questionsweb.in Open in urlscan Pro
87.98.134.189 Public Scan

Software

cafe /

Resource Hash

d613c0930ce98de25f4fa61360ec5125e18b976b23cd83cd8e192903bc6eb1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57368
x-xss-protection: 0
server: cafe
etag: 13312048028857775659
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 16:55:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 596ms
204ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LN47X1PKC3

Requested by

Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

9d69096050dbdbabe13ddf151245c5ed9f2ab3185025a004a3d0e1f3e931ac11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73926
x-xss-protection: 0
expires: Sun, 04 Sep 2022 16:55:37 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
questionsweb.in/qa-content/ 87 KB
30 KB 793ms
791ms Script
application/javascript 87.98.134.189
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://questionsweb.in/qa-content/jquery-3.5.1.min.js
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.98.134.189 , France, ASN16276 (OVH, FR),
Reverse DNS: fr02.protoninternet.com
Software: LiteSpeed /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/user/judytawfag353
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:36 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 16:34:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30282
expires: Sun, 11 Sep 2022 16:55:36 GMT

GET
H2 200 qa-global.js Show response
questionsweb.in/qa-content/ 20 KB
5 KB 1187ms
1186ms Script
application/javascript 87.98.134.189
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://questionsweb.in/qa-content/qa-global.js?1.8.6
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.98.134.189 , France, ASN16276 (OVH, FR),
Reverse DNS: fr02.protoninternet.com
Software: LiteSpeed /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/user/judytawfag353
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:36 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 16:34:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4765
expires: Sun, 11 Sep 2022 16:55:36 GMT

GET
H2 200 main.js Show response
questionsweb.in/qa-theme/Mayro-master/js/ 877 B
297 B 1188ms
1187ms Script
application/javascript 87.98.134.189
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://questionsweb.in/qa-theme/Mayro-master/js/main.js?1.8.6
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.98.134.189 , France, ASN16276 (OVH, FR),
Reverse DNS: fr02.protoninternet.com
Software: LiteSpeed /
Resource Hash: 47f6fb004b7435641c00bed4b680a88900f5336b07bc27d85bd973f2fa3dd194

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/user/judytawfag353
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:36 GMT
content-encoding: br
last-modified: Tue, 29 Dec 2020 15:38:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 263
expires: Sun, 11 Sep 2022 16:55:36 GMT

GET
H3 200 logoforweb.jpg
questionsweb.in/ 93 KB
93 KB 393ms
393ms Image
image/jpeg 87.98.134.189
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questionsweb.in/logoforweb.jpg
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 87.98.134.189 , France, ASN16276 (OVH, FR),
Reverse DNS: fr02.protoninternet.com
Software: LiteSpeed /
Resource Hash: 6067b1e7874ce075b44ab01d2a1bcafba16057ae06668c924697eb46a52a87e7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/user/judytawfag353
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:37 GMT
last-modified: Mon, 04 Jan 2021 09:19:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 95327
expires: Sun, 11 Sep 2022 16:55:37 GMT

GET
H3 200 /
questionsweb.in/ 9 KB
9 KB 1191ms
1190ms Image
image/jpeg 87.98.134.189
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://questionsweb.in/?qa=image&qa_blobid=18061133293691283905&qa_size=210
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 87.98.134.189 , France, ASN16276 (OVH, FR),
Reverse DNS: fr02.protoninternet.com
Software: LiteSpeed / PHP/7.4.30
Resource Hash: 1e0133a69948efd3910fe4797544f6ea424d3bbe669858d5fce3541556f5e4e8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/user/judytawfag353
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:38 GMT
cache-control: max-age=2592000, public
server: LiteSpeed
x-powered-by: PHP/7.4.30
content-type: image/jpeg

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 598ms
207ms Script
text/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5924599578780531

Requested by

Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4abff503ebc0184e67f14ff85cf7631883ea45356cba9cc3e8bea81ecf269a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questionsweb.in/
Origin: https://questionsweb.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57341
x-xss-protection: 0
server: cafe
etag: 12732346486340991930
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 16:55:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 587ms
197ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Requested by

Host: questionsweb.in
URL: https://questionsweb.in/qa-theme/Mayro-master/qa-styles.css?1.8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 15:52:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 16:55:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 16:55:37 GMT

GET
H3 200 materialicons.woff2
questionsweb.in/qa-theme/Mayro-master/icons/ 81 KB
81 KB 785ms
783ms Font
font/woff2 87.98.134.189
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://questionsweb.in/qa-theme/Mayro-master/icons/materialicons.woff2
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/qa-theme/Mayro-master/icons/material-icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 87.98.134.189 , France, ASN16276 (OVH, FR),
Reverse DNS: fr02.protoninternet.com
Software: LiteSpeed /
Resource Hash: bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb

Request headers

Referer: https://questionsweb.in/qa-theme/Mayro-master/icons/material-icons.css
Origin: https://questionsweb.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:37 GMT
last-modified: Tue, 29 Dec 2020 15:38:29 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 82492
expires: Sun, 11 Sep 2022 16:55:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 813ms
420ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://questionsweb.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 15:07:19 GMT
x-content-type-options: nosniff
age: 438498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 15:07:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 624ms
243ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://questionsweb.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 01:49:40 GMT
x-content-type-options: nosniff
age: 572757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 01:49:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 576ms
195ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://questionsweb.in
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 01:00:47 GMT
x-content-type-options: nosniff
age: 57290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 01:00:47 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ 343 KB
121 KB 542ms
240ms Script
text/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5924599578780531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0100022f4513287f28c5620cf957ea6266bd3c4d6fb29a4b9e693f8c557dcc15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123675
x-xss-protection: 0
server: cafe
etag: 17292704047757978111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 16:55:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame 3678 10 KB
5 KB 585ms
194ms Document
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5924599578780531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questionsweb.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 63830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 23:11:48 GMT
etag: 8616628553774171045
expires: Sat, 17 Sep 2022 23:11:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
347 B 585ms
195ms Ping
text/plain 142.251.12.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LN47X1PKC3&gtm=2oe8v0&_p=1722451071&cid=1557322318.1662310538&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662310538&sct=1&seg=0&dl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&dt=User%20judytawfag353%20-%20Questions%20Web&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LN47X1PKC3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://questionsweb.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
328 B 205ms
197ms Script
text/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=questionsweb.in&callback=_gfp_s_&client=ca-pub-5924599578780531&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e526bf2c7878e5b851bf98e315815277ea8e0cd35c52d1a91ac7d344c63c7b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 593ms
199ms Script
application/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=questionsweb.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 16:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 591ms
198ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=questionsweb.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 16:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 199ms
199ms Image
image/gif 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&tn=DIV&cls=qa-nav-main&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 200ms
199ms Image
image/gif 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&tn=DIV&cls=qa-logo&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3EF 18 KB
5 KB 570ms
268ms Document
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&adk=1812271804&adf=1573534164&lmt=1662310539&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538403&bpp=3&bdt=2128&idt=831&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5674048252784&frm=20&pv=2&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=849

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f78fa34a839b6c50f5b378ee56dae02c7c678c738780b0cfc41dc524faabd24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questionsweb.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5017
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 16:55:39 GMT
expires: Sun, 04 Sep 2022 16:55:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34C9 37 KB
14 KB 794ms
493ms Document
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&h=280&slotname=6683551249&adk=1021120711&adf=1964782217&pi=t.ma~as.6683551249&w=348&fwrn=4&fwrnh=100&lmt=1662310539&rafmt=1&psa=0&format=348x280&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538406&bpp=2&bdt=2131&idt=853&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5674048252784&frm=20&pv=1&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FNn11JrGAb&p=https%3A//questionsweb.in&dtd=857

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94ad6e819f8d6e69e0cf5d914e5a6be04ed9b7bcd1da6bfb85a231008469659c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questionsweb.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13865
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 16:55:39 GMT
expires: Sun, 04 Sep 2022 16:55:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9974 436 B
382 B 842ms
541ms Document
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&h=200&slotname=1221726605&adk=457318264&adf=3025194257&pi=t.ma~as.1221726605&w=1200&fwrn=4&lmt=1662310539&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538408&bpp=2&bdt=2133&idt=858&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C348x280&nras=1&correlator=5674048252784&frm=20&pv=1&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=807&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zCElIbaJlR&p=https%3A//questionsweb.in&dtd=861

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9baab68906ad49c2a41c512106d7d58ca9afa076c8092d69f8b6e1a128303bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questionsweb.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 16:55:39 GMT
expires: Sun, 04 Sep 2022 16:55:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3EF 0
20 B 196ms
196ms Ping
image/gif 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20220831&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&adk=1812271804&adf=1573534164&lmt=1662310539&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538403&bpp=3&bdt=2128&idt=831&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5674048252784&frm=20&pv=2&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=849

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 492C 0
0 208ms
208ms Fetch
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjJZWi9gUY4mLK5mEpt8Pn8am6A-s1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi01OTI0NTk5NTc4NzgwNTMxoAGV9ZvfA8gBCagDAaoE5AFP0AHeuV2_Z5XSXRQ9ooMUWqrtEhg2gLHRmPwdgJ0yyIYLaD6fANTdc7QYSKC1xKwjK2qTb9Ycf4vZiG_9VDjDRKhg8G5b6So4ax2gi1ertzuwfeg_y25CGhDUNiLJXzRxUxi_liKos7SRlqOhdszzrwdXkRemF2swv1NikfFsK7UrZ7fkIXyuhZUpfJuj20YLCDxhBW31hNFmdW8K8v3tcatIBcLauS8NeozAyFR9ghh_glWjMeW4-vgEfFRpecdnwdMV0U-AED4w0Du57j0qhUygVjIw0RWsT2oTUcN0SrWvX_iABvv67MOm5Yb0OaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5MjQ1OTk1Nzg3ODA1MzEYAA&sigh=m3zD7WNYOZk&uach_m=[UACH]&cid=CAQSGwCsnQUxTYjWe_wTBFqYhWkbJ5V90XSMUUw2EBgB

Requested by

Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&h=280&slotname=6683551249&adk=1021120711&adf=1964782217&pi=t.ma~as.6683551249&w=348&fwrn=4&fwrnh=100&lmt=1662310539&rafmt=1&psa=0&format=348x280&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538406&bpp=2&bdt=2131&idt=853&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5674048252784&frm=20&pv=1&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FNn11JrGAb&p=https%3A//questionsweb.in&dtd=857
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 16:55:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Sep 2022 16:55:40 GMT

GET
H2 200 log
hblg.media.net/ Frame 492C 35 B
0 860ms
284ms Fetch
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=-1.0&viewability=87&device_id=4&cbdp=0.09&slotVisibility=1&dn=questionsweb.in&acid=56cc4f2d155c40d79a5851ac02d3e090&ugd=4&size=336x280&pvid=4&csip=rtb-common-istio-64ff668bcd-kv2zp.SG&ogbdp=0.09&prvReqId=27475256594155_423865519_52982010441&itype=ADX&requrl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&scrid=1700080807683300336028000000500&mang=1&bidrestime=1662310539821&cid=8CU3SX34C&rme=nurl
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:40 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 04 Sep 2022 16:55:40 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 492C 35 B
0 628ms
200ms Fetch
image/gif 42.99.140.216
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.1700&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=0.0&adtyp=0&req_id=YxTYiwALgcwKvTRU9A1Ckw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=336x280&url_l1=user&f_seg=&url_l2=judytawfag353&prdp=0.0900&ogcbdp=0.0900&dfpbd=0.0900&server=1&ogerpm_wd_bkt=0-1&viewability=0.8700&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.15&ugd_ver=&requrl=questionsweb.in%2Fuser%2Fjudytawfag353%2F&bidrestime=1662310539821&cc=AU&strg=no_strategy&ss=&current_hour=16&time_stamp=2022-09-04+16%3A55%3A39&rvshhon=&bdp=0.0900&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.10&algo=mrg-4.5&dc=apac_sg&splid=&dn=questionsweb.in&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=56cc4f2d155c40d79a5851ac02d3e090&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=1&totalTime=2351750&dmm_m1=2022-09-04+16%3A55%3A39.823634939&e_rpm=0.0000&dmm_m22=0.1700&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&rawbid=0.0900&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-64ff668bcd-kv2zp.SG&dfp_bucket=0.0&adblk=1021120711&itype=adx&pvid_seat=4_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=45&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.09
Requested by: Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-216.pacnet.net
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 16:55:40 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 04 Sep 2022 16:55:40 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 492C 162 KB
56 KB 823ms
293ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&h=280&slotname=6683551249&adk=1021120711&adf=1964782217&pi=t.ma~as.6683551249&w=348&fwrn=4&fwrnh=100&lmt=1662310539&rafmt=1&psa=0&format=348x280&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538406&bpp=2&bdt=2131&idt=853&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5674048252784&frm=20&pv=1&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FNn11JrGAb&p=https%3A//questionsweb.in&dtd=857

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

86e0126b88e234b595fbe89ed06c461ce897ebc5a369563fe9a8d0ccfb5a1cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
x-mnt-h: 8-13
content-encoding: gzip
server: Apache
etag: "0393345dbaae92321ca9907dc978015c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Sun, 04 Sep 2022 16:55:40 GMT
strict-transport-security: max-age=31536000
x-mnt-w: 8-8
expires: Sun, 04 Sep 2022 17:00:40 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 492C 61 KB
62 KB 862ms
286ms Script
application/javascript 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: nginx
date: Sun, 04 Sep 2022 16:55:40 GMT
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=9835
access-control-allow-credentials: true
content-length: 62892
expires: Sun, 04 Sep 2022 19:39:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 492C 3 KB
1 KB 613ms
219ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 15:46:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 492C 142 KB
44 KB 587ms
195ms Script
text/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:55:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 492C 17 KB
8 KB 588ms
195ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 15:36:21 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 492C 91 KB
33 KB 688ms
687ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=131738877&size=336x280&cc=AU&chnm=NO_STRATEGY&pid=8POHZR87R&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&nse=5&vi=1662310540159399816&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44g/BBB/a&bcpf=B44g%2FB8fOnRrolnfOur8BB%2Fa&bdrId=4&ntv=0&matchstring=hr%3D0%7C&katpre=1&katbid=-103&pgid=p199543433t202209041655&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

5aba83e957de167dda3a6cb925649bd21af1bd5b1474e0e57e986256e952e865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:41 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
expires: Sun, 04 Sep 2022 16:55:41 GMT
cache-control: max-age=0, no-cache, no-store
x-sc-h: 22-gtph
strict-transport-security: max-age=31536000
timing-allow-origin: *
content-length: 33613
x-sc-w: 22-1pq5

GET
H2 200 bping.php
lg3.media.net/ Frame 492C 15 B
15 B 289ms
284ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=545&&vgd_cdv=789&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=131738877&vi=1662310540159399816&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886781036&r=1662310541345&requrl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1662310540118381459&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p199543433t202209041655&vgd_pgids=1&vgd_uspa=0&hvsid=00001662310541342029185682679862&gdpr=0&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Sun, 04 Sep 2022 16:55:41 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=37538
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 03B2 26 KB
10 KB 332ms
332ms Document
text/html 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

9bd4f8adb967013c9f51b34d72c95a163fc86a6d83a2c43ebf92f2c32a474727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=81242
content-encoding: gzip
content-length: 9411
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 16:55:41 GMT
expires: Mon, 05 Sep 2022 15:29:43 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 492C 35 B
172 B 285ms
284ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4421&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=YxTYiwALgcwKvTRU9A1Ckw&s_city=taipei&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.090&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=e2eff31d&scrid=1700080807683300336028000000500&itypeid=17&mx_SPRIG=0&viewability=87&renderer=0&be=0&rtime=27.0&adj0=0.0&tmax=300&s_ip=173.194.171.3&adj2=0.0&adj1=0.0&feedback_id=YxTYiwALgcwKvTRU9A1Ckw&adtypes=0&mx_aabpc=0&reqid=YxTYiwALgcwKvTRU9A1Ckw&sc=AU-NSW&mowxReqId=56cc4f2d155c40d79a5851ac02d3e090_1&ifdp=0&requrl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&bidrestime=1662310539821&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-131738877-37-24&coppa_enf=true&bdp=0.090&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=questionsweb.in&dt=O&acid=56cc4f2d155c40d79a5851ac02d3e090&actltime=33&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C7%7C13%7C14%7C15%7C48%7C16%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27&dfpBd=0.09&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=336x280&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662311140075&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=131738877&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.09&pvdTmax=252&ltime=32.0&epc=131738877&prvReqId=27475256594155_423865519_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-5924599578780531&ybnca_erpm=0.17&brsrclk=0&sbdrid=196&rtttime=39&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-65f85dbfc8-hf4jv&currsrc_date=2022-09-02+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-04+16%3A55%3A39&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET5wU7DY0u0ArmWLK3yYxOMEgef0LrKS9tyiJiFAW4NqDLunQOVmmk0VoiYzdK0kt9MR&dmm_ogerpm=false&csip=rtb-common-istio-64ff668bcd-kv2zp.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.09&tpbTkn=false&adblk=1021120711&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.17~vw_exc%3D0.87~smm_bid%3D0.09~vis_sd%3D108~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090403~iurl_b%3D1777.56~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.47~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D102%2C102~et%3D23~rc%3D1~rps_sd%3D2022090402~vis_b%3D861.53~url_b%3D0.56~url_tvi%3D0~smm_wr%3D34.8870~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.17~bm%3D1~smm_sd%3D2022090404~sid%3D131738877~sd%3D0~uid%3DaQw3KqqzzQJUbD1Jn~btd%3D242893850779564607221736412228575362489359150429733792589575305922434752655035531264~d2p_l%3D30~3pcf%3D1000.24~uim%3D0~og_msh%3D0.1~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.96~vurl_b%3D1.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D37.94~vurl_l%3D20~CI%3D2730~nts%3D3~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.92~isif%3D0~lc%3D3~bid%3D0.09~dc%3D8~vl2r_b%3D4.92~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.090%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5924599578780531%7Edalg%3Dmrg-4.5%7Ehtml%3D1%7Eadblk%3D1021120711%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.090%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D252&utime=1524&sf=0&cpr=0.033754922253175446
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&h=280&slotname=6683551249&adk=1021120711&adf=1964782217&pi=t.ma~as.6683551249&w=348&fwrn=4&fwrnh=100&lmt=1662310539&rafmt=1&psa=0&format=348x280&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538406&bpp=2&bdt=2131&idt=853&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5674048252784&frm=20&pv=1&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FNn11JrGAb&p=https%3A//questionsweb.in&dtd=857
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Sun, 04 Sep 2022 16:55:41 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Sun, 04 Sep 2022 22:55:41 GMT

GET
DATA 200
OK truncated
/ Frame 492C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7b4169c49898618ac63909c3a95bfedcfb666412ceca0531079201ba28f15a3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cksync
cs.media.net/ Frame 03B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA1MzEyMTQxNjgyNjcwNzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELHNO-f7CdRWoN39z3lyMlM&google_cver=1

45 B
446 B

304ms
304ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELHNO-f7CdRWoN39z3lyMlM&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 04 Sep 2022 16:55:42 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELHNO-f7CdRWoN39z3lyMlM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 03B2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0010603a-6662-400a-8075-2fc6fb3e7468

45 B
450 B

307ms
302ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0010603a-6662-400a-8075-2fc6fb3e7468
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:42 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 04 Sep 2022 16:55:42 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:42 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0010603a-6662-400a-8075-2fc6fb3e7468
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
DATA 200
OK truncated
/ Frame A33A 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A33A 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A33A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame A33A 15 B
159 B 286ms
285ms Script
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5479&&&vgd_l2type=sca&fp=vIMO1YDqu7m88cYXuOuwilqG24t3nmyPZIARICM1htWpDfvkti6MWdmZ8ckjMI_v63P9EUhkNFRWSwIO2rw4tuUU93WDDpksG-KkFr5F8BhJ4G2drs0-duznQIGKkTGx6M8iOdFLTfo%3D&cme=ExRx82JKfEcR5i6rWBDrjTkJsr7nmWrgE-_MnT9lxFoH0V8U9bI_hbMIMuAr2pPJN7QNsd9GgRxEPkPLXU5x4qVT3nBUAyneaak6PwWB3syfCjWKauX6H4c0CYfHwbe-bdhxEaqayirNwfDdzWyLgIU_QS0dXh8RNQSLnXaSVmhA0PLZMMMWiBWDTyhzUrmk548c8OdxbjQfIhHVPJaP9g%3D%3D%7C%7Cn1MdGzoe3nf6dulIVKjCC2U8ObjA6WV1QFpA4xZ1z4GOu51fJmw485iNJx1_UzJRWYEvetxEyZAuFrPJphusQFHEph4JRx_EUF2QheTCTR24bP2rMFtt2YZm-wOCXgeD0V3C0dVGxzmXce9syKFGLucL-ntoTIubPqYgGGhov7LP9NEYnHyweHzLKjfXsNEAq3K17KJZNYasMES_tcxr9TmpsYLvPcwoidQKWxSua9Y%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7Ca0AmFUYXmD4mOso3_jGZj3xs0yY9OT7sqx4pqzeo28h-i0uSRHwKdBU3OcaHrTMkfpJ2OU76_mc%3D%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=7&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785082&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuOu99&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=26322723&kbc2[]=pmb%3D1%7C1%3D0.13%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.29%7C12%3D0.08%7C62%3D0.88%7C63%3D0.44%7C66%3D1.06%7C60%3D0.20%7Cps%3D0.356%7C3%3D0.12%7C4%3D4.52&ktd[]=274911527168&ktrkt[]=Small+Kitchen+Designs&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=27190006&kbc2[]=pmb%3D1%7C1%3D0.40%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.29%7C12%3D0.93%7C62%3D1.07%7C63%3D0.44%7C66%3D1.06%7C60%3D0.39%7Cps%3D0.356%7C3%3D0.73%7C4%3D4.19&ktd[]=274911527168&ktrkt[]=Stocks+To+Invest+In&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=340189069&kbc2[]=pmb%3D1%7C1%3D1.82%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.29%7C12%3D0.23%7C62%3D1.56%7C63%3D0.44%7C66%3D1.06%7C60%3D2.12%7Cps%3D0.356%7C3%3D1.13%7C4%3D4.68&ktd[]=274894749952&ktrkt[]=Website+Maker+App&kwd[]=How+to+Start+an+Online+Business&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=14374179&kbc2[]=pmb%3D1%7C1%3D0.38%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.29%7C12%3D0.35%7C62%3D0.63%7C63%3D0.44%7C66%3D1.06%7C60%3D0.38%7Cps%3D0.356%7C3%3D0.17%7C4%3D5.00&ktd[]=274911527168&ktrkt[]=How+to+Start+an+Online+Business&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=324879789&kbc2[]=pmb%3D1%7C1%3D0.54%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.29%7C12%3D0.54%7C62%3D0.85%7C63%3D0.44%7C66%3D1.06%7C60%3D0.53%7Cps%3D0.356%7C3%3D0.16%7C4%3D5.00&ktd[]=274911527168&ktrkt[]=Best+Bank+for+a+Savings+Account&kwd[]=High+Paying+Jobs&kwt[]=391&kbc[]=1224808752&kwp[]=6&kid[]=13666242&kbc2[]=pmb%3D1%7C1%3D0.16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C10%3D5.29%7C12%3D0.16%7C62%3D0.88%7C63%3D0.44%7C66%3D1.06%7C60%3D0.17%7Cps%3D0.356%7C3%3D0.10%7C4%3D4.25&ktd[]=274911527168&ktrkt[]=High+Paying+Jobs&cid=8CUABW64L&vwid=1662310540159399816&vi=1662310540159399816&tdAdd[]=ib%3D0&vsid=3053121416826751&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=789&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785082&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8POHZR87R&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1662310540118381459&sttm=1662310541342&upk=1662310541.17130&hvsid=00001662310541342029185682679862&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080807683300336028000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POHZR87R&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3053121416826751&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.uh~eBMJ-Nv9.Wh~QYYMG8Ov9.9i~e8QMQOvu9W~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9i9H9A~8xLjMGvuhhh.XF~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.Hh~8EvAGB9PB~kGGv9~e8QMxLjMjvu9~L88Ex1vu9f%2Cu9f~J7vfA~LNvu~LEQMQOvf9ff9i9H9f~e8QMGvWFu.XA~xLjMGv9.XF~xLjM7e8v9~QYYMBLvAH.WWh9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.uh~GYvu~QYYMQOvf9ff9i9H9H~Q8OvuAuhAWWhh~QOv9~x8Ov1gBAC%20%20llg6PGru6z~G7OvfHfWiAWX9hhiXFHF9hffuhAFHufffWXhXAFfHWiAXiuX9HfihAAhifXWiXhXA9XiffHAHhXfFXX9AXXAufFH~OfEMjvA9~AENkvu999.fH~x8Yv9~myMYQwv9.u~OYYMQ7LyvzmMQ7L17Jy5~OfEMGvu~myOfEMGv9.iF~exLjMGvu.9i~QQvIK~x8Bvou~NJv9~LEQMGvAh.iH~exLjMjvf9~%3DVvfhA9~z7QvA~c0fv.*xQJL.*~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.if~8Q8kv9~jNvA~G8Ov9.9i~ONvW~ejfLMGvH.if~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wh~1YEvu~NGOEv9.9i9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoXifHXiiXhWhW9XAu~O1jyvYLyoH.X~w7Yjvu~1OGjUvu9fuuf9huu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9i9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vHX~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXf&vgd_optout=0&vgd_cfud=220407&vgd_scsver=301&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001662310541342029185682679862&subBdr=196&bdrid=4&rc=0&rand=1662310542124&acid=56cc4f2d155c40d79a5851ac02d3e090&matm=1662310542124&requrl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&vgd_ltimesrc=1&vgd_ltime=2038&vgd_rtime=2032&vgd_etm=16&vgd_l1hcsd=A13%7C5773&vgd_l1ch=1&vgd_lhl=2640&vgd_pgid=p199543433t202209041655&vgd_adprefflag=11&vgd_csip=rtb-common-istio-64ff668bcd-kv2zp.SG&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1

Requested by

Host: questionsweb.in
URL: https://questionsweb.in/user/judytawfag353

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Sun, 04 Sep 2022 16:55:42 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=39318
content-length: 15

GET
H2 200 log
hblg.media.net/ Frame 492C 35 B
194 B 284ms
284ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=YxTYiwALgcwKvTRU9A1Ckw&s_city=taipei&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.090&size=336x280&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=e2eff31d&scrid=1700080807683300336028000000500&itypeid=17&mx_SPRIG=0&viewability=87&renderer=0&be=0&rtime=27.0&adj0=0.0&tmax=300&s_ip=173.194.171.3&adj2=0.0&adj1=0.0&feedback_id=YxTYiwALgcwKvTRU9A1Ckw&adtypes=0&mx_aabpc=0&reqid=YxTYiwALgcwKvTRU9A1Ckw&sc=AU-NSW&mowxReqId=56cc4f2d155c40d79a5851ac02d3e090_1&ifdp=0&requrl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&bidrestime=1662310539821&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-131738877-37-24&coppa_enf=true&bdp=0.090&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=questionsweb.in&dt=O&acid=56cc4f2d155c40d79a5851ac02d3e090&actltime=33&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C7%7C13%7C14%7C15%7C48%7C16%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27&dfpBd=0.09&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300336028000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=336x280&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662311140075&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=131738877&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.09&pvdTmax=252&ltime=32.0&epc=131738877&prvReqId=27475256594155_423865519_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-5924599578780531&ybnca_erpm=0.17&brsrclk=0&sbdrid=196&rtttime=39&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-65f85dbfc8-hf4jv&currsrc_date=2022-09-02+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-04+16%3A55%3A39&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET5wU7DY0u0ArmWLK3yYxOMEgef0LrKS9tyiJiFAW4NqDLunQOVmmk0VoiYzdK0kt9MR&dmm_ogerpm=false&csip=rtb-common-istio-64ff668bcd-kv2zp.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.09&tpbTkn=false&adblk=1021120711&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.17~vw_exc%3D0.87~smm_bid%3D0.09~vis_sd%3D108~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090403~iurl_b%3D1777.56~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.47~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D102%2C102~et%3D23~rc%3D1~rps_sd%3D2022090402~vis_b%3D861.53~url_b%3D0.56~url_tvi%3D0~smm_wr%3D34.8870~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.17~bm%3D1~smm_sd%3D2022090404~sid%3D131738877~sd%3D0~uid%3DaQw3KqqzzQJUbD1Jn~btd%3D242893850779564607221736412228575362489359150429733792589575305922434752655035531264~d2p_l%3D30~3pcf%3D1000.24~uim%3D0~og_msh%3D0.1~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.96~vurl_b%3D1.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D37.94~vurl_l%3D20~CI%3D2730~nts%3D3~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.92~isif%3D0~lc%3D3~bid%3D0.09~dc%3D8~vl2r_b%3D4.92~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.090%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5924599578780531%7Edalg%3Dmrg-4.5%7Ehtml%3D1%7Eadblk%3D1021120711%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.090%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D252&utime=1524&sf=0&cpr=0.033754922253175446&evttyp=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5924599578780531&output=html&h=280&slotname=6683551249&adk=1021120711&adf=1964782217&pi=t.ma~as.6683551249&w=348&fwrn=4&fwrnh=100&lmt=1662310539&rafmt=1&psa=0&format=348x280&url=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662310538406&bpp=2&bdt=2131&idt=853&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5674048252784&frm=20&pv=1&ga_vid=1557322318.1662310538&ga_sid=1662310539&ga_hid=1722451071&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1226&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=2365483516152946&tmod=2025745883&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FNn11JrGAb&p=https%3A//questionsweb.in&dtd=857
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:42 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 04 Sep 2022 16:55:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 503ms
201ms XHR
application/json 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1231a3b201e3a9bea37e31e5cb21c67c02b9c36a3eaca16d6a4d061074a6b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 16:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10990
x-xss-protection: 0

GET
H2 200 bqi.php
lg3.media.net/ Frame 492C 15 B
15 B 285ms
285ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2883&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8POHZR87R&katbid=-103&katen=1&cme=ExRx82JKfEcR5i6rWBDrjTkJsr7nmWrgE-_MnT9lxFoH0V8U9bI_hbMIMuAr2pPJN7QNsd9GgRxEPkPLXU5x4qVT3nBUAyneaak6PwWB3syfCjWKauX6H4c0CYfHwbe-bdhxEaqayirNwfDdzWyLgIU_QS0dXh8RNQSLnXaSVmhA0PLZMMMWiBWDTyhzUrmk548c8OdxbjQfIhHVPJaP9g==||n1MdGzoe3nf6dulIVKjCC2U8ObjA6WV1QFpA4xZ1z4GOu51fJmw485iNJx1_UzJRWYEvetxEyZAuFrPJphusQFHEph4JRx_EUF2QheTCTR24bP2rMFtt2YZm-wOCXgeD0V3C0dVGxzmXce9syKFGLucL-ntoTIubPqYgGGhov7LP9NEYnHyweHzLKjfXsNEAq3K17KJZNYasMES_tcxr9TmpsYLvPcwoidQKWxSua9Y=|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|a0AmFUYXmD4mOso3_jGZj3xs0yY9OT7sqx4pqzeo28h-i0uSRHwKdBU3OcaHrTMkfpJ2OU76_mc=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=131738877&requrl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&vi=1662310540159399816&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=196&startTime=1662310541335&l2type=sca&vgd_l1rakh=1662310540118381459&l1ch=1&sttm=1662310541342&upk=1662310541.17130&hvsid=00001662310541342029185682679862&acid=56cc4f2d155c40d79a5851ac02d3e090&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.17~vw_exc%3D0.87~smm_bid%3D0.09~vis_sd%3D108~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090403~iurl_b%3D1777.56~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.47~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D102%2C102~et%3D23~rc%3D1~rps_sd%3D2022090402~vis_b%3D861.53~url_b%3D0.56~url_tvi%3D0~smm_wr%3D34.8870~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.17~bm%3D1~smm_sd%3D2022090404~sid%3D131738877~sd%3D0~uid%3DaQw3KqqzzQJUbD1Jn~btd%3D242893850779564607221736412228575362489359150429733792589575305922434752655035531264~d2p_l%3D30~3pcf%3D1000.24~uim%3D0~og_msh%3D0.1~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.96~vurl_b%3D1.09~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D37.94~vurl_l%3D20~CI%3D2730~nts%3D3~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.92~isif%3D0~lc%3D3~bid%3D0.09~dc%3D8~vl2r_b%3D4.92~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.87%7Eamp%3D1%7Ecbdp%3D0.090%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-5924599578780531%7Edalg%3Dmrg-4.5%7Ehtml%3D1%7Eadblk%3D1021120711%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.090%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D252&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&infr=1&twna=1&stime=1662310540109&vgd_ecrid=1700080807683300336028000000500&l1hcsd=l1!A13|5773&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p199543433t202209041655&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Sun, 04 Sep 2022 16:55:43 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=37084
content-length: 15

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 497ms
196ms Script
text/javascript 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 16:55:43 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 495ms
195ms Ping
text/plain 142.251.12.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LN47X1PKC3&gtm=2oe8v0&_p=1722451071&cid=1557322318.1662310538&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662310538&sct=1&seg=0&dl=https%3A%2F%2Fquestionsweb.in%2Fuser%2Fjudytawfag353&dt=User%20judytawfag353%20-%20Questions%20Web&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LN47X1PKC3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://questionsweb.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://questionsweb.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 492C 42 B
64 B 197ms
197ms Fetch
image/gif 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP9Prltgt2NIEl91XZPxGWGhjKf4g-kmBYdANh64D-chk0qSz9PNKiYTP2F8Q6rIvu6ZFrtEFmslpX7hLDkNgv1kub&sig=Cg0ArKJSzNfEPglHuS6qEAE&id=lidar2&mcvt=1000&p=0,0,284,336&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1021120711&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662310540072&rpt=2805&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 16:55:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C42A 13 KB
5 KB 196ms
195ms Document
text/html 74.125.200.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://questionsweb.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 118749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Sep 2022 07:56:35 GMT
expires: Sun, 03 Sep 2023 07:56:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6C6 783 B
1 KB 592ms
200ms Document
text/html 142.251.10.105

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.105 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

f83fc9163d7386738630dbf767c2236a24bf2955776d027ecfa8f02a3c47315f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IZ3F-BAyFHSyc4NQ-ZvtSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://questionsweb.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-IZ3F-BAyFHSyc4NQ-ZvtSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 16:55:44 GMT
expires: Sun, 04 Sep 2022 16:55:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js Show response
pagead2.googlesyndication.com/bg/ Frame C42A 36 KB
16 KB 195ms
195ms Script
text/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JRDtgcUl_7OUjJ4QO8bVbwNuRTRqDUxuSBYCwiPHS6U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS