urlscan.io logo urlscan.io
SecurityTrails logo

it.vonvon.me Open in urlscan Pro
2a00:1450:4001:81f::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://it.vonvon.me/0K2dY
Effective URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsap...
Submission: On November 19 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 105 HTTP transactions. The main IP is 2a00:1450:4001:81f::2013, located in Ireland and belongs to GOOGLE - Google LLC, US. The main domain is it.vonvon.me.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on July 27th 2017. Valid for: 3 years.
This is the only time it.vonvon.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2a00:1450:400... 15169 (GOOGLE)
1 14 2400:cb00:204... 13335 (CLOUDFLAR...)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
1 52.85.64.125 16509 (AMAZON-02)
9 172.217.23.162 15169 (GOOGLE)
1 52.94.216.48 16509 (AMAZON-02)
26 2a00:1450:400... 15169 (GOOGLE)
6 68.67.153.75 29990 (ASN-APPNEXUS)
1 3 92.123.93.251 20940 (AKAMAI-ASN1)
3 2a03:2880:f12... 32934 (FACEBOOK)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
1 199.96.57.6 13414 (TWITTER)
1 104.244.42.8 13414 (TWITTER)
2 2 185.33.223.80 29990 (ASN-APPNEXUS)
2 2 151.101.112.166 54113 (FASTLY)
2 2 184.169.182.70 16509 (AMAZON-02)
1 2a03:2880:f02... 32934 (FACEBOOK)
105 17
6    2a00:1450:4001:81f::2013 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
it.vonvon.me
14    2400:cb00:2048:1::6810:85e3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
it-static-gcs.vonvon.me
it-cdn.vonvon.me
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
24    2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.com
pagead2.googlesyndication.com
adservice.google.de
1    52.85.64.125 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-64-125.lhr5.r.cloudfront.net
c.amazon-adsystem.com
9    172.217.23.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
1    52.94.216.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax.amazon-adsystem.com
26    2a00:1450:4001:81f::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
lh3.googleusercontent.com
6    68.67.153.75 (New York, United States)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: lbip767069.nym2.adnexus.net
prebid.adnxs.com
3    92.123.93.251 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-251.deploy.akamaitechnologies.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    2400:cb00:2048:1::6810:84e3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
it-cdn.vonvon.me
1    199.96.57.6 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
platform.twitter.com
1    104.244.42.8 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
2    185.33.223.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
2    151.101.112.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
2    184.169.182.70 (San Jose, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-184-169-182-70.us-west-1.compute.amazonaws.com
match.adsrvr.org
1    2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
Domain Requested by
22 lh3.googleusercontent.com it.vonvon.me
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
13 it-static-gcs.vonvon.me it.vonvon.me
it-static-gcs.vonvon.me
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
it.vonvon.me
6 prebid.adnxs.com it-static-gcs.vonvon.me
6 it.vonvon.me 1 redirects it.vonvon.me
it-static-gcs.vonvon.me
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.com www.googletagservices.com
pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 it-cdn.vonvon.me 1 redirects it-static-gcs.vonvon.me
3 www.facebook.com it.vonvon.me
3 connect.facebook.net it.vonvon.me
connect.facebook.net
it-static-gcs.vonvon.me
2 match.adsrvr.org 2 redirects
2 bh.contextweb.com 2 redirects
2 ib.adnxs.com 2 redirects
2 as-sec.casalemedia.com it-static-gcs.vonvon.me
1 graph.facebook.com connect.facebook.net
1 ssum-sec.casalemedia.com 1 redirects
1 syndication.twitter.com platform.twitter.com
1 platform.twitter.com it-static-gcs.vonvon.me
platform.twitter.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 c.amazon-adsystem.com it-static-gcs.vonvon.me
1 www.googletagservices.com it-static-gcs.vonvon.me
1 www.google-analytics.com it-static-gcs.vonvon.me
0 googleads.g.doubleclick.net Failed pagead2.googlesyndication.com
0 staticxx.facebook.com Failed connect.facebook.net
105 26

This site contains links to these domains. Also see Links.

Domain
docs.google.com
help.vonvon.me
Subject Issuer Validity Valid
*.vonvon.me
COMODO RSA Domain Validation Secure Server CA		 2017-07-27 -
2020-08-02		 3 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
c.amazon-adsystem.com
Symantec Class 3 Secure Server CA - G4		 2017-10-06 -
2018-07-06		 9 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-01 -
2018-01-24		 3 months crt.sh
aax-eu.amazon-adsystem.com
Symantec Class 3 Secure Server CA - G4		 2017-09-15 -
2018-06-15		 9 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2017-11-01 -
2018-01-24		 3 months crt.sh
prebid.adnxs.com
GeoTrust SSL CA - G3		 2017-04-26 -
2019-04-26		 2 years crt.sh
san.casalemedia.com
GeoTrust SSL CA - G3		 2017-08-03 -
2018-11-02		 a year crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-11-01 -
2018-01-24		 3 months crt.sh
platform.twitter.com
DigiCert SHA2 High Assurance Server CA		 2017-04-04 -
2018-05-25		 a year crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2015-07-30 -
2018-08-03		 3 years crt.sh

This page contains 12 frames:

Primary Page: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Frame ID: 1413.1
Requests: 80 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fit.vonvon.me
Frame ID: 1413.4
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/lY4eZXm_YWu.js?version=42
Frame ID: 1413.5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1413.7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20171113/r20170110/zrt_lookup.html
Frame ID: 1413.11
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js
Frame ID: 1413.10
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1413.8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492433796752731&output=html&h=90&slotname=9816260407&adk=1676927845&adf=3279755399&w=728&format=728x90&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&ea=0&flash=0&wgl=1&adsid=NT&dt=1511096699151&bpp=10&bdt=381&fdt=12&idt=151&shv=r20171113&cbv=r20170110&saldr=aa&correlator=1791414868464&frm=23&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=1710178900&ga_fc=0&pv=2&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=60&biw=1585&bih=1200&isw=728&ish=90&ifk=704017395&eid=21060548%2C21061122%2C20040060%2C21060858&oid=3&nmo=1&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Cmo%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&osw_key=1949874412&ifi=1&dtd=175
Frame ID: 1413.13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js
Frame ID: 1413.12
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492433796752731&output=html&h=90&slotname=2420589609&adk=2381399396&adf=3279755398&w=728&format=728x90&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&ea=0&flash=0&wgl=1&adsid=NT&dt=1511096699226&bpp=19&bdt=455&fdt=136&idt=164&shv=r20171113&cbv=r20170110&saldr=aa&correlator=1791414868464&frm=23&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=1561604527&ga_fc=0&pv=1&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=271&ady=1151&biw=1585&bih=1200&isw=728&ish=90&ifk=2477781624&eid=21061122%2C21060858&oid=3&nmo=1&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Cmo%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&osw_key=1639676636&ifi=1&dtd=186
Frame ID: 1413.14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1413.6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492433796752731&output=html&h=250&slotname=6096954000&adk=1864620784&adf=3279755396&w=300&format=300x250&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1511096699472&bpp=7&bdt=705&fdt=65&idt=80&shv=r20171113&cbv=r20170110&saldr=aa&correlator=1791414868464&frm=23&ga_vid=1576051716.1511096698&ga_sid=1511096700&ga_hid=152868010&ga_fc=0&pv=1&iag=15&icsg=0&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1014&ady=170&biw=1585&bih=1200&isw=300&ish=250&ifk=1224270258&eid=21060868%2C21061122&oid=3&nmo=1&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=o%7Cmo%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&osw_key=2527523565&ifi=1&dtd=98
Frame ID: 1413.18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://it.vonvon.me/0K2dY HTTP 302
    https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=shar... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Google Frontend/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Page Statistics

105
Requests

94 %
HTTPS

47 %
IPv6

16
Domains

26
Subdomains

17
IPs

3
Countries

3750 kB
Transfer

6926 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://it.vonvon.me/0K2dY HTTP 302
    https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dadnxs%2526uid%253D%2524UID HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=1835803773195804945
Request Chain 47
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3DindexExchange%26uid%3D HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=indexExchange&uid=WhGBerlQJrkAAFBrYMIAAABh%261174
Request Chain 48
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://match.adsrvr.org/track/cmf/contextweb HTTP 302
  • https://match.adsrvr.org/track/cmb/contextweb HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=e8a08071-0288-4a01-9482-859b29efae95 HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=d2vr6p4HL0U5&ev=1&pid=561205
Request Chain 75
  • https://it-cdn.vonvon.me/api/i/5775/0/intro?s=640 HTTP 301
  • https://lh3.googleusercontent.com/qDT18yF9mIEhdjyoEQRZQlpdFj-XDkwnqyw-7thsnINVO4Gw-o7qLla-XdhCDNbRThOUPsJCdJa4OzicCPQ-%3Ds640

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request v_131l9t3qeyh26ehvl
it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/
Redirect Chain
  • https://it.vonvon.me/0K2dY
  • https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
189 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
51ec7e6396ce743de87a50f10aaeb3fd7d6df45e840b1868f2b48e233a916679

Request headers

:path
/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
it.vonvon.me
cookie
it.vts=1511096697
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
text/html; charset=utf-8; charset=utf-8
status
200
x-cloud-trace-context
f4b355d427196a45d03542632331d4b7
cache-control
private
set-cookie
last_host_region=it; Domain=vonvon.me; Expires=Sat, 17-Feb-2018 13:04:57 GMT; Path=/ it.vts=1511096697; Domain=.it.vonvon.me; Path=/ vts=; Domain=.it.vonvon.me; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; Domain=.vonvon.me; HttpOnly; Path=/
content-length
25016
expires
Sun, 19 Nov 2017 13:04:57 GMT

Redirect headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
server
Google Frontend
status
302
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
x-cloud-trace-context
02b097409f9db4f30e91b19abb8b3e46
cache-control
private
set-cookie
it.vts=1511096697; Domain=.it.vonvon.me; Path=/ vts=; Domain=.it.vonvon.me; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
content-length
321
m.d17a55a7788ee63c8820c22d3416022c.css
it-static-gcs.vonvon.me/gened/wp/css/ 		734 KB
283 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/css/m.d17a55a7788ee63c8820c22d3416022c.css
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
86529fc6364b387e770fe1ebaadb372c4986f1fd584b6d8ddfb1755d7b363bf1

Request headers

:path
/gened/wp/css/m.d17a55a7788ee63c8820c22d3416022c.css
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2Uoq0JQSKnuBXMzrnlHTkfNjTx-bYOehay9zSc4BZBtiai_iRgqDW3vCZbvPKzGBj7Csd_ZsTe3E2q43OXLXFZZdTyOHTA
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
text/css
content-length
289875
last-modified
Mon, 06 Nov 2017 09:17:53 GMT
server
cloudflare-nginx
etag
"35d75d76930650ec86ecd8457323da3f"
vary
Accept-Encoding
x-goog-hash
crc32c=2jS+yw== md5=NddddpMGUOyG7NhFcyPaPw==
x-goog-generation
1509959873392867
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
289875
set-cookie
__cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; expires=Mon, 19-Nov-18 13:04:57 GMT; path=/; domain=.vonvon.me; HttpOnly
accept-ranges
bytes
cf-ray
3c0360d85d7463fd-FRA
expires
Sun, 26 Nov 2017 12:55:22 GMT
c8cf0e03-71e5-413c-a909-7ff260fd2a80
it.vonvon.me/pixel/loadstart/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.vonvon.me/pixel/loadstart/c8cf0e03-71e5-413c-a909-7ff260fd2a80?host=it.vonvon.me
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/pixel/loadstart/c8cf0e03-71e5-413c-a909-7ff260fd2a80?host=it.vonvon.me
pragma
no-cache
cookie
last_host_region=it; it.vts=1511096697; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
it.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
last-modified
2017-11-19 13:04:57.676120
progma
no-cache
content-type
image/png
status
200
x-cloud-trace-context
65e14f8134fddd4b3786fb9e14d6da58
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-length
42
server
Google Frontend
expires
-1
manifest.d41d8cd98f00b204e980.js
it-static-gcs.vonvon.me/gened/wp/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/manifest.d41d8cd98f00b204e980.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
35fe87e2e8a4cab59e742ecadba2569b9ee1b03b00e308293dcbacf01be70656

Request headers

:path
/gened/wp/js/manifest.d41d8cd98f00b204e980.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2UqbgHk8ZqaClBDyu8HAq7HZ2-p3mXmmz7mtTyzghKXs7Fwak0XmzEI0A_OaLy7n84Z4lHN8pFQ73pFt_pUliLAJbzdlgA
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
1656
last-modified
Wed, 13 Sep 2017 08:13:19 GMT
server
cloudflare-nginx
etag
"153cb40340ce9aa2f2f471da671def9b"
vary
Accept-Encoding
x-goog-hash
crc32c=9WjjCw== md5=FTy0A0DOmqLy9HHaZx3vmw==
x-goog-generation
1505290399722621
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
1656
accept-ranges
bytes
cf-ray
3c0360d89db863fd-FRA
expires
Wed, 22 Nov 2017 16:32:57 GMT
vonvon-lib-base.334fe4d083b5d0761e7d.js
it-static-gcs.vonvon.me/gened/wp/js/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-lib-base.334fe4d083b5d0761e7d.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
21a832869925becbe275d83fed2460ea1073b1b64b94b21524e186b806416a89

Request headers

:path
/gened/wp/js/vonvon-lib-base.334fe4d083b5d0761e7d.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2UrOmH-2Yp2EHsLlqkeBo5_PUdm279rR-Gv5FGQ9nEIWQ8uxdfk4QbnzDRNM85acwdf-nAV0fnmPaK0H-orwvUz4w7EsKg
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
83643
last-modified
Fri, 03 Nov 2017 10:01:31 GMT
server
cloudflare-nginx
etag
"c4c0851474c434fbbd4acaa6add828a9"
vary
Accept-Encoding
x-goog-hash
crc32c=pvKXSA== md5=xMCFFHTENPu9SsqmrdgoqQ==
x-goog-generation
1509703291106329
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
83643
accept-ranges
bytes
cf-ray
3c0360d89db963fd-FRA
expires
Mon, 20 Nov 2017 17:29:15 GMT
vonvon-lib.618f2470fe6f566cbccc.js
it-static-gcs.vonvon.me/gened/wp/js/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-lib.618f2470fe6f566cbccc.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f6790ef3fb3c6f667b467136663b066d40efedaf67c00fa6cc88283d5ba79f60

Request headers

:path
/gened/wp/js/vonvon-lib.618f2470fe6f566cbccc.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2Uq28mVpeH1U5KLyI-OFvG3Su2uNfVC7uV_z-YkrfhBXfc4Fjs0xBBNNCfxKY2K9aJeQ0LEbFztgeb7Tv4L9QYjaCGI-Bw
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
26077
last-modified
Thu, 19 Oct 2017 02:56:08 GMT
server
cloudflare-nginx
etag
"43f5801f18ad44c91dd7dfca2d881999"
vary
Accept-Encoding
x-goog-hash
crc32c=QPzkjg== md5=Q/WAHxitRMkd19/KLYgZmQ==
x-goog-generation
1508381768208093
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
26077
accept-ranges
bytes
cf-ray
3c0360d89dba63fd-FRA
expires
Mon, 20 Nov 2017 17:29:15 GMT
vonvon-i18n.it.0c69b31f051316149fb5.js
it-static-gcs.vonvon.me/gened/wp/js/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-i18n.it.0c69b31f051316149fb5.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2d4281edd8d50d7d78209326a952aab1cd03dad380b7cc0e5245bcd9136fe5b7

Request headers

:path
/gened/wp/js/vonvon-i18n.it.0c69b31f051316149fb5.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2UpPUNwfs9TfoJE7hJ4x8AoywVqA16Izxa2HcJZiP8C2PVuYJFCHOHa-u8vjPvTxn2o4p3SeLqH7OdxR3M6VReFRyeIaLg
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
12777
last-modified
Thu, 16 Nov 2017 02:34:32 GMT
server
cloudflare-nginx
etag
"72bfdc5996b261141bdae43b9bedd1c9"
vary
Accept-Encoding
x-goog-hash
crc32c=ePFVQA== md5=cr/cWZayYRQb2uQ7m+3RyQ==
x-goog-generation
1510799672925436
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
12777
accept-ranges
bytes
cf-ray
3c0360d89dbb63fd-FRA
expires
Thu, 23 Nov 2017 09:50:50 GMT
vonvon-base.594b9201fc3e51057f37.js
it-static-gcs.vonvon.me/gened/wp/js/ 		679 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
a9ea1a8b76e0b6a578a515ac6039f4b4c581a6f52c63cc35fa46e93f1edc5b24

Request headers

:path
/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2UrAfCUFsvlb-lpKQo9oyWcxNEko7l6eZN7v8zIXrrpcoyWt_u63BLBzlALk0wbuC3WmBOvx23S7BXk1uZ5C_2DlZtD0Tw
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
208357
last-modified
Thu, 16 Nov 2017 02:34:33 GMT
server
cloudflare-nginx
etag
"4c8ef85cf02b7cee02a397ee82dc6c19"
vary
Accept-Encoding
x-goog-hash
crc32c=oH8L6g== md5=TI74XPArfO4Co5fugtxsGQ==
x-goog-generation
1510799673097390
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
208357
accept-ranges
bytes
cf-ray
3c0360d89dbc63fd-FRA
expires
Thu, 23 Nov 2017 13:10:01 GMT
m.265060611f1949d3e962.js
it-static-gcs.vonvon.me/gened/wp/js/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/m.265060611f1949d3e962.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
87b379e8eb9c04bd68ec9ddbcd14d3746d97f4ce1fcf0b1ca84ee6f51e0b94aa

Request headers

:path
/gened/wp/js/m.265060611f1949d3e962.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2Uq_4Y6maB0b-FCvXnK1ZbZdAbVOD2-pMUVS8kOwzKE3Y1lnvOAYnNAMUpsffplS_qCuWTqb3L3YqEG5KGspjpa0jbN_2g
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
68986
last-modified
Fri, 17 Nov 2017 08:27:46 GMT
server
cloudflare-nginx
etag
"d5025acadfcfff20debae68aeb2b8789"
vary
Accept-Encoding
x-goog-hash
crc32c=jC2nfQ== md5=1QJayt/P/yDeuuaK6yuHiQ==
x-goog-generation
1510907266885071
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
68986
accept-ranges
bytes
cf-ray
3c0360d89dbd63fd-FRA
expires
Fri, 24 Nov 2017 08:42:10 GMT
m-templates.f2daef983ba286c62ecf.js
it-static-gcs.vonvon.me/gened/wp/js/ 		264 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/m-templates.f2daef983ba286c62ecf.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2a01f83e404b82d95b2bfe2e2f65de3b3b71bb2296f163fab9876b15df674822

Request headers

:path
/gened/wp/js/m-templates.f2daef983ba286c62ecf.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2UrkBMwjOmmYvYMJ8C9Gtx7EIz2IQ4CPFaZGHP1oMGqWhOZIy3ktarmcvdnjXelD0PpJfZjcFxGT9kMebdCjpVk9QZMdYA
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
54788
last-modified
Mon, 13 Nov 2017 08:34:50 GMT
server
cloudflare-nginx
etag
"3f6da441f0835850298fae80a2fdec1f"
vary
Accept-Encoding
x-goog-hash
crc32c=A8e6lQ== md5=P22kQfCDWFApj66Aov3sHw==
x-goog-generation
1510562090458413
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
54788
accept-ranges
bytes
cf-ray
3c0360d89dbe63fd-FRA
expires
Mon, 20 Nov 2017 09:17:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10869
x-xss-protection
0
pragma
public
x-fb-debug
31HV10RDiLyZ34YQP/oAtquvSxcofttUuEkeApJ/01rdPcAkcawzyKnk4St0u3u+e6LcWi8xIn1GQ7XdsrUyjA==
x-frame-options
DENY
date
Sun, 19 Nov 2017 13:04:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33baadec7b557ecce3382437342771d3d4fac857d3688f2083b9dd42a14cfbfa

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab68d34a7d395d2c3e304222ccc61604e8e5b9d6827375a91f5eae5f7889726a

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
1557026204578060
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1557026204578060?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b138ce843e83a0cfcb6f8128befd6cdc0becbb5f101fba7063fdeb62d155f9e3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1557026204578060?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10754
x-xss-protection
0
pragma
public
x-fb-debug
A16gWmLhr6wegxvD1D2dk16s2X7FoCS579T0q1Kp6GwWog3Kh4Yi0BF7y/rYa5gbusSqp0GPlgnwUDogUES3Qg==
x-frame-options
DENY
date
Sun, 19 Nov 2017 13:04:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
1201
date
Sun, 19 Nov 2017 12:44:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14597
expires
Sun, 19 Nov 2017 14:44:57 GMT
gpt.js
www.googletagservices.com/tag/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7808ce5ca5800adfa4c13cc10024d28d050acb764a50f00c46c237b9395fcaef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/tag/js/gpt.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagservices.com
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1510935981153901"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
5027
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:58 GMT
21649
it.vonvon.me/api2/quiz/result/5912/ 		29 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.vonvon.me/api2/quiz/result/5912/21649?fr=v_131l9t3qeyh26ehvl&mq_id=4897062688653312
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-lib-base.334fe4d083b5d0761e7d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d5c0cfc8d3e04d17f6b338f658836f4d557ac3d499b94ce8fa4ea9af589396a2

Request headers

:path
/api2/quiz/result/5912/21649?fr=v_131l9t3qeyh26ehvl&mq_id=4897062688653312
pragma
no-cache
cookie
last_host_region=it; it.vts=1511096697; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; it.localStorage=eyJzbnNMaXN0Ijp7IndoYXRzYXBwIjoiWSJ9fQ
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
it.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Accept
application/json, text/plain, */*
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
x-vv-hash
532f638
server
Google Frontend
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
x-cloud-trace-context
4b570a7f2894146251af18598ae7a9d5
cache-control
private
content-length
49
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abf7c7304dd7bbfb33d02ab30455f2e8954f06c047073e665fe5def23d35b317

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
amzn_ads.js
c.amazon-adsystem.com/aax2/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.64.125 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-64-125.lhr5.r.cloudfront.net
Software
Server /
Resource Hash
01bc56a64edb2ff95ce348e1cb565a535e06cd109ae7c5b4c1f26f9c58c1abbd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
c.amazon-adsystem.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Connection
keep-alive
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Mon, 06 Nov 2017 21:10:11 GMT
Content-Encoding
gzip
Server
Server
Age
57280
ETag
196a0aa149ca88de444674d2cea06a16
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6d851ad4ca00f98212c638c6d85f995b.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4001
X-Amz-Cf-Id
Qp0TB1zbeDsZrIaq7E2slkiITw27Qrf1JrnOaJJsMoJXQ8h8jF6uog==
m-result.js.f476510d320e3a10b7f7.js
it-static-gcs.vonvon.me/gened/wp/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/m-result.js.f476510d320e3a10b7f7.js
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
8a1b38212e79eb993b4210350d2e37a8c1b135e738e464235b82af46af7ca61b

Request headers

:path
/gened/wp/js/m-result.js.f476510d320e3a10b7f7.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; _ga=GA1.2.1576051716.1511096698; _gid=GA1.2.1613767412.1511096698
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2Upk45a1q5G0XWCiBEZfMvshAkfqpQa2rluRJ58Ew_6aBYgu3u1mBvpiFzOaspGLWuxaW1tfUlLmfVeiNShB-VnLODdszw
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
12062
last-modified
Tue, 07 Nov 2017 07:29:06 GMT
server
cloudflare-nginx
etag
"ce49d498b1b8de17f0b677f4d10a0505"
vary
Accept-Encoding
x-goog-hash
crc32c=bWkKoA== md5=zknUmLG43hfwtnf00QoFBQ==
x-goog-generation
1510039746098182
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
12062
accept-ranges
bytes
cf-ray
3c0360dbbf5963fd-FRA
expires
Sat, 25 Nov 2017 16:02:09 GMT
integrator.js
adservice.google.com/adsid/ 		108 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=it.vonvon.me
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=it.vonvon.me
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.com
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
pubads_impl_168.js
securepubads.g.doubleclick.net/gpt/ 		189 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
33b7a4fa5258997e852f6a83448db6175475517e4f2bb18ac81131fdd3024335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_168.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Nov 2017 23:30:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
67532
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:58 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		32 B
32 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3468&u=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2Fr%2F5912%2Fn%2F4897062688653312%2F21649%2Fv_131l9t3qeyh26ehvl%3Futm_campaign%3Dshare%26utm_source%3Dwhatsapp%26utm_medium%3Dorganic%26utm_content%3Dwhatsapp%26share_ts%3Dozo0ux%26utm_viral%3D81&cb=589369
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
32eb168a5f82e7714d80515bba96f9ab512051ed1539a9a4fd5b8846e987a94d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
aax.amazon-adsystem.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
Connection
keep-alive
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 19 Nov 2017 13:04:58 GMT
Server
Server
Connection
keep-alive
Content-Length
32
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
container.html
tpc.googlesyndication.com/safeframe/1-0-14/html/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-14/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d0c77c195cdbf6a1095e26435ce538aab5d110aa57a7eac62fc9a0c303da9024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/safeframe/1-0-14/html/container.html
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tpc.googlesyndication.com
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Purpose
prefetch
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 16 Nov 2017 12:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259671
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1579
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2017 03:31:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/html
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Nov 2018 12:57:07 GMT
3p_cookie.html
securepubads.g.doubleclick.net/static/ 		223 B
185 B 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/3p_cookie.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/3p_cookie.html
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
:scheme
https
:method
GET
Purpose
prefetch
Referer
https://it.vonvon.me/mequiz/r/5912/n/4897062688653312/21649/v_131l9t3qeyh26ehvl?utm_campaign=share&utm_source=whatsapp&utm_medium=organic&utm_content=whatsapp&share_ts=ozo0ux&utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 06:56:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22079
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
176
x-xss-protection
1; mode=block
server
sffe
etag
"1502910952331160"
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=43200
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Nov 2017 18:56:59 GMT
cookie_sync
prebid.adnxs.com/pbs/v1/ 		902 B
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
lbip767069.nym2.adnexus.net
Software
nginx/1.11.10 /
Resource Hash
62d5d1b6a858cd76c1145ad090d200f89e9489d9bc62a640bc6b338a95996c40

Request headers

Pragma
no-cache
Origin
https://it.vonvon.me
Accept-Encoding
gzip, deflate
Host
prebid.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain
Accept
*/*
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Connection
keep-alive
Content-Length
111
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Origin
https://it.vonvon.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:05:00 GMT
Server
nginx/1.11.10
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://it.vonvon.me
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
902
Expires
0
auction
prebid.adnxs.com/pbs/v1/ 		784 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
lbip767069.nym2.adnexus.net
Software
nginx/1.11.10 /
Resource Hash
c467259cc8ae191fedd33449ee52560bd3f55ca093b797582b8d08087c41c17a

Request headers

Pragma
no-cache
Origin
https://it.vonvon.me
Accept-Encoding
gzip, deflate
Host
prebid.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain
Accept
*/*
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Connection
keep-alive
Content-Length
1559
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Origin
https://it.vonvon.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:05:00 GMT
Server
nginx/1.11.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://it.vonvon.me
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
784
Expires
0
Cookie set cygnus
as-sec.casalemedia.com/ 		44 B
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&fn=cygnus_index_parse_res&s=196065&r=%7B%22id%22%3A%22555609666%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%223_1%22%2C%22siteID%22%3A196065%7D%7D%2C%7B%22id%22%3A%222%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%225_1%22%2C%22siteID%22%3A196067%7D%7D%2C%7B%22id%22%3A%223%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2212_1%22%2C%22siteID%22%3A196074%7D%7D%5D%7D&pid=pb0.33.0-pre
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-251.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
879b32e11198472a05159530541029875d5fd96f1e9b4c1a9f6393d30dc1a6b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
as-sec.casalemedia.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Connection
keep-alive
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:04:58 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=WhGBerlQJrkAAFBrYMIAAABh;domain=casalemedia.com;path=/;expires=Mon, 19 Nov 2018 13:04:58 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sat, 17 Feb 2018 13:04:58 GMT CMST=WhGBeloRgXoB;domain=casalemedia.com;path=/;expires=Mon, 20 Nov 2017 13:04:58 GMT CMSC=WhGBeg**;domain=casalemedia.com;path=/; CMDD=AAL5FgE*;domain=casalemedia.com;path=/;expires=Mon, 20 Nov 2017 13:04:58 GMT
Content-Type
text/javascript
Content-Length
64
Expires
Sun, 19 Nov 2017 13:04:58 GMT
4897062688653312
it.vonvon.me/api2/quiz/5912/me_quiz_ranking/ 		887 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://it.vonvon.me/api2/quiz/5912/me_quiz_ranking/4897062688653312
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-lib-base.334fe4d083b5d0761e7d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
126c5eb4ea15ef706ca778049da7ecb6baae6b12b08c3c09701bf9eadf1d52ad

Request headers

:path
/api2/quiz/5912/me_quiz_ranking/4897062688653312
pragma
no-cache
cookie
last_host_region=it; it.vts=1511096697; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; _ga=GA1.2.1576051716.1511096698; _gid=GA1.2.1613767412.1511096698; it.localStorage=eyJzbnNMaXN0Ijp7IndoYXRzYXBwIjoiWSJ9LCJtZXF1aXpfcmVkaXJlY3RfcGFyYW1zIjp7Im0iOiIyMTY0OSIsImZyIjoidl8xMzFsOXQzcWV5aDI2ZWh2bCJ9fQ
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
it.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Accept
application/json, text/plain, */*
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
x-vv-hash
532f638
server
Google Frontend
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
x-cloud-trace-context
07470419b00837b5ee583d0ce5e4716b
cache-control
private
content-length
438
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1557026204578060&ev=PageView&dl=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&rl=&if=false&ts=1511096698351&v=2.8.1&ec=0&o=28&it=1511096697769
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1557026204578060&ev=PageView&dl=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&rl=&if=false&ts=1511096698351&v=2.8.1&ec=0&o=28&it=1511096697769
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0kqI2GNdo19mEqfX3..BaEYF6...1.0.BaEYF6.; expires=Saturday, 17-Feb-2018 13:04:58 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Sun, 19 Nov 2017 13:04:58 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eda53853e0d63e5386e4b4b53797c3da0f45ae001963ac3a08f87a23c8f50a02

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d42f695701421ede8ea5f6895436986f612935900184048a24684d2052726373

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
XjZvu4v0JroR8bjUPfrawQtcRgsNg4-KMp7KtmfXdsrfsKc_Dr5K_sRkQqZ-hFrDgnY9JH4bYCKOGfZENd9b=s0
lh3.googleusercontent.com/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/XjZvu4v0JroR8bjUPfrawQtcRgsNg4-KMp7KtmfXdsrfsKc_Dr5K_sRkQqZ-hFrDgnY9JH4bYCKOGfZENd9b=s0
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
1080dfa578a0369c53894f51421245612fc864646bd359515dd389a7c6736e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/XjZvu4v0JroR8bjUPfrawQtcRgsNg4-KMp7KtmfXdsrfsKc_Dr5K_sRkQqZ-hFrDgnY9JH4bYCKOGfZENd9b=s0
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 12:27:08 GMT
x-content-type-options
nosniff
age
2270
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
142484
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 10:26:21 GMT
emoji_3.png
it-static-gcs.vonvon.me/images/emoji_dummy_profile/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it-static-gcs.vonvon.me/images/emoji_dummy_profile/emoji_3.png?v=2
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
10932f88eb807030248d47626d2d484c4af7caa18137490a299be9a141727f9d

Request headers

:path
/images/emoji_dummy_profile/emoji_3.png?v=2
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; _ga=GA1.2.1576051716.1511096698; _gid=GA1.2.1613767412.1511096698
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
cf-cache-status
HIT
status
200
cf-polished
origFmt=png, origSize=22114
x-guploader-uploadid
AEnB2UpIeZBETfwJyRC9uKR7yhUJhU-OXjaoGmVdoCtM2ENyH3nQAslKB3NLnPQvoNfR55xtvRpFnajpN7WQ7M2xBTyprJPuew
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="emoji_3.webp"
content-type
image/webp
content-length
12806
expires
Fri, 24 Nov 2017 22:00:26 GMT
last-modified
Fri, 17 Nov 2017 08:27:46 GMT
server
cloudflare-nginx
etag
"5c557a5a0bad26ec12125e08714bb10a"
vary
Accept
x-goog-hash
crc32c=kKUNYw== md5=XFV6WgutJuwSEl4IcUuxCg==
x-goog-generation
1510907266769218
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800
x-goog-stored-content-length
22114
accept-ranges
bytes
cf-ray
3c0360dd680863fd-FRA
cf-bgj
imgq:85
emoji_3.png
it-static-gcs.vonvon.me/images/emoji_dummy_profile/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it-static-gcs.vonvon.me/images/emoji_dummy_profile/emoji_3.png
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
10932f88eb807030248d47626d2d484c4af7caa18137490a299be9a141727f9d

Request headers

:path
/images/emoji_dummy_profile/emoji_3.png
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; _ga=GA1.2.1576051716.1511096698; _gid=GA1.2.1613767412.1511096698
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
origFmt=png, origSize=22114
x-guploader-uploadid
AEnB2Urw4DVpI55DP_JM5aV5X51ysXHdXXb-Pxi8Twi6eiMVo_hJUhHrIo1JI_Eidw4yhtLxqvWywQchP8oPx28h8GrI6pnHEA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="emoji_3.webp"
content-type
image/webp
content-length
12806
expires
Sun, 26 Nov 2017 13:04:58 GMT
last-modified
Fri, 17 Nov 2017 08:27:46 GMT
server
cloudflare-nginx
etag
"5c557a5a0bad26ec12125e08714bb10a"
vary
Accept
x-goog-hash
crc32c=kKUNYw== md5=XFV6WgutJuwSEl4IcUuxCg==
x-goog-generation
1510907266769218
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800
x-goog-stored-content-length
22114
accept-ranges
bytes
cf-ray
3c0360dd680a63fd-FRA
cf-bgj
imgq:85
c8cf0e03-71e5-413c-a909-7ff260fd2a80
it.vonvon.me/pixel/onload/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it.vonvon.me/pixel/onload/c8cf0e03-71e5-413c-a909-7ff260fd2a80?timing=redirectStart-1~redirectEnd-60~fetchStart-60~domainLookupStart-60~domainLookupEnd-60~connectStart-60~connectEnd-60~requestStart-60~responseStart-503~responseEnd-511~domLoading-504~domInteractive-926~domContentLoadedEventStart-926~domContentLoadedEventEnd-1048&uniq_inflow=1&chost=it.vonvon.me&rhost=it.vonvon.me
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path
/pixel/onload/c8cf0e03-71e5-413c-a909-7ff260fd2a80?timing=redirectStart-1~redirectEnd-60~fetchStart-60~domainLookupStart-60~domainLookupEnd-60~connectStart-60~connectEnd-60~requestStart-60~responseStart-503~responseEnd-511~domLoading-504~domInteractive-926~domContentLoadedEventStart-926~domContentLoadedEventEnd-1048&uniq_inflow=1&chost=it.vonvon.me&rhost=it.vonvon.me
pragma
no-cache
cookie
last_host_region=it; it.vts=1511096697; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; _ga=GA1.2.1576051716.1511096698; _gid=GA1.2.1613767412.1511096698; it.localStorage=eyJzbnNMaXN0Ijp7IndoYXRzYXBwIjoiWSJ9LCJtZXF1aXpfcmVkaXJlY3RfcGFyYW1zIjp7Im0iOiIyMTY0OSIsImZyIjoidl8xMzFsOXQzcWV5aDI2ZWh2bCJ9LCJpbmZsb3dRdWl6SWRzIjpbIjU5MTIiXX0
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
it.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
last-modified
2017-11-19 13:04:58.606930
progma
no-cache
content-type
image/png
status
200
x-cloud-trace-context
0fee4e5967ff51bd4e6ce5e473d29f42
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-length
42
server
Google Frontend
expires
-1
vonvon-task-util.min.js.e5a36c22f9b9e367ddd9.js
it-static-gcs.vonvon.me/gened/wp/js/ 		2 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-task-util.min.js.e5a36c22f9b9e367ddd9.js
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
57af4cf196e499f023e1d4c894069fb452238431b81576f4c94a741b1189c68a

Request headers

:path
/gened/wp/js/vonvon-task-util.min.js.e5a36c22f9b9e367ddd9.js
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; _ga=GA1.2.1576051716.1511096698; _gid=GA1.2.1613767412.1511096698
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
AEnB2Ur2NDkG9WlY0YlVaDRQzNlFUmlncarjLsgnw3OhD9SzItdq0Nq0MXquK1Py_ZQawG8vsK1QiFLI4-R3KIUcTDUYSCiT2w
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
content-length
952
last-modified
Tue, 07 Nov 2017 07:29:05 GMT
server
cloudflare-nginx
etag
"74c2eb68b5f08c6ec155a7b119cc4573"
vary
Accept-Encoding
x-goog-hash
crc32c=neyjpQ== md5=dMLraLXwjG7BVaexGcxFcw==
x-goog-generation
1510039745921549
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800,no-transform
x-goog-stored-content-length
952
accept-ranges
bytes
cf-ray
3c0360de285663fd-FRA
expires
Tue, 21 Nov 2017 20:46:31 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac0f9b9f369711fcd68fe568c9fdbcc26c88edadf776fdaae55d0d5df22eaac1

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
026213c32804ab0e0b170c5c93540ec1767565aa0da5fcff9454beaca12f6838

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
0
it-cdn.vonvon.me/capi/quiz/list2/category/quiz/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://it-cdn.vonvon.me/capi/quiz/list2/category/quiz/0
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-lib-base.334fe4d083b5d0761e7d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:84e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
7979ed319019c6575c236d5b98d2089f3ceb7f131d927e22dbaa0d152f7199ea

Request headers

:path
/capi/quiz/list2/category/quiz/0
pragma
no-cache
origin
https://it.vonvon.me
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
it-cdn.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Accept
application/json, text/plain, */*
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Origin
https://it.vonvon.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://it.vonvon.me
x-cloud-trace-context
0c0fc3247df73d016dabc9931e57e002
cache-control
max-age=600
access-control-allow-credentials
true
set-cookie
__cfduid=d6f60c668e23572e93bb82694b9911d501511096698; expires=Mon, 19-Nov-18 13:04:58 GMT; path=/; domain=.vonvon.me; HttpOnly
cf-ray
3c0360df29e0635b-FRA
access-control-allow-headers
Content-Type,Accept,Cookie,If-Modified-Since
expires
Sun, 19 Nov 2017 13:05:47 GMT
5912
it-cdn.vonvon.me/capi/quiz/list2/featured/quiz/ 		64 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://it-cdn.vonvon.me/capi/quiz/list2/featured/quiz/5912
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-lib-base.334fe4d083b5d0761e7d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:84e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
3b36753e2a033926a956f39f23dc37baade48ab42c6242b95b77d55a79d8a3a4

Request headers

:path
/capi/quiz/list2/featured/quiz/5912
pragma
no-cache
origin
https://it.vonvon.me
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
it-cdn.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Accept
application/json, text/plain, */*
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Origin
https://it.vonvon.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://it.vonvon.me
x-cloud-trace-context
30d70f7028fd2fc25138acab65e1e1e3
cache-control
max-age=600
access-control-allow-credentials
true
set-cookie
__cfduid=d6f60c668e23572e93bb82694b9911d501511096698; expires=Mon, 19-Nov-18 13:04:58 GMT; path=/; domain=.vonvon.me; HttpOnly
cf-ray
3c0360df29e1635b-FRA
access-control-allow-headers
Content-Type,Accept,Cookie,If-Modified-Since
expires
Sun, 19 Nov 2017 13:14:59 GMT
sdk.js
connect.facebook.net/it_IT/ 		209 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/it_IT/sdk.js
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
dafd12a4d42413fdc0e2c83f94311d8a9b7bec355963058acd3528efaeef6cc9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/it_IT/sdk.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9gavQlcRUn/pqAk5I0OdwQ==
status
200
content-length
65803
x-xss-protection
0
x-fb-debug
2/yw/xtT6lsrxeQCLr18BQn49FgzwZm4rF5OPrWVWZaLyWjpN5jael3qb+lCabC3pcDyKoSXgWx91OvV7vDvhg==
x-fb-content-md5
7c53b19ffa16899111923f729338881e
x-frame-options
DENY
date
Sun, 19 Nov 2017 13:04:58 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b8098c5d38261b95ac2a9dc12ab10d97"
timing-allow-origin
*
expires
Sun, 19 Nov 2017 13:10:22 GMT
widgets.js
platform.twitter.com/ 		121 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
5564ebed256b18a9f7abd8b98da03ef673491b6a3bb23a2b482c7240deca88af

Request headers

:path
/widgets.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
platform.twitter.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
age
182
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
35541
x-served-by
cache-tw-fra1-cr1-20-TWFRA1
last-modified
Tue, 14 Nov 2017 19:28:01 GMT
x-timer
S1511096699.645645,VS0,VE0
etag
"ee8058d3ff98a3608c9261efddf912a7+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=1800
accept-ranges
bytes
twitter_cookies.html
platform.twitter.com/widgets/ Frame 1413 		0
0
settings
syndication.twitter.com/ 		74 B
104 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
d20129789cf4a26600f32331981523d7f9682c2c94871ed40ec9b068240435ed
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

:path
/settings
pragma
no-cache
origin
https://it.vonvon.me
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
syndication.twitter.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Origin
https://it.vonvon.me

Response headers

x-response-time
103
date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
last-modified
Sun, 19 Nov 2017 13:04:58 GMT
server
tsa_o
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://it.vonvon.me
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
6a85dd31f3947683e9fd4b4d77ab1f5d
strict-transport-security
max-age=631138519
content-length
95
/
www.facebook.com/impression.php/f3f95c933ea93d4/ 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/impression.php/f3f95c933ea93d4/?api_key=685543434893182&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/impression.php/f3f95c933ea93d4/?api_key=685543434893182&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
pragma
no-cache
cookie
fr=0kqI2GNdo19mEqfX3..BaEYF6...1.0.BaEYF6.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
no-cache
x-fb-debug
dqc11v/L5VHpCEQzDLoL0I5xI8reu5YD8ecuOA76lCmbthtpvKPRrcMmtT2ZDTeubppgpYC1/6sbTITLNjlCHA==
date
Sun, 19 Nov 2017 13:04:58 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
lY4eZXm_YWu.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1413 		0
0
Cookie set setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.adnxs.com%252Fpbs%252Fv1%252Fsetuid%253Fbidder%253Dadnxs%2526uid%253D%2524UID
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=1835803773195804945
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=1835803773195804945
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
lbip767069.nym2.adnexus.net
Software
nginx/1.11.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
prebid.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Cookie
sess=1; uuid2=1835803773195804945
Connection
keep-alive
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:05:00 GMT
Server
nginx/1.11.10
Vary
Origin
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIxODM1ODAzNzczMTk1ODA0OTQ1IiwiZXhwaXJlcyI6IjIwMTctMTItMDNUMTM6MDU6MDAuODM4NTIwOTM5WiJ9fSwiYmRheSI6IjIwMTctMTEtMTlUMTM6MDU6MDAuODM4NTE5MzQ1WiJ9; Domain=adnxs.com; Expires=Fri, 18 May 2018 13:05:00 GMT
Content-Length
0
Expires
0

Redirect headers

Date
Sun, 19 Nov 2017 13:05:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.27:80
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3fa59458-4cd0-4afe-80d9-f4b2e0d2ca5b
Server
nginx/1.13.4
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&uid=1835803773195804945
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Set-Cookie
sess=1; Path=/; Max-Age=86400; Expires=Mon, 20-Nov-2017 13:05:00 GMT; Domain=.adnxs.com; HttpOnly uuid2=1835803773195804945; Path=/; Max-Age=7776000; Expires=Sat, 17-Feb-2018 13:05:00 GMT; Domain=.adnxs.com; HttpOnly
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3DindexExchange%26uid%3D
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=indexExchange&uid=WhGBerlQJrkAAFBrYMIAAABh%261174
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=indexExchange&uid=WhGBerlQJrkAAFBrYMIAAABh%261174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
lbip767069.nym2.adnexus.net
Software
nginx/1.11.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
prebid.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Connection
keep-alive
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:05:00 GMT
Server
nginx/1.11.10
Vary
Origin
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
uids=eyJ0ZW1wVUlEcyI6eyJpbmRleEV4Y2hhbmdlIjp7InVpZCI6IldoR0JlcmxRSnJrQUFGQnJZTUlBQUFCaCUyNjExNzQiLCJleHBpcmVzIjoiMjAxNy0xMi0wM1QxMzowNTowMC44MTUxMDg3ODJaIn19LCJiZGF5IjoiMjAxNy0xMS0xOVQxMzowNTowMC44MTUxMDY3OFoifQ==; Domain=adnxs.com; Expires=Fri, 18 May 2018 13:05:00 GMT
Content-Length
0
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:04:58 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=indexExchange&uid=WhGBerlQJrkAAFBrYMIAAABh%261174
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=WhGBerlQJrkAAFBrYMIAAABh;domain=casalemedia.com;path=/;expires=Mon, 19 Nov 2018 13:04:58 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sat, 17 Feb 2018 13:04:58 GMT CMPRO=1174;domain=casalemedia.com;path=/;expires=Sat, 17 Feb 2018 13:04:58 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Sun, 19 Nov 2017 13:04:58 GMT
Cookie set setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dpulsepoint%26uid%3D%25%25VGUID%25%25
  • https://match.adsrvr.org/track/cmf/contextweb
  • https://match.adsrvr.org/track/cmb/contextweb?
  • https://bh.contextweb.com/bh/rtset?do=add&pid=534301&ev=e8a08071-0288-4a01-9482-859b29efae95
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=d2vr6p4HL0U5&ev=1&pid=561205
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=d2vr6p4HL0U5&ev=1&pid=561205
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
lbip767069.nym2.adnexus.net
Software
nginx/1.11.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
prebid.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Cookie
uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIxODM1ODAzNzczMTk1ODA0OTQ1IiwiZXhwaXJlcyI6IjIwMTctMTItMDNUMTM6MDU6MDAuODM4NTIwOTM5WiJ9fSwiYmRheSI6IjIwMTctMTEtMTlUMTM6MDU6MDAuODM4NTE5MzQ1WiJ9; sess=1; uuid2=1835803773195804945
Connection
keep-alive
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:05:01 GMT
Server
nginx/1.11.10
Vary
Origin
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIxODM1ODAzNzczMTk1ODA0OTQ1IiwiZXhwaXJlcyI6IjIwMTctMTItMDNUMTM6MDU6MDAuODM4NTIwOTM5WiJ9LCJwdWxzZXBvaW50Ijp7InVpZCI6ImQydnI2cDRITDBVNSIsImV4cGlyZXMiOiIyMDE3LTEyLTAzVDEzOjA1OjAxLjcwNDgyNzM4MVoifX0sImJkYXkiOiIyMDE3LTExLTE5VDEzOjA1OjAwLjgzODUxOTM0NVoifQ==; Domain=adnxs.com; Expires=Fri, 18 May 2018 13:05:01 GMT
Content-Length
0
Expires
0

Redirect headers

Date
Sun, 19 Nov 2017 13:04:59 GMT
Via
1.1 varnish
Transfer-Encoding
chunked
X-Cache
MISS
P3P
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
X-Cache-Hits
0
Connection
keep-alive
X-Served-By
cache-hhn1538-HHN
Server
Jetty(9.4.6.v20170531)
Content-Language
en-US
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=pulsepoint&uid=d2vr6p4HL0U5&ev=1&pid=561205
Cache-Control
private, max-age=0, no-cache, no-store
Set-Cookie
V=d2vr6p4HL0U5;Path=/;Domain=.contextweb.com;Expires=Wed, 14-Nov-2018 13:04:59 GMT;Max-Age=31104000 pb_rtb_ev=3-ji8|Vs.0.e8a08071-0288-4a01-9482-859b29efae95|7Vo.0.1;Path=/;Domain=.contextweb.com;Expires=Mon, 18-Dec-2017 13:04:59 GMT;Max-Age=2505600
Accept-Ranges
bytes
CW-Server
ams-bh01
Expires
-1
http%3A%2F%2Fit.vonvon.me%2Fquiz%2F5912%2Fn%2F4897062688653312
graph.facebook.com/v2.1/ 		150 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v2.1/http%3A%2F%2Fit.vonvon.me%2Fquiz%2F5912%2Fn%2F4897062688653312?callback=FB.__globalCallbacks.f166d2c7db8733&fields=share&method=get&pretty=0&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/it_IT/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a0a1c9cfbb145a4361390bac3a6bb9af77c3433f2a8f3ba5f3450d043b608976
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

:path
/v2.1/http%3A%2F%2Fit.vonvon.me%2Fquiz%2F5912%2Fn%2F4897062688653312?callback=FB.__globalCallbacks.f166d2c7db8733&fields=share&method=get&pretty=0&sdk=joey
pragma
no-cache
cookie
fr=0kqI2GNdo19mEqfX3..BaEYF6...1.0.BaEYF6.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
graph.facebook.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
3O33wl1jUtf8Nbf+C3w7v19dYOu6vXDIKzb3xrzf/qcRUxK94jYESWCRqkgb57ZR+Jc0OXLsYa6hXMF3fV0W1Q==
x-fb-trace-id
Fyoagc3/bBo
status
200
etag
"05ef4818aa49e34b50ce33edd1e05650261b6d92"
strict-transport-security
max-age=15552000; preload
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
date
Sun, 19 Nov 2017 13:04:58 GMT
x-fb-rev
3467728
facebook-api-version
v2.5
content-length
150
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3678942710189031&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=108809107%2C21060362%2C21061149&sc=1&sfv=1-0-14&iu=%2F34009881%2FVON_quiz_rightrail_PC&sz=300x250&eri=1&cust_params=builtinapp%3D%26subdomain%3Dwhatsapp%26advelvet%3D19%26quiz_id%3D5912&cookie_enabled=1&abxe=1&lmt=1511096698&dt=1511096698751&frm=20&biw=1585&bih=1200&oid=3&adx=1014&ady=170&adk=3632746670&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&dssz=30&icsg=4535619682304&mso=128&std=0&vrg=168&vis=1&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=2032915137
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
b4e9acf8e4c786812c6fa9b5fc923afeabe36986a987a9385375857434f70d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3678942710189031&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=108809107%2C21060362%2C21061149&sc=1&sfv=1-0-14&iu=%2F34009881%2FVON_quiz_rightrail_PC&sz=300x250&eri=1&cust_params=builtinapp%3D%26subdomain%3Dwhatsapp%26advelvet%3D19%26quiz_id%3D5912&cookie_enabled=1&abxe=1&lmt=1511096698&dt=1511096698751&frm=20&biw=1585&bih=1200&oid=3&adx=1014&ady=170&adk=3632746670&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&dssz=30&icsg=4535619682304&mso=128&std=0&vrg=168&vis=1&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=2032915137
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1747
x-xss-protection
1; mode=block
google-lineitem-id
66945641
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
99252787001
content-type
text/javascript; charset=UTF-8
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Nov-2017 13:19:58 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_168.js
securepubads.g.doubleclick.net/gpt/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_168.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
f7940b14367ac1e739e05d6aeb22ce6ac54805a32533e5e461c81b83a8437214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_rendering_168.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Nov 2017 23:30:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
10893
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:58 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3678942710189031&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=108809107%2C21060362%2C21061149&sc=1&sfv=1-0-14&iu=%2F34009881%2FVON_quiz_intro_PC&sz=728x90&eri=1&cust_params=builtinapp%3D%26subdomain%3Dwhatsapp%26advelvet%3D19%26quiz_id%3D5912&cookie_enabled=1&abxe=1&lmt=1511096698&dt=1511096698758&frm=20&biw=1585&bih=1200&oid=3&adx=274&ady=60&adk=691716342&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&dssz=32&icsg=180457480126464&mso=128&std=0&vrg=168&vis=1&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=2032915137
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
34d1d58deb6bdcf156d409575e074c7cfc415fef2d6982d21cabbaaa04aecf0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3678942710189031&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=108809107%2C21060362%2C21061149&sc=1&sfv=1-0-14&iu=%2F34009881%2FVON_quiz_intro_PC&sz=728x90&eri=1&cust_params=builtinapp%3D%26subdomain%3Dwhatsapp%26advelvet%3D19%26quiz_id%3D5912&cookie_enabled=1&abxe=1&lmt=1511096698&dt=1511096698758&frm=20&biw=1585&bih=1200&oid=3&adx=274&ady=60&adk=691716342&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&dssz=32&icsg=180457480126464&mso=128&std=0&vrg=168&vis=1&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=2032915137
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1827
x-xss-protection
1; mode=block
google-lineitem-id
67086161
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
99756291761
content-type
text/javascript; charset=UTF-8
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Nov-2017 13:19:58 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=3678942710189031&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=108809107%2C21060362%2C21061149&sc=1&sfv=1-0-14&iu=%2F34009881%2FQuiz_intro2(mobile)&sz=728x90&eri=1&cust_params=builtinapp%3D%26subdomain%3Dwhatsapp%26advelvet%3D19%26quiz_id%3D5912&cookie_enabled=1&abxe=1&lmt=1511096698&dt=1511096698762&frm=20&biw=1585&bih=1200&oid=3&adx=271&ady=1151&adk=183662660&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&dssz=33&icsg=743407433547776&mso=128&std=0&vrg=168&vis=1&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=2032915137
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
cf7fd636a85dcdd02998dd1ed517772bd2d671394e108c223c30b951fd726ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=3678942710189031&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=108809107%2C21060362%2C21061149&sc=1&sfv=1-0-14&iu=%2F34009881%2FQuiz_intro2(mobile)&sz=728x90&eri=1&cust_params=builtinapp%3D%26subdomain%3Dwhatsapp%26advelvet%3D19%26quiz_id%3D5912&cookie_enabled=1&abxe=1&lmt=1511096698&dt=1511096698762&frm=20&biw=1585&bih=1200&oid=3&adx=271&ady=1151&adk=183662660&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&dssz=33&icsg=743407433547776&mso=128&std=0&vrg=168&vis=1&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=2032915137
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1753
x-xss-protection
1; mode=block
google-lineitem-id
73112081
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
113487638801
content-type
text/javascript; charset=UTF-8
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Sun, 19-Nov-2017 13:19:58 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1557026204578060&ev=Microdata&dl=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&rl=&if=false&ts=1511096698854&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fit.vonvon.me%22%2C%22article%3Atag%22%3A%22quiz%22%2C%22article%3Apublished_time%22%3A%222017-11-16T10%3A26%3A43%2B00%3A00%22%2C%22article%3Aauthor%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fit.vonvon.me%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22twitter%3Ameta_title%22%3A%22Quanto%20bene%20conosci%20Salvatore%3F%22%2C%22twitter%3Adescription%22%3A%22Indovina%20le%20risposte%20di%20Salvatore%20e%20prova%20di%20essere%20il%20miglior%20Partner%20o%20il%20migliore%20amico%2Fa!%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fit-cdn.vonvon.me%2Fapi%2Fi%2F5912%2F21649%2Fthumbnail%2F2.v_131l9t3qeyh26ehvl%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aimage%3Aheight%22%3A%22630%22%2C%22twitter%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Asite_name%22%3A%22vonvon%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fit.vonvon.me%2Fquiz%2F5912%22%2C%22og%3Atitle%22%3A%22Partner(Amicizia)%3A%20Quanto%20mi%20conosci%20bene%3F%22%2C%22og%3Adescription%22%3A%22Rispondi%20a%20otto%20domande%20su%20di%20te%20e%20scopri%20se%20il%20tuo%20partner%20o%20i%20tuoi%20amici%20azzeccheranno%20le%20tue%20risposte!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fit-cdn.vonvon.me%2Fapi%2Fi%2F5912%2F0%2Fthumbnail%2F1.11u9gvcfqf7rr4mt%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3ApseudoImage%22%3A%22%22%7D&cd[Meta]=%7B%22title%22%3A%22Partner(Amicizia)%3A%20Quanto%20mi%20conosci%20bene%3F%22%2C%22meta%3Adescription%22%3A%22Quanto%20bene%20conosci%20Salvatore%3F%20Indovina%20le%20risposte%20di%20Salvatore%20e%20prova%20di%20essere%20il%20miglior%20Partner%20o%20il%20migliore%20amico%2Fa!%20%7C%20Sei%20annoiato%3F%20Giochiamo%20insieme%20su%20Vonvon%22%7D&v=2.8.1&o=28
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1557026204578060&ev=Microdata&dl=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&rl=&if=false&ts=1511096698854&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fit.vonvon.me%22%2C%22article%3Atag%22%3A%22quiz%22%2C%22article%3Apublished_time%22%3A%222017-11-16T10%3A26%3A43%2B00%3A00%22%2C%22article%3Aauthor%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fit.vonvon.me%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22twitter%3Ameta_title%22%3A%22Quanto%20bene%20conosci%20Salvatore%3F%22%2C%22twitter%3Adescription%22%3A%22Indovina%20le%20risposte%20di%20Salvatore%20e%20prova%20di%20essere%20il%20miglior%20Partner%20o%20il%20migliore%20amico%2Fa!%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fit-cdn.vonvon.me%2Fapi%2Fi%2F5912%2F21649%2Fthumbnail%2F2.v_131l9t3qeyh26ehvl%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aimage%3Aheight%22%3A%22630%22%2C%22twitter%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Asite_name%22%3A%22vonvon%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fit.vonvon.me%2Fquiz%2F5912%22%2C%22og%3Atitle%22%3A%22Partner(Amicizia)%3A%20Quanto%20mi%20conosci%20bene%3F%22%2C%22og%3Adescription%22%3A%22Rispondi%20a%20otto%20domande%20su%20di%20te%20e%20scopri%20se%20il%20tuo%20partner%20o%20i%20tuoi%20amici%20azzeccheranno%20le%20tue%20risposte!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fit-cdn.vonvon.me%2Fapi%2Fi%2F5912%2F0%2Fthumbnail%2F1.11u9gvcfqf7rr4mt%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3ApseudoImage%22%3A%22%22%7D&cd[Meta]=%7B%22title%22%3A%22Partner(Amicizia)%3A%20Quanto%20mi%20conosci%20bene%3F%22%2C%22meta%3Adescription%22%3A%22Quanto%20bene%20conosci%20Salvatore%3F%20Indovina%20le%20risposte%20di%20Salvatore%20e%20prova%20di%20essere%20il%20miglior%20Partner%20o%20il%20migliore%20amico%2Fa!%20%7C%20Sei%20annoiato%3F%20Giochiamo%20insieme%20su%20Vonvon%22%7D&v=2.8.1&o=28
pragma
no-cache
cookie
fr=0kqI2GNdo19mEqfX3..BaEYF6...1.0.BaEYF6.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Sun, 19 Nov 2017 13:04:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1413 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
748295e8e96b25d695c26314d4bb410da0e041a5fca17fbad9b61ebe9b0b2ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/adsbygoogle.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
9322909245359300446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
25032
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20171113/r20110914/activeview/ Frame 1413 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20171113/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
82f095898fec84c81dc029e5debc1067eccb1e3eea412752d21d0f89f3e9aee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20110914/activeview/osd_listener.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tpc.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 01:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12808
x-xss-protection
1; mode=block
server
cafe
etag
410984267434061409
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2017 01:14:56 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bf75927ab86d23f5230c713f556f40c7cdac3dacd41ba15ca3cc31e6bc5fd847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/osd.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 12:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
29589
x-xss-protection
1; mode=block
server
cafe
etag
14067721879039205164
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Nov 2017 13:18:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1413 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRI9atdSC64GOJg84qvgqw-WYZWOHEGU-KWQSNuzbZEg208SuLYqkjnaFuhUhfdB7aGhPTb2KM0ko3yGSiOCPRNzAJHUy96hUXSSdHxDNDEh_8e8PMEvnt3s8FzcyukwE6sczD4lF7qbZsz7_kxC2xDS8LAenWPO68tCA9UL8IjWNWCOSV1pn8n16z12EynkkojqAJCF2bIwDRunRcmeYitRa9NLPGmw-XkBsNu6WthuNiqJgrg-aNMzfN&sig=Cg0ArKJSzAMAR4OPQu0QEAE&urlfix=1&adurl=
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pcs/view?xai=AKAOjstRI9atdSC64GOJg84qvgqw-WYZWOHEGU-KWQSNuzbZEg208SuLYqkjnaFuhUhfdB7aGhPTb2KM0ko3yGSiOCPRNzAJHUy96hUXSSdHxDNDEh_8e8PMEvnt3s8FzcyukwE6sczD4lF7qbZsz7_kxC2xDS8LAenWPO68tCA9UL8IjWNWCOSV1pn8n16z12EynkkojqAJCF2bIwDRunRcmeYitRa9NLPGmw-XkBsNu6WthuNiqJgrg-aNMzfN&sig=Cg0ArKJSzAMAR4OPQu0QEAE&urlfix=1&adurl=
pragma
no-cache
cookie
test_cookie=CheckForPermission
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
set-cookie
IDE=AHWqTUmaXJlE6r4U6kC7FNuEykANORgPrvNhJ44VkF4xgXfQK0Zpl-NQ2aowK1H1; expires=Fri, 14-Dec-2018 13:04:59 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
content-type
text/html; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
truncated
/ Frame 1413 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4365e135dcead7cb66ccefea26fa55c4723545f89756ca7ce9d437e770bf3c33

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ 		421 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07abf577188f1fd708d4a002e55e7c99c4dc03ec84958de287a0ac710ebb8034

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
rxb6y0LinLUWhIwDDxoFu1VfGHp4BqVIxLPuajbG9ro9vsmhlj4N9FrYwxmRzm42OedJc6jhCUDL5EIIO4A=s640-l65
lh3.googleusercontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/rxb6y0LinLUWhIwDDxoFu1VfGHp4BqVIxLPuajbG9ro9vsmhlj4N9FrYwxmRzm42OedJc6jhCUDL5EIIO4A=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ef17712303bf6d9118ec11fb30f10739a2c29159c733adf00a9ba28e9b3de21b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/rxb6y0LinLUWhIwDDxoFu1VfGHp4BqVIxLPuajbG9ro9vsmhlj4N9FrYwxmRzm42OedJc6jhCUDL5EIIO4A=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 12:35:20 GMT
x-content-type-options
nosniff
age
1779
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
20052
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 11:26:06 GMT
w3yW6MnhCsFp79ExSrYSAzKDBORAO5vu2iqQynizkRIyfNz5S9zA0H9OQOVu1vyzxIy0Z6hVLzyUrOO0FAeh=s640-l65
lh3.googleusercontent.com/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/w3yW6MnhCsFp79ExSrYSAzKDBORAO5vu2iqQynizkRIyfNz5S9zA0H9OQOVu1vyzxIy0Z6hVLzyUrOO0FAeh=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
cd56b3388eb3463afea5c9c9c2dad8caddfd1ebebacf2943da87f47274bd09a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/w3yW6MnhCsFp79ExSrYSAzKDBORAO5vu2iqQynizkRIyfNz5S9zA0H9OQOVu1vyzxIy0Z6hVLzyUrOO0FAeh=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
102419
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 13:04:59 GMT
8296XUSkFLhM7m09ml54X-s6ITysxr8XF9Q3ZLIoUfMnQB1LtuY3OibHAs4hHm5bbFexJy31ihrB-kPNPth_=s640-l65
lh3.googleusercontent.com/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/8296XUSkFLhM7m09ml54X-s6ITysxr8XF9Q3ZLIoUfMnQB1LtuY3OibHAs4hHm5bbFexJy31ihrB-kPNPth_=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
f2f3b088b472df316fc843ac567860ed9389d5d960fa18d0e6eb6791c1b1a425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/8296XUSkFLhM7m09ml54X-s6ITysxr8XF9Q3ZLIoUfMnQB1LtuY3OibHAs4hHm5bbFexJy31ihrB-kPNPth_=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
46324
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 Nov 2017 22:49:16 GMT
BfOyEcisWJjDqvV1V6J1FgVtDDr4gBvIwaVeMXaaqiMMRlTvnZFVqypOi2NP4FP1LjoPm8QL9H28iBWGQdk1=s640-l65
lh3.googleusercontent.com/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/BfOyEcisWJjDqvV1V6J1FgVtDDr4gBvIwaVeMXaaqiMMRlTvnZFVqypOi2NP4FP1LjoPm8QL9H28iBWGQdk1=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
7558fa01f8919cc4562bf8514b745e52b6d3e849484e6121b36f1c994aa01613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/BfOyEcisWJjDqvV1V6J1FgVtDDr4gBvIwaVeMXaaqiMMRlTvnZFVqypOi2NP4FP1LjoPm8QL9H28iBWGQdk1=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
69464
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 13:04:59 GMT
-UmA1bQkSRKj8m5mjiqfGqYkX2bTzOwFGvqGEZMQDRpAz7JPmv-IJD7OAC_BjEPKurIlqEd4dxiMrmDw-30=s640-l65
lh3.googleusercontent.com/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-UmA1bQkSRKj8m5mjiqfGqYkX2bTzOwFGvqGEZMQDRpAz7JPmv-IJD7OAC_BjEPKurIlqEd4dxiMrmDw-30=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
370811b2ae69f89e549fe96a4f532d423d9d04081b43549dfff66a93d264d15d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/-UmA1bQkSRKj8m5mjiqfGqYkX2bTzOwFGvqGEZMQDRpAz7JPmv-IJD7OAC_BjEPKurIlqEd4dxiMrmDw-30=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
95969
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 19 Nov 2017 10:55:27 GMT
IFUOugpF89KbLFR2fGe_9Xvjuuan4oAHee4dAWMAdntaiIbq0yw7WiFe1pTmorclfY0Q-qIF3nitmFnDwSwv=s640-l65
lh3.googleusercontent.com/ 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/IFUOugpF89KbLFR2fGe_9Xvjuuan4oAHee4dAWMAdntaiIbq0yw7WiFe1pTmorclfY0Q-qIF3nitmFnDwSwv=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
5fa63f7fcf7728d2887ee2a5a9505beaf52dd8cc58ae357674ba3648acf17776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/IFUOugpF89KbLFR2fGe_9Xvjuuan4oAHee4dAWMAdntaiIbq0yw7WiFe1pTmorclfY0Q-qIF3nitmFnDwSwv=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
293859
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 13:04:59 GMT
kplsuQnEbT9hTRGTbOPNPkO76dgUmJrh4Cn9pCEJtuRLqodripvt7MIiVyTeWWwj-YO5MC2A4CqlofPYYEsnXA=s640-l65
lh3.googleusercontent.com/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/kplsuQnEbT9hTRGTbOPNPkO76dgUmJrh4Cn9pCEJtuRLqodripvt7MIiVyTeWWwj-YO5MC2A4CqlofPYYEsnXA=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ed1c0dd1754995ac7bbe9b9e201fef092e191a3911f74415748813027b72056e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/kplsuQnEbT9hTRGTbOPNPkO76dgUmJrh4Cn9pCEJtuRLqodripvt7MIiVyTeWWwj-YO5MC2A4CqlofPYYEsnXA=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
137831
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 13:04:59 GMT
qwyH_GustTSLoVPZIGBAlj-Y_wQtuC1dOOjarz3flqLpxcZdK_0htu2FBfc_fIX7CTEWdYDeGwlHZpSRqa2ctQXNZmuVaygfEg=s640-l65
lh3.googleusercontent.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/qwyH_GustTSLoVPZIGBAlj-Y_wQtuC1dOOjarz3flqLpxcZdK_0htu2FBfc_fIX7CTEWdYDeGwlHZpSRqa2ctQXNZmuVaygfEg=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
557d5442e0e0161b2cd602730e2a4f5fcf132f877699dbe93cc39855d608c266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/qwyH_GustTSLoVPZIGBAlj-Y_wQtuC1dOOjarz3flqLpxcZdK_0htu2FBfc_fIX7CTEWdYDeGwlHZpSRqa2ctQXNZmuVaygfEg=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
21835
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 13:04:59 GMT
DOcwTu4NfeR79Pjt0Mc6u-rJzxBAWwwmJDyAYci5nXpYcBzjWD6hM0rmSx2rjnJy9Fop6IvXgjWsXT1D2ck=s640-l65
lh3.googleusercontent.com/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/DOcwTu4NfeR79Pjt0Mc6u-rJzxBAWwwmJDyAYci5nXpYcBzjWD6hM0rmSx2rjnJy9Fop6IvXgjWsXT1D2ck=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
e02448b0abfe25e9e708a55ff16c3eb87ffefc5917a650a08655647e966591ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/DOcwTu4NfeR79Pjt0Mc6u-rJzxBAWwwmJDyAYci5nXpYcBzjWD6hM0rmSx2rjnJy9Fop6IvXgjWsXT1D2ck=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
65379
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 13:04:59 GMT
XOpY2STgd-JrCwTeNn6rvqsd2iISClvhFxPLDAmblYlX-YfE5C7slvUOOVFcPpQX7xn2NmsK0YLjXfhK1MXCFLTWkUJ3bPjf2IM=s640-l65
lh3.googleusercontent.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/XOpY2STgd-JrCwTeNn6rvqsd2iISClvhFxPLDAmblYlX-YfE5C7slvUOOVFcPpQX7xn2NmsK0YLjXfhK1MXCFLTWkUJ3bPjf2IM=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
1b89ad81c86cad38999bffd7d1d3d603249a020af350901b4a066572b5e44644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/XOpY2STgd-JrCwTeNn6rvqsd2iISClvhFxPLDAmblYlX-YfE5C7slvUOOVFcPpQX7xn2NmsK0YLjXfhK1MXCFLTWkUJ3bPjf2IM=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
33773
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 01:24:54 GMT
ox6QCNDoYT2W7TP5ys-csKsC_z7Hh_dnOkGDHRbfObyx1MC4GyBVH5pBmO5_TKEVViVbGyNVtxfngTRkq2bc=s640-l65
lh3.googleusercontent.com/ 		310 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ox6QCNDoYT2W7TP5ys-csKsC_z7Hh_dnOkGDHRbfObyx1MC4GyBVH5pBmO5_TKEVViVbGyNVtxfngTRkq2bc=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
f9bc5f53dcd3ff3226bf6f7fccf012c5fcc1af688e408537ef64d207809b1fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ox6QCNDoYT2W7TP5ys-csKsC_z7Hh_dnOkGDHRbfObyx1MC4GyBVH5pBmO5_TKEVViVbGyNVtxfngTRkq2bc=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
317926
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 01:24:54 GMT
ZpdzGVN2T5IRKavXOkhQA38GMmH5W9EeopuYI6zab4nsmaD21c0TsA2dwOCyYuVpyyZ38Yc3N7nNn8UsRNPsOQ=s640-l65
lh3.googleusercontent.com/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ZpdzGVN2T5IRKavXOkhQA38GMmH5W9EeopuYI6zab4nsmaD21c0TsA2dwOCyYuVpyyZ38Yc3N7nNn8UsRNPsOQ=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
98b7369aec725ddfc383dd611c5371e1d19237bb3eae369410006d3c2e96724f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ZpdzGVN2T5IRKavXOkhQA38GMmH5W9EeopuYI6zab4nsmaD21c0TsA2dwOCyYuVpyyZ38Yc3N7nNn8UsRNPsOQ=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
159530
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 13:04:59 GMT
Mww3GO9I_xRWA5dUlGdr0NZvQ2Vomb4KTSrCsvqcb9WtCxtFR-jbukp6fuBKcRZmNTSUBMQMM3fxJGuRV4lb=s640-l65
lh3.googleusercontent.com/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Mww3GO9I_xRWA5dUlGdr0NZvQ2Vomb4KTSrCsvqcb9WtCxtFR-jbukp6fuBKcRZmNTSUBMQMM3fxJGuRV4lb=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
2ddb390ec500c52d677ca5ae95d3cc32aeb611928993d2d14657ad28cfb57db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/Mww3GO9I_xRWA5dUlGdr0NZvQ2Vomb4KTSrCsvqcb9WtCxtFR-jbukp6fuBKcRZmNTSUBMQMM3fxJGuRV4lb=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
39093
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Nov 2017 09:02:58 GMT
F0zF-ym82nB5aecrpdl9EUKjsP91VExr3O9cxm7bYLRU7g9xp_Oa6UHK5wOFh9DPxrzsaabPK8jDypEPrD3taA=s640-l65
lh3.googleusercontent.com/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/F0zF-ym82nB5aecrpdl9EUKjsP91VExr3O9cxm7bYLRU7g9xp_Oa6UHK5wOFh9DPxrzsaabPK8jDypEPrD3taA=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ba51facdfa723c634f84ea7b336e984acb002ed7d57cb623555391d2debea64b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/F0zF-ym82nB5aecrpdl9EUKjsP91VExr3O9cxm7bYLRU7g9xp_Oa6UHK5wOFh9DPxrzsaabPK8jDypEPrD3taA=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
37102
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 10:59:29 GMT
qDT18yF9mIEhdjyoEQRZQlpdFj-XDkwnqyw-7thsnINVO4Gw-o7qLla-XdhCDNbRThOUPsJCdJa4OzicCPQ-%3Ds640
lh3.googleusercontent.com/
Redirect Chain
  • https://it-cdn.vonvon.me/api/i/5775/0/intro?s=640
  • https://lh3.googleusercontent.com/qDT18yF9mIEhdjyoEQRZQlpdFj-XDkwnqyw-7thsnINVO4Gw-o7qLla-XdhCDNbRThOUPsJCdJa4OzicCPQ-%3Ds640
364 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/qDT18yF9mIEhdjyoEQRZQlpdFj-XDkwnqyw-7thsnINVO4Gw-o7qLla-XdhCDNbRThOUPsJCdJa4OzicCPQ-%3Ds640
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
faed6eb4c0b99904953058f8733899c8fa1a7ffdeec7f15f9c12ca2de451f587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/qDT18yF9mIEhdjyoEQRZQlpdFj-XDkwnqyw-7thsnINVO4Gw-o7qLla-XdhCDNbRThOUPsJCdJa4OzicCPQ-%3Ds640
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
372663
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 10:17:17 GMT

Redirect headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-vv-hash
532f638
cf-cache-status
MISS
server
cloudflare-nginx
status
301
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://lh3.googleusercontent.com/qDT18yF9mIEhdjyoEQRZQlpdFj-XDkwnqyw-7thsnINVO4Gw-o7qLla-XdhCDNbRThOUPsJCdJa4OzicCPQ-%3Ds640
x-cloud-trace-context
d6e250986358f4319246f450ce5604bc;o=1
cache-control
private
cf-ray
3c0360e19a1d63fd-FRA
HV2dYVV-oHS2N7LHQRaaCU-5An5IkFQ48VgtMQwRZNl5tl2k9DkbE-iBefB8nIDOcqxE_1qonyzdaBBQ3y35=s640-l65
lh3.googleusercontent.com/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/HV2dYVV-oHS2N7LHQRaaCU-5An5IkFQ48VgtMQwRZNl5tl2k9DkbE-iBefB8nIDOcqxE_1qonyzdaBBQ3y35=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
5ed60879e03d5d274c6053a2ee81d046f5e61d1084dbd66b298f0ceac4710fdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/HV2dYVV-oHS2N7LHQRaaCU-5An5IkFQ48VgtMQwRZNl5tl2k9DkbE-iBefB8nIDOcqxE_1qonyzdaBBQ3y35=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 12:46:02 GMT
x-content-type-options
nosniff
age
1137
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
54897
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 11:45:17 GMT
Ck87ucoVzNsZ80vtfqJsTpCwfeeoIo7ckZugxl_qgisQynThos-MTTaNc5-kX6Y86Z_tgkBNLsAGSbYmIAa5EQ=s640-l65
lh3.googleusercontent.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Ck87ucoVzNsZ80vtfqJsTpCwfeeoIo7ckZugxl_qgisQynThos-MTTaNc5-kX6Y86Z_tgkBNLsAGSbYmIAa5EQ=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
80e5a009724ad1a2132f1a6ee0d1dd7b6eccdfe30609510d4d482d7aba246810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/Ck87ucoVzNsZ80vtfqJsTpCwfeeoIo7ckZugxl_qgisQynThos-MTTaNc5-kX6Y86Z_tgkBNLsAGSbYmIAa5EQ=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
31972
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 01:24:54 GMT
ifTTgNenbyoF7IUjEyTP1CyLRRW1XlNHT_EZwDRIYhqw5Z4H7mV0Lp7VJo37Cy1rz9ttYy6KtYXvbOObFjoP=s640-l65
lh3.googleusercontent.com/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/ifTTgNenbyoF7IUjEyTP1CyLRRW1XlNHT_EZwDRIYhqw5Z4H7mV0Lp7VJo37Cy1rz9ttYy6KtYXvbOObFjoP=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
d88977aa2cc6cc67dc0a3dfe117c29b20702324b15379257d7732dafdc26ebe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ifTTgNenbyoF7IUjEyTP1CyLRRW1XlNHT_EZwDRIYhqw5Z4H7mV0Lp7VJo37Cy1rz9ttYy6KtYXvbOObFjoP=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
27899
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 01:24:54 GMT
check_taken.png
it-static-gcs.vonvon.me/images/ 		606 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://it-static-gcs.vonvon.me/images/check_taken.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:85e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
fc396c380f51964eb9e9c7d346a48f5a78ab03d33aab599ff6ea20756c4515a8

Request headers

:path
/images/check_taken.png
pragma
no-cache
cookie
last_host_region=it; session=5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3; __cfduid=dd51fd8445a40acf72dc119163a22e6b71511096697; _ga=GA1.2.1576051716.1511096698; _gid=GA1.2.1613767412.1511096698; __gads=ID=8104ac05505940ea:T=1511096698:S=ALNI_MZ2IwxRadfbU_R4j79wMKQOMOa6qw
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
it-static-gcs.vonvon.me
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
cf-cache-status
HIT
x-guploader-uploadid
AEnB2UpHa6HeJwHojC9b5bFBydyY7FP8Pw6PbG20odM86vjBWiUbkkpsARLfP_V4YMfHwXHKMUYYVzKRveYQIodl0swHrw88-A
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
606
last-modified
Thu, 16 Mar 2017 02:27:35 GMT
server
cloudflare-nginx
etag
"9bcb38fd48cead0bcdf442043d094c0b"
vary
Accept-Encoding
x-goog-hash
crc32c=rkpMXA== md5=m8s4/UjOrQvN9EIEPQlMCw==
x-goog-generation
1489631255942143
access-control-allow-origin
*
access-control-expose-headers
Origin Accept X-Requested-With Authorization Content-Type Content-Length Accept-Encoding X-CSRF-Token If-Modified-Since
cache-control
public, s-maxage=600, max-age=604800
x-goog-stored-content-length
606
accept-ranges
bytes
cf-ray
3c0360e19a1e63fd-FRA
expires
Tue, 21 Nov 2017 20:26:21 GMT
gKxJ6ar3zom0iTsk15mQBmOpbQ8CNIkiGI0EB9jT6Bgz5zByUJz5C9owAG52oIAe5x3XVPYB3zNrzfhg1xc9=s640-l65
lh3.googleusercontent.com/ 		380 KB
381 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/gKxJ6ar3zom0iTsk15mQBmOpbQ8CNIkiGI0EB9jT6Bgz5zByUJz5C9owAG52oIAe5x3XVPYB3zNrzfhg1xc9=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
8b3c40624f9f3d0c170fd8e662e8b4b6f2d180d2cc64419dc35499c63b817ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gKxJ6ar3zom0iTsk15mQBmOpbQ8CNIkiGI0EB9jT6Bgz5zByUJz5C9owAG52oIAe5x3XVPYB3zNrzfhg1xc9=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
389438
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 19 Nov 2017 16:16:31 GMT
DKcDkyQzjBaMaaT8EkeIgoAG88wy11Qm-tlcQfFTSbanpnauChO4R-_vQYjS2eXpvO2GUUJ78XQt1DPFqqgy=s640-l65
lh3.googleusercontent.com/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/DKcDkyQzjBaMaaT8EkeIgoAG88wy11Qm-tlcQfFTSbanpnauChO4R-_vQYjS2eXpvO2GUUJ78XQt1DPFqqgy=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
9796bc047bbf17bead0e92187c30cf083dc56fcae404b79601398e1919a53779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/DKcDkyQzjBaMaaT8EkeIgoAG88wy11Qm-tlcQfFTSbanpnauChO4R-_vQYjS2eXpvO2GUUJ78XQt1DPFqqgy=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 12:33:51 GMT
x-content-type-options
nosniff
age
1868
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35224
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 17 Nov 2017 10:30:15 GMT
fUrZRgWfrOYQjvqduzUVgmAQuJI_BBUqbaw3jaO35kXI248JyehV7eU6TKUlfzwTac4lexxWMUZG-dIp8sS49A=s640-l65
lh3.googleusercontent.com/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/fUrZRgWfrOYQjvqduzUVgmAQuJI_BBUqbaw3jaO35kXI248JyehV7eU6TKUlfzwTac4lexxWMUZG-dIp8sS49A=s640-l65
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
e9dd8dcb7d0fbddb73e20688d061eff19db8415c3f8ed36c182469727f823c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/fUrZRgWfrOYQjvqduzUVgmAQuJI_BBUqbaw3jaO35kXI248JyehV7eU6TKUlfzwTac4lexxWMUZG-dIp8sS49A=s640-l65
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
lh3.googleusercontent.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
age
0
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
38189
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 20 Nov 2017 01:24:54 GMT
integrator.js
adservice.google.de/adsid/ Frame 1413 		108 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=it.vonvon.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=it.vonvon.me
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.de
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame 1413 		108 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=it.vonvon.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=it.vonvon.me
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
ca-pub-8492433796752731.js
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 1413 		357 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8492433796752731.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3069ceebe77b085750eb1360edc30372fcb4b32ef08f17f69576401c59535ab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pub-config/r20160913/ca-pub-8492433796752731.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 08:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 18 Nov 2017 21:13:15 GMT
server
sffe
age
16880
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
203
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 20:23:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20171113/r20170110/ Frame 1413 		0
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/ Frame 1413 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f854ff80892d61fa93a07e96e375132553d9a6f50f8e07175b0b4d324a110b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20170110/show_ads_impl.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
4467782525037601178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=1209600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
67610
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1413 		65 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
748295e8e96b25d695c26314d4bb410da0e041a5fca17fbad9b61ebe9b0b2ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/adsbygoogle.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
9322909245359300446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
25032
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20171113/r20110914/activeview/ Frame 1413 		33 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20171113/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
82f095898fec84c81dc029e5debc1067eccb1e3eea412752d21d0f89f3e9aee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20110914/activeview/osd_listener.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tpc.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

date
Tue, 14 Nov 2017 01:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12808
x-xss-protection
1; mode=block
server
cafe
etag
410984267434061409
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2017 01:14:56 GMT
truncated
/ Frame 1413 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0fdbe24ae4de3336799dcb65759607549b25a1482a66d95abac8d3e95e2e5eb

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1413 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2vLijLNlkU7Pp_bUvBVWvXtRGpi92Q2Iw0SVpEBv74_9fQtHuFDX38oGewDwySZZc3B250tH1VMdFUpdkUsyz0dllhKQZ8a7A8hwJkUI88C9D82l_mmYUDZIedvr_MbUBUTBMYzctKN80gg4DqA1HZQPPtNPwYvI4wv2gu2-tRAChVStps0l7-ZHYKGKFyaoyPZtDlsYVWDICVBjbZvskzLkqJaPGS1BGzaLd3DZUqQuL52rIbaT7_QFiZTA&sig=Cg0ArKJSzA3CmlLn76msEAE&urlfix=1&adurl=
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pcs/view?xai=AKAOjsv2vLijLNlkU7Pp_bUvBVWvXtRGpi92Q2Iw0SVpEBv74_9fQtHuFDX38oGewDwySZZc3B250tH1VMdFUpdkUsyz0dllhKQZ8a7A8hwJkUI88C9D82l_mmYUDZIedvr_MbUBUTBMYzctKN80gg4DqA1HZQPPtNPwYvI4wv2gu2-tRAChVStps0l7-ZHYKGKFyaoyPZtDlsYVWDICVBjbZvskzLkqJaPGS1BGzaLd3DZUqQuL52rIbaT7_QFiZTA&sig=Cg0ArKJSzA3CmlLn76msEAE&urlfix=1&adurl=
pragma
no-cache
cookie
IDE=AHWqTUmaXJlE6r4U6kC7FNuEykANORgPrvNhJ44VkF4xgXfQK0Zpl-NQ2aowK1H1; test_cookie=CheckForPermission
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
content-type
text/html; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
integrator.js
adservice.google.de/adsid/ Frame 1413 		108 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=it.vonvon.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=it.vonvon.me
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.de
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame 1413 		108 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=it.vonvon.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=it.vonvon.me
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
ca-pub-8492433796752731.js
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 1413 		357 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8492433796752731.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3069ceebe77b085750eb1360edc30372fcb4b32ef08f17f69576401c59535ab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pub-config/r20160913/ca-pub-8492433796752731.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

date
Sun, 19 Nov 2017 08:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 18 Nov 2017 21:13:15 GMT
server
sffe
age
16880
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
203
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 20:23:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1413 		0
0
osd.js
pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/ Frame 1413 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bf75927ab86d23f5230c713f556f40c7cdac3dacd41ba15ca3cc31e6bc5fd847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20170110/osd.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 14 Nov 2017 07:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
29589
x-xss-protection
1; mode=block
server
cafe
etag
14067721879039205164
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2017 07:26:26 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/ Frame 1413 		178 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f854ff80892d61fa93a07e96e375132553d9a6f50f8e07175b0b4d324a110b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20170110/show_ads_impl.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
4467782525037601178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=1209600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
67610
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1413 		0
0
osd.js
pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/ Frame 1413 		80 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bf75927ab86d23f5230c713f556f40c7cdac3dacd41ba15ca3cc31e6bc5fd847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20170110/osd.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

date
Tue, 14 Nov 2017 07:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
29589
x-xss-protection
1; mode=block
server
cafe
etag
14067721879039205164
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2017 07:26:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1413 		65 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
748295e8e96b25d695c26314d4bb410da0e041a5fca17fbad9b61ebe9b0b2ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/adsbygoogle.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
9322909245359300446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
25032
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20171113/r20110914/activeview/ Frame 1413 		33 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20171113/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_168.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
82f095898fec84c81dc029e5debc1067eccb1e3eea412752d21d0f89f3e9aee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20110914/activeview/osd_listener.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tpc.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

date
Tue, 14 Nov 2017 01:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12808
x-xss-protection
1; mode=block
server
cafe
etag
410984267434061409
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2017 01:14:56 GMT
truncated
/ Frame 1413 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d29b853c7751500d54c7b040b1b1aac2046562daedea68b7d1ce0252053f4426

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1413 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsug7Nb4kNRrW5hqeCpAyDGam9MoWQMbA8jchRUBq9vSbjyPSSmqA6KhSStwntbtqsylbHI_Sy9nz0RdUxxbGUoVUt7atd8lQixgF0FWX9EPObQsBoWBOVHfURyxM6RFzumDRYYV1D7dHzqb2uBK4rlFVYyZ0WRCoQe6cV9sAnqAPw4b4cjq514LWjngyUzsk0aB8pRzBwzceD7nWAnbYg060DTTYVoGT9rZKzeuJ3lMrnyeSTBSreuxUA8AjVziNuo&sig=Cg0ArKJSzEUpaeN9jmm9EAE&urlfix=1&adurl=
Requested by
Host: it.vonvon.me
URL: https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pcs/view?xai=AKAOjsug7Nb4kNRrW5hqeCpAyDGam9MoWQMbA8jchRUBq9vSbjyPSSmqA6KhSStwntbtqsylbHI_Sy9nz0RdUxxbGUoVUt7atd8lQixgF0FWX9EPObQsBoWBOVHfURyxM6RFzumDRYYV1D7dHzqb2uBK4rlFVYyZ0WRCoQe6cV9sAnqAPw4b4cjq514LWjngyUzsk0aB8pRzBwzceD7nWAnbYg060DTTYVoGT9rZKzeuJ3lMrnyeSTBSreuxUA8AjVziNuo&sig=Cg0ArKJSzEUpaeN9jmm9EAE&urlfix=1&adurl=
pragma
no-cache
cookie
IDE=AHWqTUmaXJlE6r4U6kC7FNuEykANORgPrvNhJ44VkF4xgXfQK0Zpl-NQ2aowK1H1; test_cookie=CheckForPermission
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
content-type
text/html; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
show_ads_impl_single_load.js
pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/ Frame 1413 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl_single_load.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
4b7986bc593b1068313749010899b841a11768345becca398b1adce220ee898f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20170110/show_ads_impl_single_load.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
546577750363071205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=1209600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
67637
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 13:04:59 GMT
integrator.js
adservice.google.de/adsid/ Frame 1413 		108 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=it.vonvon.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=it.vonvon.me
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.de
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame 1413 		108 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=it.vonvon.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.js?domain=it.vonvon.me
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Nov 2017 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
ca-pub-8492433796752731.js
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 1413 		357 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8492433796752731.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3069ceebe77b085750eb1360edc30372fcb4b32ef08f17f69576401c59535ab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pub-config/r20160913/ca-pub-8492433796752731.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

date
Sun, 19 Nov 2017 08:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 18 Nov 2017 21:13:15 GMT
server
sffe
age
16880
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
203
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2017 20:23:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1413 		0
0
osd.js
pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/ Frame 1413 		80 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl_single_load.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
bf75927ab86d23f5230c713f556f40c7cdac3dacd41ba15ca3cc31e6bc5fd847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/js/r20171113/r20170110/osd.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET

Response headers

date
Tue, 14 Nov 2017 07:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
29589
x-xss-protection
1; mode=block
server
cafe
etag
14067721879039205164
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2017 07:26:26 GMT
activeview
pagead2.googlesyndication.com/ Frame 1413 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview?avi=BGlzSeoERWp61L5HibYCakagFAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASBORoMgw&id=osdim&ti=1&r=v&adk=183662660&tt=1310&bs=1585,1200&mtos=0,0,1071,1071,1071&tos=0,0,1071,0,0&p=1151,271,1241,999&inapp=0&mcvt=1071&rs=3&ht=0&tfs=248&tls=1319&mc=0.54&lte=0.54&bas=0&bac=0&bos=1600,1200&ps=1585,3879&ss=1600,1200&pt=10&deb=1-1-3-10-14-13&tvt=1298&op=1&avms=geo&r=v&uc=21&tgt=INS&cl=1&cec=7&clc=1&cac=0728x90&v=r20171113
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/activeview?avi=BGlzSeoERWp61L5HibYCakagFAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASBORoMgw&id=osdim&ti=1&r=v&adk=183662660&tt=1310&bs=1585,1200&mtos=0,0,1071,1071,1071&tos=0,0,1071,0,0&p=1151,271,1241,999&inapp=0&mcvt=1071&rs=3&ht=0&tfs=248&tls=1319&mc=0.54&lte=0.54&bas=0&bac=0&bos=1600,1200&ps=1585,3879&ss=1600,1200&pt=10&deb=1-1-3-10-14-13&tvt=1298&op=1&avms=geo&r=v&uc=21&tgt=INS&cl=1&cec=7&clc=1&cac=0728x90&v=r20171113
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2017 13:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
prebid.adnxs.com/pbs/v1/ 		232 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/auction
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.67.153.75 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
lbip767069.nym2.adnexus.net
Software
nginx/1.11.10 /
Resource Hash
f41057436426493457d78af4bcc3cbf6661c423ed2f9bde84bfed4f7f8ba7aef

Request headers

Pragma
no-cache
Origin
https://it.vonvon.me
Accept-Encoding
gzip, deflate
Host
prebid.adnxs.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain
Accept
*/*
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Cookie
uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIxODM1ODAzNzczMTk1ODA0OTQ1IiwiZXhwaXJlcyI6IjIwMTctMTItMDNUMTM6MDU6MDAuODM4NTIwOTM5WiJ9LCJwdWxzZXBvaW50Ijp7InVpZCI6ImQydnI2cDRITDBVNSIsImV4cGlyZXMiOiIyMDE3LTEyLTAzVDEzOjA1OjAxLjcwNDgyNzM4MVoifX0sImJkYXkiOiIyMDE3LTExLTE5VDEzOjA1OjAwLjgzODUxOTM0NVoifQ==; sess=1; uuid2=1835803773195804945
Connection
keep-alive
Content-Length
2523
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Origin
https://it.vonvon.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:05:02 GMT
Server
nginx/1.11.10
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://it.vonvon.me
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
232
Expires
0
Cookie set cygnus
as-sec.casalemedia.com/ 		44 B
64 B 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&fn=cygnus_index_parse_res&s=196065&r=%7B%22id%22%3A%22556124739%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%221_1%22%2C%22siteID%22%3A196063%7D%7D%2C%7B%22id%22%3A%222%22%2C%20%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%221_2%22%2C%22siteID%22%3A196063%7D%7D%2C%7B%22id%22%3A%223%22%2C%20%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%222_1%22%2C%22siteID%22%3A196064%7D%7D%2C%7B%22id%22%3A%224%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%222_2%22%2C%22siteID%22%3A196064%7D%7D%2C%7B%22id%22%3A%225%22%2C%20%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%224_1%22%2C%22siteID%22%3A196066%7D%7D%2C%7B%22id%22%3A%226%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%224_2%22%2C%22siteID%22%3A196066%7D%7D%2C%7B%22id%22%3A%227%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%227_1%22%2C%22siteID%22%3A196069%7D%7D%2C%7B%22id%22%3A%228%22%2C%20%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%226_1%22%2C%22siteID%22%3A196068%7D%7D%2C%7B%22id%22%3A%229%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%226_2%22%2C%22siteID%22%3A196068%7D%7D%5D%7D&pid=pb0.33.0-pre
Requested by
Host: it-static-gcs.vonvon.me
URL: https://it-static-gcs.vonvon.me/gened/wp/js/vonvon-base.594b9201fc3e51057f37.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-93-251.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
eaecab8d06104f52d277ed026536aa681ee64349b06210123d05ff7fe9f4fc08

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
as-sec.casalemedia.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
Cookie
CMSC=WhGBeg**; CMDD=AAL5FgE*; CMID=WhGBerlQJrkAAFBrYMIAAABh; CMPS=3216; CMPRO=1174; CMST=WhGBeloRgXsB
Connection
keep-alive
Cache-Control
no-cache
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Nov 2017 13:05:00 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=WhGBerlQJrkAAFBrYMIAAABh;domain=casalemedia.com;path=/;expires=Mon, 19 Nov 2018 13:05:00 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sat, 17 Feb 2018 13:05:00 GMT CMPRO=1174;domain=casalemedia.com;path=/;expires=Sat, 17 Feb 2018 13:05:00 GMT CMST=WhGBeloRgXwB;domain=casalemedia.com;path=/;expires=Mon, 20 Nov 2017 13:05:00 GMT
Content-Type
text/javascript
Content-Length
64
Expires
Sun, 19 Nov 2017 13:05:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1413 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZQIHR8GcVjb_CoC-t5aXcdD7flGHi98jGfaj8omyC-5DXAx32jrV8XXBy37nNsmrf6ecM_UFecno6D-qOQCxEd92eRZ-R9FM&sig=Cg0ArKJSzAkmn2Lp04P1EAE&id=osdim&ti=1&r=v&adk=691716342&tt=1613&bs=1585,1200&mtos=1488,1488,1488,1488,1488&tos=1488,0,0,0,0&p=60,274,150,1002&inapp=0&mcvt=1488&rs=3&ht=0&tfs=134&tls=1622&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,3879&ss=1600,1200&pt=10&deb=1-1-3-12-17-13&tvt=1601&op=1&avms=geo&r=v&uc=1&tgt=INS&cl=1&cec=7&clc=1&cac=0728x90&v=r20171113
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pcs/activeview?xai=AKAOjstZQIHR8GcVjb_CoC-t5aXcdD7flGHi98jGfaj8omyC-5DXAx32jrV8XXBy37nNsmrf6ecM_UFecno6D-qOQCxEd92eRZ-R9FM&sig=Cg0ArKJSzAkmn2Lp04P1EAE&id=osdim&ti=1&r=v&adk=691716342&tt=1613&bs=1585,1200&mtos=1488,1488,1488,1488,1488&tos=1488,0,0,0,0&p=60,274,150,1002&inapp=0&mcvt=1488&rs=3&ht=0&tfs=134&tls=1622&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,3879&ss=1600,1200&pt=10&deb=1-1-3-12-17-13&tvt=1601&op=1&avms=geo&r=v&uc=1&tgt=INS&cl=1&cec=7&clc=1&cac=0728x90&v=r20171113
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2017 13:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/ Frame 1413 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview?avi=BF2breoERWq7FMNL0buaOmYgHAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASBORoPfI&id=osdim&ti=1&r=v&adk=3632746670&tt=1613&bs=1585,1200&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&p=170,1014,420,1314&inapp=0&mcvt=1053&rs=3&ht=0&tfs=569&tls=1622&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,3879&ss=1600,1200&pt=10&deb=1-1-3-12-17-13&tvt=1601&op=1&avms=geo&r=v&uc=17&tgt=INS&cl=1&cec=7&clc=1&cac=0300x250&v=r20171113
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/activeview?avi=BF2breoERWq7FMNL0buaOmYgHAAAAABABOAHIAQnAAgLgAgDgBAGgBhbSCAUIgGEQAQ&cid=CAASBORoPfI&id=osdim&ti=1&r=v&adk=3632746670&tt=1613&bs=1585,1200&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&p=170,1014,420,1314&inapp=0&mcvt=1053&rs=3&ht=0&tfs=569&tls=1622&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,3879&ss=1600,1200&pt=10&deb=1-1-3-12-17-13&tvt=1601&op=1&avms=geo&r=v&uc=17&tgt=INS&cl=1&cec=7&clc=1&cac=0300x250&v=r20171113
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
:scheme
https
:method
GET
Referer
https://it.vonvon.me/mequiz/5912/n/4897062688653312?utm_viral=81
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2017 13:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
platform.twitter.com
URL
https://platform.twitter.com/widgets/twitter_cookies.html?namespace=twttr%3Acookies&origin=https%3A%2F%2Fit.vonvon.me
Domain
staticxx.facebook.com
URL
https://staticxx.facebook.com/connect/xd_arbiter/r/lY4eZXm_YWu.js?version=42
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20171113/r20170110/zrt_lookup.html
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492433796752731&output=html&h=90&slotname=9816260407&adk=1676927845&adf=3279755399&w=728&format=728x90&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&ea=0&flash=0&wgl=1&adsid=NT&dt=1511096699151&bpp=10&bdt=381&fdt=12&idt=151&shv=r20171113&cbv=r20170110&saldr=aa&correlator=1791414868464&frm=23&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=1710178900&ga_fc=0&pv=2&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=274&ady=60&biw=1585&bih=1200&isw=728&ish=90&ifk=704017395&eid=21060548%2C21061122%2C20040060%2C21060858&oid=3&nmo=1&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Cmo%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&osw_key=1949874412&ifi=1&dtd=175
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492433796752731&output=html&h=90&slotname=2420589609&adk=2381399396&adf=3279755398&w=728&format=728x90&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&ea=0&flash=0&wgl=1&adsid=NT&dt=1511096699226&bpp=19&bdt=455&fdt=136&idt=164&shv=r20171113&cbv=r20170110&saldr=aa&correlator=1791414868464&frm=23&ga_vid=1576051716.1511096698&ga_sid=1511096699&ga_hid=1561604527&ga_fc=0&pv=1&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=271&ady=1151&biw=1585&bih=1200&isw=728&ish=90&ifk=2477781624&eid=21061122%2C21060858&oid=3&nmo=1&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Cmo%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&osw_key=1639676636&ifi=1&dtd=186
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8492433796752731&output=html&h=250&slotname=6096954000&adk=1864620784&adf=3279755396&w=300&format=300x250&url=https%3A%2F%2Fit.vonvon.me%2Fmequiz%2F5912%2Fn%2F4897062688653312%3Futm_viral%3D81&ea=0&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1511096699472&bpp=7&bdt=705&fdt=65&idt=80&shv=r20171113&cbv=r20170110&saldr=aa&correlator=1791414868464&frm=23&ga_vid=1576051716.1511096698&ga_sid=1511096700&ga_hid=152868010&ga_fc=0&pv=1&iag=15&icsg=0&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1014&ady=170&biw=1585&bih=1200&isw=300&ish=250&ifk=1224270258&eid=21060868%2C21061122&oid=3&nmo=1&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=o%7Cmo%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=20&bc=1&osw_key=2527523565&ifi=1&dtd=98

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| vvLoadStart string| vvHostname function| setVVJSLoaded object| webpackManifest function| fbq function| _fbq function| webpackJsonp function| $ function| jQuery object| angular object| XdUtils object| xdLocalStorage object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| pbjsChunk object| pbjs object| hbpb function| cygnus_index_parse_res function| index_render function| headertag_render object| cygnus_index_args object| stickyadstv_cache object| ybotq object| vvBrowser object| vv object| vvUtils object| urlbase64 object| vvCookies object| vvSessionStorage object| vvSessionUtils object| vvCommon object| popupLayer object| regionLayer object| googletag object| vvGa object| vvTrack object| docCookies function| comparator function| zipPairs function| VVVideoAds object| vts string| GoogleAnalyticsObject function| ga object| amznads object| gaplugins object| gaGlobal function| Ellipse object| google_js_reporting_queue function| processGoogleToken object| googleToken object| googleIMState function| amzn_ads function| aax_write function| amznMatchCookie function| aax_render_ad function| _typeof object| amznpassback object| GPT_jstiming function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _IndexRequestData function| cygnus_index_ready_state boolean| google_noFetch boolean| google_DisableInitialLoad object| __google_ad_urls number| __google_ad_urls_id object| FB function| __twttrll object| twttr object| __twttr number| google_unique_id object| closure_memoize_cache_ object| google_timing_params object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_jobrunner object| google_reactive_ads_global_state number| google_global_correlator object| google_prev_clients object| arr object| l number| i

7 Cookies

Domain/Path Name / Value
.it.vonvon.me/ Name: it.localStorage
Value: eyJzbnNMaXN0Ijp7IndoYXRzYXBwIjoiWSJ9LCJtZXF1aXpfcmVkaXJlY3RfcGFyYW1zIjp7Im0iOiIyMTY0OSIsImZyIjoidl8xMzFsOXQzcWV5aDI2ZWh2bCJ9LCJpbmZsb3dRdWl6SWRzIjpbIjU5MTIiXX0
.vonvon.me/ Name: _gid
Value: GA1.2.1613767412.1511096698
.vonvon.me/ Name: session
Value: 5f94eff8-d52c-4c35-a6ba-3b4dff20cbb3
.vonvon.me/ Name: __cfduid
Value: dd51fd8445a40acf72dc119163a22e6b71511096697
.it.vonvon.me/ Name: it.vts
Value: 1511096697
.vonvon.me/ Name: _ga
Value: GA1.2.1576051716.1511096698
.vonvon.me/ Name: last_host_region
Value: it

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
as-sec.casalemedia.com
bh.contextweb.com
c.amazon-adsystem.com
connect.facebook.net
googleads.g.doubleclick.net
graph.facebook.com
ib.adnxs.com
it-cdn.vonvon.me
it-static-gcs.vonvon.me
it.vonvon.me
lh3.googleusercontent.com
match.adsrvr.org
pagead2.googlesyndication.com
platform.twitter.com
prebid.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
staticxx.facebook.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
googleads.g.doubleclick.net
platform.twitter.com
staticxx.facebook.com
104.244.42.8
151.101.112.166
172.217.23.162
184.169.182.70
185.33.223.80
199.96.57.6
2400:cb00:2048:1::6810:84e3
2400:cb00:2048:1::6810:85e3
2a00:1450:4001:814::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::200e
2a00:1450:4001:81f::2013
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
52.85.64.125
52.94.216.48
68.67.153.75
92.123.93.251
01bc56a64edb2ff95ce348e1cb565a535e06cd109ae7c5b4c1f26f9c58c1abbd
026213c32804ab0e0b170c5c93540ec1767565aa0da5fcff9454beaca12f6838
07abf577188f1fd708d4a002e55e7c99c4dc03ec84958de287a0ac710ebb8034
0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082
1080dfa578a0369c53894f51421245612fc864646bd359515dd389a7c6736e5d
10932f88eb807030248d47626d2d484c4af7caa18137490a299be9a141727f9d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
126c5eb4ea15ef706ca778049da7ecb6baae6b12b08c3c09701bf9eadf1d52ad
1b89ad81c86cad38999bffd7d1d3d603249a020af350901b4a066572b5e44644
21a832869925becbe275d83fed2460ea1073b1b64b94b21524e186b806416a89
2a01f83e404b82d95b2bfe2e2f65de3b3b71bb2296f163fab9876b15df674822
2d4281edd8d50d7d78209326a952aab1cd03dad380b7cc0e5245bcd9136fe5b7
2ddb390ec500c52d677ca5ae95d3cc32aeb611928993d2d14657ad28cfb57db4
3069ceebe77b085750eb1360edc30372fcb4b32ef08f17f69576401c59535ab5
32eb168a5f82e7714d80515bba96f9ab512051ed1539a9a4fd5b8846e987a94d
33b7a4fa5258997e852f6a83448db6175475517e4f2bb18ac81131fdd3024335
33baadec7b557ecce3382437342771d3d4fac857d3688f2083b9dd42a14cfbfa
34d1d58deb6bdcf156d409575e074c7cfc415fef2d6982d21cabbaaa04aecf0c
35fe87e2e8a4cab59e742ecadba2569b9ee1b03b00e308293dcbacf01be70656
370811b2ae69f89e549fe96a4f532d423d9d04081b43549dfff66a93d264d15d
3b36753e2a033926a956f39f23dc37baade48ab42c6242b95b77d55a79d8a3a4
4365e135dcead7cb66ccefea26fa55c4723545f89756ca7ce9d437e770bf3c33
4b7986bc593b1068313749010899b841a11768345becca398b1adce220ee898f
51ec7e6396ce743de87a50f10aaeb3fd7d6df45e840b1868f2b48e233a916679
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5564ebed256b18a9f7abd8b98da03ef673491b6a3bb23a2b482c7240deca88af
557d5442e0e0161b2cd602730e2a4f5fcf132f877699dbe93cc39855d608c266
57af4cf196e499f023e1d4c894069fb452238431b81576f4c94a741b1189c68a
5ed60879e03d5d274c6053a2ee81d046f5e61d1084dbd66b298f0ceac4710fdc
5fa63f7fcf7728d2887ee2a5a9505beaf52dd8cc58ae357674ba3648acf17776
62d5d1b6a858cd76c1145ad090d200f89e9489d9bc62a640bc6b338a95996c40
748295e8e96b25d695c26314d4bb410da0e041a5fca17fbad9b61ebe9b0b2ab0
7558fa01f8919cc4562bf8514b745e52b6d3e849484e6121b36f1c994aa01613
7808ce5ca5800adfa4c13cc10024d28d050acb764a50f00c46c237b9395fcaef
7979ed319019c6575c236d5b98d2089f3ceb7f131d927e22dbaa0d152f7199ea
80e5a009724ad1a2132f1a6ee0d1dd7b6eccdfe30609510d4d482d7aba246810
82f095898fec84c81dc029e5debc1067eccb1e3eea412752d21d0f89f3e9aee1
86529fc6364b387e770fe1ebaadb372c4986f1fd584b6d8ddfb1755d7b363bf1
879b32e11198472a05159530541029875d5fd96f1e9b4c1a9f6393d30dc1a6b7
87b379e8eb9c04bd68ec9ddbcd14d3746d97f4ce1fcf0b1ca84ee6f51e0b94aa
8a1b38212e79eb993b4210350d2e37a8c1b135e738e464235b82af46af7ca61b
8b3c40624f9f3d0c170fd8e662e8b4b6f2d180d2cc64419dc35499c63b817ecc
9796bc047bbf17bead0e92187c30cf083dc56fcae404b79601398e1919a53779
98b7369aec725ddfc383dd611c5371e1d19237bb3eae369410006d3c2e96724f
a0a1c9cfbb145a4361390bac3a6bb9af77c3433f2a8f3ba5f3450d043b608976
a9ea1a8b76e0b6a578a515ac6039f4b4c581a6f52c63cc35fa46e93f1edc5b24
ab68d34a7d395d2c3e304222ccc61604e8e5b9d6827375a91f5eae5f7889726a
abf7c7304dd7bbfb33d02ab30455f2e8954f06c047073e665fe5def23d35b317
ac0f9b9f369711fcd68fe568c9fdbcc26c88edadf776fdaae55d0d5df22eaac1
b0fdbe24ae4de3336799dcb65759607549b25a1482a66d95abac8d3e95e2e5eb
b138ce843e83a0cfcb6f8128befd6cdc0becbb5f101fba7063fdeb62d155f9e3
b4e9acf8e4c786812c6fa9b5fc923afeabe36986a987a9385375857434f70d72
ba51facdfa723c634f84ea7b336e984acb002ed7d57cb623555391d2debea64b
bf75927ab86d23f5230c713f556f40c7cdac3dacd41ba15ca3cc31e6bc5fd847
c467259cc8ae191fedd33449ee52560bd3f55ca093b797582b8d08087c41c17a
cd56b3388eb3463afea5c9c9c2dad8caddfd1ebebacf2943da87f47274bd09a8
cf7fd636a85dcdd02998dd1ed517772bd2d671394e108c223c30b951fd726ae5
d0c77c195cdbf6a1095e26435ce538aab5d110aa57a7eac62fc9a0c303da9024
d20129789cf4a26600f32331981523d7f9682c2c94871ed40ec9b068240435ed
d29b853c7751500d54c7b040b1b1aac2046562daedea68b7d1ce0252053f4426
d42f695701421ede8ea5f6895436986f612935900184048a24684d2052726373
d5c0cfc8d3e04d17f6b338f658836f4d557ac3d499b94ce8fa4ea9af589396a2
d88977aa2cc6cc67dc0a3dfe117c29b20702324b15379257d7732dafdc26ebe0
dafd12a4d42413fdc0e2c83f94311d8a9b7bec355963058acd3528efaeef6cc9
e02448b0abfe25e9e708a55ff16c3eb87ffefc5917a650a08655647e966591ea
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9dd8dcb7d0fbddb73e20688d061eff19db8415c3f8ed36c182469727f823c9e
eaecab8d06104f52d277ed026536aa681ee64349b06210123d05ff7fe9f4fc08
ed1c0dd1754995ac7bbe9b9e201fef092e191a3911f74415748813027b72056e
eda53853e0d63e5386e4b4b53797c3da0f45ae001963ac3a08f87a23c8f50a02
ef17712303bf6d9118ec11fb30f10739a2c29159c733adf00a9ba28e9b3de21b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f3b088b472df316fc843ac567860ed9389d5d960fa18d0e6eb6791c1b1a425
f41057436426493457d78af4bcc3cbf6661c423ed2f9bde84bfed4f7f8ba7aef
f6790ef3fb3c6f667b467136663b066d40efedaf67c00fa6cc88283d5ba79f60
f7940b14367ac1e739e05d6aeb22ce6ac54805a32533e5e461c81b83a8437214
f854ff80892d61fa93a07e96e375132553d9a6f50f8e07175b0b4d324a110b5b
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
f9bc5f53dcd3ff3226bf6f7fccf012c5fcc1af688e408537ef64d207809b1fb4
faed6eb4c0b99904953058f8733899c8fa1a7ffdeec7f15f9c12ca2de451f587
fc396c380f51964eb9e9c7d346a48f5a78ab03d33aab599ff6ea20756c4515a8
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8