkDOOwBwAGM1djrBA~CBsQBiCcATgiwAGV3v2aBw~CBsQBiCcATg2wAHgk_vRBg~CBsQBiCcAThHwAGpmaXRBw~CBsQBiCtATgywAGQ6M-KDw~CBsQBiCtATg6wAHpmLSzCA~CBsQBiCuAThAwAGzsPou~CBsQBiCuAThCwAGo5rnQDQ~CAMQChgBIMQDKMQDMPoIOLYFUMUDWKkEYMUDaKkEcOYHeOLlCIABtuMIiAGl_BmwAQG4AQPAAbD8uxo~CBwQChgBIIsJKIsJMMMJODhojAlwvgl4hLcBgAHYtAGIAYjdA7ABAbgBA8ABjbn1xAw~CCgQBRgBIJAJKJAJMK8KOJ8BUJMJWPcJYJMJaPgJcKoKePAigAHEIIgBs0ewAQG4AQPAAbfQydwJ~CAUQBRgBILoJKLoJMN0NOKMEaPgJcNwNeMUFgAGZA4gB2AawAQG4AQPAAZDHsvAI~CAUQBRgBIKQJKKQJMIAPONwFaPgJcLwOeK7NBIABgssEiAGR5BiwAQG4AQPAAZDHsvAI~CBwQChgBIIQPKIQPMLEQOK0BaIsPcP4PeMjFA4ABnMMDiAGIvAqwAQG4AQPAAaLt3vwO~CD8QChgBIJEPKJEPMIQROPMBUJsPWPYPYK0PaPcPcN0QeIjfA4AB3NwDiAHzrguwAQG4AQPAAcDXuPAI~CD8QChgBILYRKLYRMPwROEZouBFw-hF4sieAAYYliAHlUbABAbgBA8ABieXS7wU~CCgQBRgBIMYRKMYRMJQSOE5olBJwlBKAAcQgiAGzR7ABAbgBAcABt9DJ3Ak~CCgQBRgBIM8RKM8RMJYSOEdolRJwlRKAAcQgiAGzR7ABAbgBAcABt9DJ3Ak~CCgQBRgBINERKNERMJsSOEpomhJwmhKAAcQgiAGzR7ABAbgBAcABt9DJ3Ak~CAUQBRgBILkRKLkRMPAUOLgDaJAScO8UeIAEgAHUAYgBtAOwAQG4AQPAAZDHsvAI~CAUQBRgBILwRKLwRMIIVOMYDaJIScIIVeIAEgAHUAYgBtAOwAQG4AQPAAZDHsvAI~CBsQCDinFsABvor66wU~CBsgqRY4LcAB_crV8Qo~CBwQChgBIOsWKOsWMJ8XODRo7BZwnhd4sX-AAYV9iAHB0AKwAQG4AQPAAaXK_tcI~CD8QChgBIOsWKOsWMKsXOEDAAcaty6sM~CBsQARgBIOARKOARMMEXOOIFwAGkoPylBw~CD8QChgBIK4XKK4XMPYXOEhorhdw9hd4txiAAYsWiAGCQrABAbgBA8ABs9n_vwo~CD8QDRgBIKQXKKQXMKAYOHzAAZXW4bUJ~CD8QDRgBIK0XKK0XMKEYOHTAAZXW4bUJ~CD8QDRgBIO0WKO0WMKcYOLoBwAGV1uG1CQ~CD8QDRgBIK0XKK0XMLAYOIMBwAGV1uG1CQ~CD8QDRgBIPkXKPkXMLUYODzAAZXW4bUJ~CD8QChgBIPoXKPoXMMMYOElo-xdwwxh4jg6AAeILiAHXFrABAbgBA8ABzNXs-Qg~CCcQDRgBIKcWKKcWMM8ZOKkDaKgWcM0ZeL9mgAGTZIgB3oQBsAEBuAEDwAHz8suuCw~CD8QChgBIMcYKMcYMI4ZOEhoxxhwjhl4xA-AAZgNiAHzGbABAbgBA8ABpePt1w8~CCcQChgBINAZKNAZMOoaOJoBwAHiwZvaBQ~CD8QDRgBIO0aKO0aMKkbODvAAZSGt5sH~CCcQBRgBIPEaKPEaMLEbOEDAAZmVn6AL~CD8QDRgBIO4aKO4aMMUbOFfAAZXW4bUJ~CBsQBRgBIPMaKPMaMJgcOKQBwAHPxtriAQ&met.1=1.lwl6ng5l~6.2~7.4~8.4~9.4~10.1n~11.l~12.1n~13.46~14.87~15.4a~16.89~17.89~18.89~19.27a~20.27a~21.27b~22.6a~23.6a
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240522/r20110914/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://writeoncon.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 24 May 2024 21:17:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240522&jk=327631148172344&bg=!l5SllNvNAAbUqhG89Ko7ADQBe5WfOMCsP1v924AeWwo-gZrQaNFNNUbiW1WjdOZZ3Vr7K6z7wagveB7JQJ1OC6V6bApmAgAAAENSAAAAA2gBB34ANhjcL93Uql-TcZVKaBf49iNBy3J9Ho4y6qm7y9rQcmYV74eljzUPIoKTdjE_N9CfseTo6x0hFpkClTqPNW5WJsT3xO86X9xKpaXik0FtbLi9qhRzm7C1YvjFJA03dPsk-mBVMvA2ZsHAmktCJxLYRqLK36jS9jWR0DB2QrW6kDr77fnpGPBVtYOQtYEEHSRfTMgc4CEN7CtGbHKmLo6pTofj1fwCJJOC5qWQ2AKAPSkRJ_5I72shLDqnVoCvtNfh_7arRkFlPQO1a6bLDGFMdbLDss-Spoy3QDkiH8AHtgYCmDV0cwWyvaALJS_rtAio7swaAxm2iHbm8WiDXcsXCylwMlK40fSXgf0sYMwlVtku3XNWTULrHrcaKbAPwcn6cHVBtX1q89M5rMKOS7Y7QibpH7bx32NbOGp8NBFUhrniJkJCwNBOqk1cHy6ATxwasnTT9qrL6gKlLCM8zMdL-0KudBxpLEKqSWpLG8bmPi98--5Ob1QyTHQqQ8-9ddUn_u48sBz4L5B_i3upsLvt4hVbgZBvviHbMZnBFTNBcV95FnQT1IQcKZ_MCXPwYqOooraDrSRzygfB0te6H3TE9JspQma0VeGrEIFI_UNcOLCzUJXU4RHLgTaKFoFg8_2n5cfa6HljDCIG4ORjSPvMBAtnmtH4BYd3QUe7VpT7PgWiHfYkZQ06ntmk-_YoSEOJlMP02HP2AKvIlPEYjgpRPPekiaSDDhT00amqfHXIHS3ESn8GdmJXfzxfuyd7xGjigljNuyXVG6hBCmuJnb8uqjWMQQOGfwdWpYJqocOniPZdMMTGgwNqsdIdsMT-Etn3h4zmzayyZ3K6JUq7sEPC-dGXk7kC6xh79O6TbGa6raEskewKn6Ug23lzuTAZuWYm5SkPB6TwZkbBq814apuezVXDM52DR5o0wcEh8aCZ7gRLOakSECVtY-vAishrb5k

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| SourcetoPrint function| PagePrint function| SourcetoPrintWishes function| PagePrintWishes function| gtag object| dataLayer function| myFunction object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| google_rum_config number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzA2NDVmYjRhMmRjZTllbG9hZGVyX2pz string| MzA2NDVmYjRhMmRjZTllY2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag undefined| google_rum_values function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 2b062361-d05a-41e5-a260-25afe1ab6937 object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.writeoncon.com/ Name: _ga_RS8YFCG4B7
Value: GS1.1.1716585442.1.0.1716585442.0.0.0
.writeoncon.com/ Name: _ga
Value: GA1.1.1473204420.1716585443
.writeoncon.com/ Name: __gads
Value: ID=26c26b70f71d2c69:T=1716585443:RT=1716585443:S=ALNI_Mb11ttxpGvu7IDgVQY7hH6JMwTgkQ
.writeoncon.com/ Name: __gpi
Value: UID=00000e2d540ba98e:T=1716585443:RT=1716585443:S=ALNI_Ma-uElVmfuyVJoG1sExStKKeF8pqw
.writeoncon.com/ Name: __eoi
Value: ID=0747a95f76ae4bf6:T=1716585443:RT=1716585443:S=AA-AfjZvdAzt4A2bSUQJrBgZSPfp
.doubleclick.net/ Name: IDE
Value: AHWqTUnLK7oWM8jWp1Hf4faduNxLPz1qYmTNLDeaPv5ODW_hwoZ4tFZIsXvd9470Vds
gtrace.mediago.io/ Name: cst_70
Value: ts=1716585444
.mediago.io/ Name: __mguid_
Value: f992662dc35775f32loeov00lwl6ni7q
.writeoncon.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_URugbpl3u9Y-DFnwP6zVrxVM6xm8VnYJp-Kij_6s4spAzN4zkvxlPq19A9CB9Qe0XgU0ReZ1i614Rw7ZrS3sSmX908EW_mN8WiiFkGEaFETG-kGPwLqtW53KKhm65R4Q_IeESCzKB3bsDJa-rg5hJ4LTEsQ%3D%3D%22%5D%5D

51 Console Messages

Source Level URL
Text
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://writeoncon.com/coloring-pages/fairy_91/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
writeoncon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.251.174.97
144.217.107.59
173.194.66.157
173.194.68.100
209.85.144.104
209.85.144.132
209.85.144.138
209.85.144.156
74.125.130.120
05535d35559991c199e69c68d599b978510a96015e441a81499604be0d7b1061
1c2277f441e3ca06d0e7e5d4625e1f97cc1f66a58f11bdf66f7fb9c99431c516
25b3da77e65904be1aa30ea1427cd469f517ba0e71c34420afe0eb40a584ca46
2bc70586d8893a9ee5a2e1485a814c83e2a9748b828f77f79075625165627427
4e64b1b9a7a89887f9bbf649d45a22dec10820391147e6c789d5fcb2a184114e
51e745c8f0b2781ff74ba91f61dc396eb86e36f25063097b13e53f93fe9fd680
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a8e48b2c8da02bc1476f907ff0196d3dfca66ebdb59eed124a40f14109a91a
667bbd5e78096c3d4ffdc7b30035694d84cd4970197173625169e8e6ffbe0ae8
68443635d6bc530b2f9f0b115eb749aa49e7a29fd7e8329eebc2689615b56825
6bf11a72b469e7c5ef7ba2e98ce60b617cc4a0455d83ea40cc6c4d191c6bc1f9
78477daaad3be68d6a9fb638f7cc3d901da55792b045ef5bbda98885f0f375f8
7935567eb11d81026019f50e7cbcdb44b2c49234f9abafa6a5a8005c2f2fbf85
8378cf05cc7a8e9cf58f965664ff8790b4619cd9a171be433953b9ebe1bd9ec4
97e119fe1d7ddb3047968e5515832c0c7840bf567fba32702f0597f049c0462e
9bc49b624e69c0b9ae1506a0534db684bf985b431fecd8e4b3cfd5097cdb6858
a6bb2dd194e6031ab80e96915e65693caa018b5dabf80c7a746d53aaf875969e
b1eb9237e41e00986dc42051f133e48af5af7918490ff2e9f05b5729258a7bba
c89a5a875d476450e9e1c2da2a16d3df17d4ae5f8b1b94809471bb483ff76658
d339d5083adc0d4eec24c76419e5ebc34ade6ce31773b8bd0abaaddf484637a3
dba0616b3648ab2496b1e16cac064ece966559947446d80019c48bdf23e81cfc
e0250429e17e0a41d9c6f163c4d28272588e91f82aa9929109516eb8d5834b7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4941b213ad13917f1e6acdd4d0d983be8699c6260685c1e6b9c2bce007e95a4
fe35aeafa573d10879de6cd5ae43f94c27e1f08409fe14d74aa00ab545a406b4