www.questionablecontent.net Open in urlscan Pro
2606:4700:3038::681f:8ae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.questionablecontent.net/
Effective URL:
https://www.questionablecontent.net/
Submission: On July 17 via manual (July 17th 2020, 2:10:07 pm UTC) from DK

Summary HTTP 106 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 21 domains to perform 106 HTTP transactions. The main IP is 2606:4700:3038::681f:8ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.questionablecontent.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 30th 2019. Valid for: 9 months.

This is the only time www.questionablecontent.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:303... 2606:4700:3038::681f:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.139.240.88 151.139.240.88	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 4	2606:4700:20:... 2606:4700:20::ac43:485f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
16	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	92.122.255.233 92.122.255.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 6	52.205.225.148 52.205.225.148	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	54.77.133.33 54.77.133.33	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:9800:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
106	22

32 2606:4700:3038::681f:8ae (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.questionablecontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.240.88 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

thor.blindferret.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:485f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)

config.playwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.255.233 (Ascension Island)

ASN16625 (AKAMAI-AS, US)

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.205.225.148 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.133.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	questionablecontent.net 1 redirects www.questionablecontent.net	562 KB
24	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	532 KB
6	trkn.us 2 redirects trkn.us	5 KB
5	doubleclick.net googleads.g.doubleclick.net
5	intergient.com cdn.intergient.com	54 KB
4	googletagservices.com www.googletagservices.com	107 KB
4	google.com adservice.google.com	675 B
4	google.de adservice.google.de	672 B
4	ko-fi.com 1 redirects ko-fi.com cdn.ko-fi.com storage.ko-fi.com	6 KB
3	facebook.net connect.facebook.net	176 KB
3	moatads.com z.moatads.com mb.moatads.com px.moatads.com	72 KB
3	lijit.com ap.lijit.com	24 KB
2	facebook.com www.facebook.com	405 B
2	google-analytics.com ssl.google-analytics.com	17 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	33 KB
2	intergi.com cdn.intergi.com	112 KB
1	consensu.org vendorlist.consensu.org	18 KB
1	gstatic.com fonts.gstatic.com	26 KB
1	playwire.com config.playwire.com	2 KB
1	blindferret.media thor.blindferret.media
0	flattr.com Failed api.flattr.com Failed
106	21

	Domain	Requested by
32	www.questionablecontent.net	1 redirects www.questionablecontent.net
16	pagead2.googlesyndication.com	www.questionablecontent.net pagead2.googlesyndication.com
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
6	trkn.us	2 redirects www.questionablecontent.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	cdn.intergient.com	cdn.intergi.com cdn.intergient.com
4	www.googletagservices.com	pagead2.googlesyndication.com
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
3	connect.facebook.net	www.questionablecontent.net connect.facebook.net
3	ap.lijit.com	www.questionablecontent.net ap.lijit.com
2	www.facebook.com	www.questionablecontent.net
2	storage.ko-fi.com	cdn.ko-fi.com www.questionablecontent.net
2	ssl.google-analytics.com	www.questionablecontent.net
2	cdn.intergi.com	www.questionablecontent.net cdn.intergient.com
1	vendorlist.consensu.org	cdn.intergient.com
1	px.moatads.com	www.questionablecontent.net
1	mb.moatads.com	z.moatads.com
1	fonts.gstatic.com	www.questionablecontent.net
1	fonts.googleapis.com	cdn.ko-fi.com
1	z.moatads.com	cdn.intergi.com
1	config.playwire.com	cdn.intergi.com
1	cdn.ko-fi.com	www.questionablecontent.net
1	ko-fi.com	1 redirects
1	ajax.googleapis.com	www.questionablecontent.net
1	thor.blindferret.media	www.questionablecontent.net
0	api.flattr.com Failed	www.questionablecontent.net
106	27

This site contains links to these domains. Also see Links.

Domain
topatoco.com
www.patreon.com
stelliferous.bandcamp.com
ko-fi.com
www.dumbingofage.com
www.clango.org
www.doodleforfood.com
www.gunnerkrigg.com
www.johnnywander.com
www.jspowerhour.com
www.qwantz.com
www.samandfuzzy.com
www.amultiverse.com
somethingpositive.net
www.wastedtalent.ca
www.wondermark.com
www.xkcd.com
sednoid.bandcamp.com
forums.questionablecontent.net
www.paypal.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-30` - `2020-10-09`	9 months	crt.sh
*.intergi.com Go Daddy Secure Certificate Authority - G2	`2018-12-27` - `2021-01-21`	2 years	crt.sh
thor.blindferret.media RapidSSL RSA CA 2018	`2020-02-18` - `2021-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.intergient.com Go Daddy Secure Certificate Authority - G2	`2020-03-30` - `2021-04-29`	a year	crt.sh
*.playwire.com Go Daddy Secure Certificate Authority - G2	`2018-12-27` - `2021-01-21`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2020-03-20` - `2021-03-20`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.questionablecontent.net/
Frame ID: 3D7B853D692FCDE23F8D718F6D50F7BE
Requests: 68 HTTP requests in this frame

Frame: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
Frame ID: 3A7912A24F34A05085013066D5FB78D8
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: F61F1E21C0B9ADE1C6460E4150F9ACDE
Requests: 2 HTTP requests in this frame

Frame: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
Frame ID: 5FF1BC1C6BD905D797876DB2CD1DE005
Requests: 9 HTTP requests in this frame

Frame: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
Frame ID: F74135B89BE36D9A6F9BBD46BDFEDE93
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html
Frame ID: C27E4E07F314FC92004A7415223DD8B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1737303903&adf=1137708138&lmt=1594994983&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1594994983294&bpp=28&bdt=756&idt=147&shv=r20200715&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=4459626528437&frm=20&pv=2&ga_vid=729478037.1594994983&ga_sid=1594994983&ga_hid=1801646310&ga_fc=0&iag=0&icsg=4486053679332348&dssz=57&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=3692&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2878520159919426&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cbr%7C&abl=CS&fu=8208&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=163
Frame ID: 1B04506CDCCE7D8AEA32AFEC64C879C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0126922120845423&output=html&h=280&slotname=3675749653&adk=4294478711&adf=3279755397&w=954&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=954x280&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594994983418&bpp=6&bdt=175&idt=139&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=2&ga_vid=856070987.1594994984&ga_sid=1594994984&ga_hid=772804834&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=323&ady=80&biw=1600&bih=1200&isw=970&ish=150&ifk=3799165976&scr_x=0&scr_y=0&eid=21066533&oid=3&pvsid=4438519513942081&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C150&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.ww75d8p8l3mb&fsb=1&dtd=147
Frame ID: F2A8839157A095F26BEDD2B1733CBDA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0126922120845423&output=html&h=125&slotname=5308843506&adk=137528354&adf=3279755399&w=151&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=151x125&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&adsid=NT&dt=1594994983593&bpp=4&bdt=129&idt=84&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=1&ga_vid=61494841.1594994984&ga_sid=1594994984&ga_hid=1143128164&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1141&ady=427&biw=1600&bih=1200&isw=167&ish=150&ifk=3930757590&scr_x=0&scr_y=0&eid=21066713&oid=3&pvsid=3975511116378948&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C167%2C150&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.wvrr6cq230dx&fsb=1&dtd=88
Frame ID: C9C1F34DDA3DD5FCAD968B347D8FF878
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0126922120845423&output=html&h=280&slotname=6553760051&adk=984839962&adf=3279755401&w=984&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=984x280&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594994983602&bpp=1&bdt=139&idt=85&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=1&ga_vid=2095962286.1594994984&ga_sid=1594994984&ga_hid=296848388&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=3663&biw=1600&bih=1200&isw=1000&ish=150&ifk=1163435473&scr_x=0&scr_y=0&eid=21066716&oid=3&pvsid=4188212204175220&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1000%2C150&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.qacu21qab364&btvi=1&fsb=1&dtd=90
Frame ID: 291F8BBD074680CB032FAFE6DD7540A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 1E67C1FFB611C2CA8DD9DA60E3C4D064
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 3243E3FAAAC7E3170852897DAD476D41
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: CD95E303AC65AADA33B9C332A85D623A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: CC4F9A4545D1F036535C33D879EC3558
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.questionablecontent.net/ HTTP 301
https://www.questionablecontent.net/ Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

106
Requests

99 %
HTTPS

67 %
IPv6

21
Domains

27
Subdomains

22
IPs

5
Countries

1746 kB
Transfer

4665 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://topatoco.com/collections/jeph-jacques
Title: Merchandise

Search URL Search Domain Scan URL

URL: http://www.patreon.com/jephjacques
Title: Patreon

Search URL Search Domain Scan URL

URL: https://stelliferous.bandcamp.com/album/clathrate
Title: a new album out!

Search URL Search Domain Scan URL

URL: https://ko-fi.com/D1D5AKKN
Title: Buy Me a Coffee

Search URL Search Domain Scan URL

URL: https://topatoco.com/collections/jeph-jacques/products/qc-urls-print

Search URL Search Domain Scan URL

URL: https://topatoco.com/collections/jeph-jacques/products/qc-homking

Search URL Search Domain Scan URL

URL: http://www.dumbingofage.com/
Title: Dave Willis Eats Diapers

Search URL Search Domain Scan URL

URL: http://www.clango.org/
Title: Diesel Sweeties

Search URL Search Domain Scan URL

URL: http://www.doodleforfood.com/
Title: Doodle For Food

Search URL Search Domain Scan URL

URL: http://www.gunnerkrigg.com/
Title: Gunnerkrigg Court

Search URL Search Domain Scan URL

URL: http://www.johnnywander.com/
Title: Johnny Wander

Search URL Search Domain Scan URL

URL: http://www.jspowerhour.com/
Title: Junior Scientist Power Hour

Search URL Search Domain Scan URL

URL: http://www.qwantz.com/
Title: Qwantz

Search URL Search Domain Scan URL

URL: http://www.samandfuzzy.com/
Title: Sam & Fuzzy

Search URL Search Domain Scan URL

URL: http://www.amultiverse.com/
Title: Scenes From A Multiverse

Search URL Search Domain Scan URL

URL: http://somethingpositive.net/
Title: Something Positive

Search URL Search Domain Scan URL

URL: http://www.wastedtalent.ca/
Title: Wasted Talent

Search URL Search Domain Scan URL

URL: http://www.wondermark.com/
Title: Wondermark

Search URL Search Domain Scan URL

URL: https://www.xkcd.com/
Title: XKCD

Search URL Search Domain Scan URL

URL: https://sednoid.bandcamp.com/
Title: Jeph's music on Bandcamp

Search URL Search Domain Scan URL

URL: https://forums.questionablecontent.net/
Title: QC Forums

Search URL Search Domain Scan URL

URL: https://www.paypal.com/xclick/business=jephco%40mac.com&no_note=1&tax=0&currency_code=USD
Title: Make a donation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.questionablecontent.net/ HTTP 301
https://www.questionablecontent.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://ko-fi.com/widgets/widget_2.js HTTP 301
https://cdn.ko-fi.com/cdn/widget/Widget_2.js

Request Chain 95

https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=1811301889.657755&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible HTTP 302
https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=1811301889.657755&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1

Request Chain 96

https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=3068106974.045064&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible HTTP 302
https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=3068106974.045064&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.questionablecontent.net/
Redirect Chain

http://www.questionablecontent.net/
https://www.questionablecontent.net/

13 KB
4 KB

238ms
222ms

Document
text/html

2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.23
Resource Hash: d503deb607817970d6cae2ccccb5b2acdf945732258f2c7fc2a5d47b5a4a8af1

Request headers

:method: GET
:authority: www.questionablecontent.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 17 Jul 2020 14:09:42 GMT
content-type: text/html
set-cookie: __cfduid=da94ab11662034e01d80d7016cd7e4d4b1594994982; expires=Sun, 16-Aug-20 14:09:42 GMT; path=/; domain=.questionablecontent.net; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/5.4.23
cf-cache-status: DYNAMIC
cf-request-id: 03feb515a60000d6b114941200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b448acf7d2ed6b1-FRA
content-encoding: br

Redirect headers

Date: Fri, 17 Jul 2020 14:09:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 17 Jul 2020 15:09:42 GMT
Location: https://www.questionablecontent.net/
cf-request-id: 03feb5158a000005f5c11e4200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5b448acf489a05f5-FRA

GET
H2 200 tyche.js Show response
cdn.intergi.com/hera/ 88 KB
32 KB 340ms
191ms Script
application/json 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/hera/tyche.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 18dc4d6395524e8b8fb8d851bffbd372033edbbf68ad923aab9f735999d07d36

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: gzip
cache-control: max-age=1555.156, public, must-revalidate
x-hw: 1594994982.cds017.lo4.hn,1594994982.cds017.lo4.sl
content-type: text/, application/javascript, application/x-javascript, application/json

GET
H2 200 foundation.css
www.questionablecontent.net/css/ 70 KB
10 KB 17ms
14ms Stylesheet
text/css 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/css/foundation.css
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1230a04561b9afd1e26eaba7b547ea29a620c56dca7ccd61f0490331cd997be9

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Dec 2019 13:48:49 GMT
server: cloudflare
age: 1550
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5b448ad0d89ad6b1-FRA
cf-request-id: 03feb5168a0000d6b114950200000001

GET
H2 200 app.css
www.questionablecontent.net/css/ 0
133 B 13ms
11ms Stylesheet
text/css 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/css/app.css
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2016 14:10:52 GMT
server: cloudflare
age: 2050
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad0d89dd6b1-FRA
content-length: 0
cf-request-id: 03feb5168a0000d6b114951200000001

GET
H/1.1 403
Forbidden jita.js
thor.blindferret.media/pW0f/ehfM_7xpc/ 0
0 560ms
418ms Script
application/xml 151.139.240.88
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://thor.blindferret.media/pW0f/ehfM_7xpc/jita.js?dfp=1
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.88 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25791
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jul 2021 06:59:51 GMT

GET
H2 200 jquery.bxslider.min.js Show response
www.questionablecontent.net/jquery/ 19 KB
5 KB 15ms
12ms Script
application/javascript 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/jquery/jquery.bxslider.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jul 2014 23:15:13 GMT
server: cloudflare
age: 1311
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5b448ad0d8a1d6b1-FRA
cf-request-id: 03feb5168b0000d6b114953200000001

GET
H2 200 jquery.bxslider.css
www.questionablecontent.net/jquery/ 4 KB
1 KB 20ms
18ms Stylesheet
text/css 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/jquery/jquery.bxslider.css
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bedf598ed293d51f0192b5a15d9b66b41fd5c16c3b92ec2bfcdabe5f14a9fcd

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jul 2014 23:59:15 GMT
server: cloudflare
age: 3541
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5b448ad0d8a0d6b1-FRA
cf-request-id: 03feb5168b0000d6b114952200000001

GET
H2 200 jquery.js Show response
www.questionablecontent.net/js/vendor/ 262 KB
74 KB 35ms
33ms Script
application/javascript 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/jquery.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Jun 2018 15:11:33 GMT
server: cloudflare
age: 6169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5b448ad0d8a2d6b1-FRA
cf-request-id: 03feb5168b0000d6b114954200000001

GET
H2 200 what-input.js Show response
www.questionablecontent.net/js/vendor/ 10 KB
3 KB 15ms
13ms Script
application/javascript 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/what-input.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea1dff2cbfb263bf09ebe39a5e66cb8c1ff55d694637a3ae5d1716ac933c1a1

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Jun 2018 15:11:35 GMT
server: cloudflare
age: 6169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5b448ad0d8a3d6b1-FRA
cf-request-id: 03feb5168b0000d6b114955200000001

GET
H2 200 foundation.js Show response
www.questionablecontent.net/js/vendor/ 413 KB
68 KB 29ms
26ms Script
application/javascript 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/foundation.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecbedadd60034866067f37da6701c7137a5d3e8054acdd2d94e1ba0f2b1c15db

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Jun 2018 15:11:35 GMT
server: cloudflare
age: 6169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5b448ad0d8a4d6b1-FRA
cf-request-id: 03feb5168b0000d6b114956200000001

GET
H2 200 app.js Show response
www.questionablecontent.net/js/ 25 B
133 B 16ms
14ms Script
application/javascript 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/app.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ad3a458eb668fd2e5ff9a2a095a16fa5a42ba7b7f3a5908b725b9bf8aaaeb7

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2016 14:10:49 GMT
server: cloudflare
age: 6169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad0d8a7d6b1-FRA
content-length: 25
cf-request-id: 03feb5168b0000d6b114957200000001

GET
H2 404 jquery.min.js
www.questionablecontent.net/js/vendor/ 0
0 16ms
14ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/jquery.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad0d8a8d6b1-FRA
cf-request-id: 03feb5168b0000d6b114958200000001

GET
H2 404 what-input.min.js
www.questionablecontent.net/js/vendor/ 0
0 14ms
13ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/what-input.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad0e8abd6b1-FRA
cf-request-id: 03feb5168c0000d6b114959200000001

GET
H2 404 foundation.min.js
www.questionablecontent.net/js/ 0
0 17ms
15ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/foundation.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad0e8add6b1-FRA
cf-request-id: 03feb5168c0000d6b11495a200000001

GET
H2 200 logo16.png
www.questionablecontent.net/images/ 3 KB
3 KB 26ms
21ms Image
image/png 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.questionablecontent.net/images/logo16.png
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5273c26cd380d3eee43f9e5467f1b81438902fe42e8b24bb3684d5b813b275

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Aug 2016 15:20:37 GMT
server: cloudflare
age: 2083
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad3df3ed6b1-FRA
content-length: 2825
cf-request-id: 03feb518640000d6b114981200000001

GET
H2 200 patlogo.gif
www.questionablecontent.net/images/ 7 KB
7 KB 21ms
16ms Image
image/gif 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.questionablecontent.net/images/patlogo.gif
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be3a092cfb18bd13d872bb4e9f076a7cac9dea4b6dd1b960607e32401e37a166

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Oct 2018 21:59:28 GMT
server: cloudflare
age: 6979
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad3df41d6b1-FRA
content-length: 7216
cf-request-id: 03feb518640000d6b114982200000001

GET
H2 200 shortcuts.js Show response
www.questionablecontent.net/ 6 KB
2 KB 10ms
10ms Script
application/javascript 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/shortcuts.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78d3b3d3eace4a47186f7fda9583b831df7e01703474ae6005d47e3a7edebd32

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2013 22:19:32 GMT
server: cloudflare
age: 6169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5b448ad32da4d6b1-FRA
cf-request-id: 03feb517fa0000d6b114978200000001

GET
H2 200 4310.png
www.questionablecontent.net/comics/ 158 KB
158 KB 22ms
17ms Image
image/png 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.questionablecontent.net/comics/4310.png
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11804e120e235c4f1fef56b735c6e1f00582c6f47a192080c2188ab5e2f40cb

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Jul 2020 01:12:17 GMT
server: cloudflare
age: 3400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad3df43d6b1-FRA
content-length: 161462
cf-request-id: 03feb518640000d6b114983200000001

GET
H2 200 clathrate.jpg
www.questionablecontent.net/images/ 31 KB
32 KB 17ms
12ms Image
image/jpeg 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.questionablecontent.net/images/clathrate.jpg
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a2a605aba7a433fdb038c1078819af9d6f88ebb295fda9e0e587f0835ea7bd

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
cf-cache-status: HIT
last-modified: Mon, 09 Dec 2019 02:36:37 GMT
server: cloudflare
age: 3031
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad3df47d6b1-FRA
content-length: 32137
cf-request-id: 03feb518640000d6b114984200000001

GET
H2

200

Widget_2.js Show response
cdn.ko-fi.com/cdn/widget/
Redirect Chain

https://ko-fi.com/widgets/widget_2.js
https://cdn.ko-fi.com/cdn/widget/Widget_2.js

4 KB
2 KB

32ms
16ms

Script
text/plain

2606:4700:20::ac43:485f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ko-fi.com/cdn/widget/Widget_2.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:485f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88db72584919a04a5e6427320ca87e24ab0dc9790d322407cfeb6dd7e57c4835

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: u/BFCcHCrX5vO3lKq6qfkQ==
age: 2469
x-cache: HIT
status: 200
cf-request-id: 03feb5187c000006102901f200000001
x-ms-lease-status: unlocked
last-modified: Wed, 29 Apr 2020 14:55:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 75082f61-001e-0153-7efc-451969000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2073600
x-ms-version: 2009-09-19
cf-ray: 5b448ad3facd0610-FRA
expires: Fri, 17 Jul 2020 15:28:34 GMT

Redirect headers

date: Fri, 17 Jul 2020 14:09:42 GMT
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://cdn.ko-fi.com/cdn/widget/Widget_2.js
cache-control: max-age=3600
cf-ray: 5b448ad3ba180610-FRA
cf-request-id: 03feb5184f000006102901c200000001
expires: Fri, 17 Jul 2020 15:09:42 GMT

GET
H2 200 terribleurls.gif
www.questionablecontent.net/images/ 166 KB
167 KB 26ms
22ms Image
image/gif 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.questionablecontent.net/images/terribleurls.gif
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d94a19ff32e319cbcb9e8d3f6e68f3b0498e2d6e0d87b7cac978a8467322dde

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Mar 2019 20:09:05 GMT
server: cloudflare
age: 3031
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad3df49d6b1-FRA
content-length: 170324
cf-request-id: 03feb518640000d6b114985200000001

GET
H2 200 bupmer.jpg
www.questionablecontent.net/images/ 27 KB
27 KB 21ms
17ms Image
image/jpeg 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.questionablecontent.net/images/bupmer.jpg
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d49af68b40a08f35493d92a70f04874295ff4089d2dc83cec94f4fe340a17d

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Nov 2018 21:42:19 GMT
server: cloudflare
age: 3031
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b448ad3df4bd6b1-FRA
content-length: 27469
cf-request-id: 03feb518640000d6b114986200000001

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ 5 KB
3 KB 178ms
61ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=218211&width=300&height=250
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jul 2020 14:09:43 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5f0f72c2-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 404 jquery.min.js
www.questionablecontent.net/js/vendor/ 0
0 11ms
11ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/jquery.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad37e69d6b1-FRA
cf-request-id: 03feb5182e0000d6b11497a200000001

GET
H2 404 what-input.min.js
www.questionablecontent.net/js/vendor/ 0
0 18ms
18ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/what-input.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad39ea2d6b1-FRA
cf-request-id: 03feb5183a0000d6b11497c200000001

GET
H2 404 foundation.min.js
www.questionablecontent.net/js/ 0
0 12ms
12ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/foundation.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad3bef3d6b1-FRA
cf-request-id: 03feb5184e0000d6b11497e200000001

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 87 KB
31 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db5a55f3799ed683dac0915244e2a967217b32d7e837a26d60ff38cbb5d6ef29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 31910
x-xss-protection: 0
server: cafe
etag: 17219126404577513182
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 videoCard.35346086642a4353e3c1.js Show response
cdn.intergient.com/pageos/1.4.55/ 551 B
778 B 192ms
63ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.4.55/videoCard.35346086642a4353e3c1.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be5f93e0853b8b5d53c91d8c3eaf9e09a2f38d0804d173a46a3b7e073812d92b

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 18:19:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1593454744/ctime:1593454744/gid:20/gname:staff/md5:15f7195880609f1d92c191ff9a3148fd/mode:33188/mtime:1593454744/uid:501/uname:thomascreamer
x-amz-request-id: FAD4F6AB4CCBE935
etag: "15f7195880609f1d92c191ff9a3148fd"
x-hw: 1594994983.cds064.lo4.hn,1594994983.cds215.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=29995772
accept-ranges: bytes
access-control-allow-origin: *
content-length: 353
x-amz-id-2: GS2x/MVj0seVLGDDF55dqEpgp7UBI7mgickhSuHxFUbCDhqXAKiHN23QOK215HcGR10IQy9wf3k=

GET
H2 200 kinesis.29f2e0e1fcb8320d435d.js Show response
cdn.intergient.com/pageos/1.4.55/ 3 KB
2 KB 193ms
64ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.4.55/kinesis.29f2e0e1fcb8320d435d.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77497ed9283076bd511d093641509afe3cd0855fef385cc82af3edaf5f0a6d75

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 18:19:09 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1593454744/ctime:1593454744/gid:20/gname:staff/md5:4d11e8fb93d9c9c4983128b13527a64b/mode:33188/mtime:1593454744/uid:501/uname:thomascreamer
x-amz-request-id: 2R7GBZ7Z6NCGFK0Y
etag: "4d11e8fb93d9c9c4983128b13527a64b"
x-hw: 1594994983.cds064.lo4.hn,1594994983.cds076.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=29995772
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1347
x-amz-id-2: 90L2aGuVA1pXrfNqFlgZJrY4JNwIPZlUghNqjwqtS5e9tIQryzPF93wYqgPg8S9eOAdqxlRALME=

GET
H2 200 banner.json Show response
config.playwire.com/1024290/v2/websites/72744/ 14 KB
2 KB 186ms
62ms XHR
application/json 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://config.playwire.com/1024290/v2/websites/72744/banner.json
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1561861cdea1c48b2b04179e5d5ab8f1e4b5311b42720efd52cbf958b723d15

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
status: 200
x-hw: 1594994983.dop082.lo4.t,1594994983.cds232.lo4.hn,1594994983.cds244.lo4.c
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: HW-Country-Code
cache-control: private, must-revalidate, max-age=0
hw-country-code: PL
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
content-length: 1889

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 198 KB
70 KB 180ms
60ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16005b3c3af51a4f2ef08f24c40eb5a1f8a33b6fe80060d41a8c262075ad9be1

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 19:04:15 GMT
server: AmazonS3
x-amz-request-id: CE9174F4664B54F7
etag: "6d8162abee826cec0ba18eb7d523e35d"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=57613
accept-ranges: bytes
content-length: 71045
x-amz-id-2: yOYbPq82QyUFkMmaCisO2umHeEEVZClF2XhouyTEJB+Oirgh7J6JS//xloA5+2kIwn6HnA/ET2A=

GET load.js
api.flattr.com/js/0.6/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: d37fBJWUaxseYfpl4U1HRyNod/1gfRNFUR4tpFZdRpS7zA4OCWMN/ZzKr54tx/cp1o3GKe7URUfvbLeBeK34ag==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 17 Jul 2020 14:09:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5584
date: Fri, 17 Jul 2020 12:36:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 17 Jul 2020 14:36:39 GMT

GET
H2 200 safe-frame.php Show response
www.questionablecontent.net/ Frame 3A79 639 B
387 B 212ms
209ms Document
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.23
Resource Hash: 53deee17c59cbc0e2f46169ba695e9d8f7dca2ea01bcc1520938ac9b7afaca30

Request headers

:method: GET
:authority: www.questionablecontent.net
:scheme: https
:path: /safe-frame.php?mode=AdSense&adunit=3675749653
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da94ab11662034e01d80d7016cd7e4d4b1594994982
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/

Response headers

status: 200
date: Fri, 17 Jul 2020 14:09:43 GMT
content-type: text/html
x-powered-by: PHP/5.4.23
cf-cache-status: DYNAMIC
cf-request-id: 03feb518640000d6b114980200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b448ad3df3cd6b1-FRA
content-encoding: br

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 43 KB
11 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.22

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10760
x-xss-protection: 0
pragma: public
x-fb-debug: 3uP9gcRX+opBeBtCILv2PLaPf4gWe/4EQdoKsmXoSdx+g+el5NWX9yZNpts3VZFSG9YOMrt6S5wInwrdNmeheA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 17 Jul 2020 14:09:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 560616780737475 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/560616780737475?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6d4694862695db68d8bc0ab8c10d98f1c7a2e7096147535ae3edfa260d36a1a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134692
x-xss-protection: 0
pragma: public
x-fb-debug: 2UAJIQqKnkBCdf9jqiH8qTH7rsMbS1t30e9V5P6pQFte04PZTAYjHgnER/mfUwKKWhSqDjpVsiARGFp067Fm1A==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 17 Jul 2020 14:09:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
196 B 13ms
13ms Image
image/gif 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=263854690&utmhn=www.questionablecontent.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Questionable%20Content&utmhid=1801646310&utmr=-&utmp=%2F&utmht=1594994983069&utmac=UA-17679175-1&utmcc=__utma%3D260522194.879693206.1594994983.1594994983.1594994983.1%3B%2B__utmz%3D260522194.1594994983.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1412452623&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 14:09:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
547 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:400,700

Requested by

Host: cdn.ko-fi.com
URL: https://cdn.ko-fi.com/cdn/widget/Widget_2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cfb63b918cd89b3945eef85b2a3deebed28efb9708820c029d8904717b19324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Jul 2020 13:54:42 GMT
server: ESF
date: Fri, 17 Jul 2020 14:09:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ 3 KB
3 KB 34ms
18ms Image
image/webp 2606:4700:20::ac43:485f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: cdn.ko-fi.com
URL: https://cdn.ko-fi.com/cdn/widget/Widget_2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:485f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0309a282e9ea80a675a164d038ecad8de092f0361c10f57272c38e6f0048af5

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Jul 2020 14:09:43 GMT
cf-cache-status: HIT
content-md5: ciX9scqbUz6Gsm7CLYB+HQ==
age: 2259
cf-polished: origFmt=png, origSize=3060
status: 200
content-disposition: inline; filename="cup-border.webp"
content-length: 2584
cf-request-id: 03feb518ae0000061029024200000001
x-ms-lease-status: unlocked
last-modified: Tue, 31 Mar 2020 07:21:32 GMT
server: cloudflare
etag: 0x8D7D54423392779
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 1acdd9a7-401e-00f1-6ea7-5b92a0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2073600
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5b448ad44b950610-FRA
cf-bgj: imgq:100,h2pri

GET
H2 404 jquery.min.js
www.questionablecontent.net/js/vendor/ 0
0 30ms
29ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/jquery.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad4482bd6b1-FRA
cf-request-id: 03feb518b00000d6b11498b200000001

GET
H2 404 what-input.min.js
www.questionablecontent.net/js/vendor/ 0
0 29ms
28ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/what-input.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad4482ed6b1-FRA
cf-request-id: 03feb518b00000d6b11498c200000001

GET
H2 404 foundation.min.js
www.questionablecontent.net/js/ 0
0 30ms
29ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/foundation.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 135
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad4482fd6b1-FRA
cf-request-id: 03feb518b00000d6b11498d200000001

GET
H2 200 whitelogo.svg
storage.ko-fi.com/cdn/ 2 KB
951 B 16ms
15ms Image
image/svg+xml 2606:4700:20::ac43:485f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/whitelogo.svg
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:485f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: NNxd8cik1auzYySPv5WiaQ==
age: 1527
status: 200
cf-request-id: 03feb518bf0000061029025200000001
x-ms-lease-status: unlocked
last-modified: Tue, 31 Mar 2020 10:30:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7ee4b0e9-e01e-007f-490c-46dd01000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2073600
x-ms-version: 2009-09-19
cf-ray: 5b448ad46be00610-FRA

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v21/ 26 KB
26 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Quicksand:400,700
Origin: https://www.questionablecontent.net

Response headers

date: Fri, 26 Jun 2020 04:13:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:43:58 GMT
server: sffe
age: 1850192
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26160
x-xss-protection: 0
expires: Sat, 26 Jun 2021 04:13:11 GMT

GET
H2 200 vendors~gdpr.89e898b4c857da7a735e.js Show response
cdn.intergient.com/pageos/1.4.55/ 15 KB
5 KB 81ms
65ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.4.55/vendors~gdpr.89e898b4c857da7a735e.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cb8b8d43757565bef395470a6606f714d89cb15f00387c8b651f22010a8113c

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 18:19:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1593454744/ctime:1593454744/gid:20/gname:staff/md5:934454f59fd8080a32150137355752b8/mode:33188/mtime:1593454744/uid:501/uname:thomascreamer
x-amz-request-id: 7Z0Z9V2V8H8KFMBT
etag: "934454f59fd8080a32150137355752b8"
x-hw: 1594994983.cds064.lo4.hn,1594994983.cds033.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=29995772
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4893
x-amz-id-2: 5KYQbE2sd1XPyjdeh6tX4DjPYpr37SHLV7Etx85KBYIcPTf/5Sjl2kmbz9Cf6nmAGo1AjU85aNc=

GET
H2 200 gdpr.fca5bd8020a5912d1460.js Show response
cdn.intergient.com/pageos/1.4.55/ 6 KB
2 KB 80ms
65ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.4.55/gdpr.fca5bd8020a5912d1460.js
Requested by: Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/tyche.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4190e6dacfcf5608dd2ce7d55ff1a614d6051a2852ce4804a1606b5718eaa46f

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 18:19:08 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1593454744/ctime:1593454744/gid:20/gname:staff/md5:110847b01012686f5893c0495608c67f/mode:33188/mtime:1593454744/uid:501/uname:thomascreamer
x-amz-request-id: 01EA6938A85B4DBA
etag: "110847b01012686f5893c0495608c67f"
x-hw: 1594994983.cds064.lo4.hn,1594994983.cds235.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=29995772
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2111
x-amz-id-2: 7SnTuY/5IKlHRwbOA3fTmH1ODMsGbYQqJHf8Wc3HToOWGb6lnBU4+jndjzlpLJfiwWHEPHlPAiE=

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame F61F 87 KB
20 KB 62ms
62ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=218211&width=300&height=250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: a37b198fe456abc263ff79d4ee594174579c6bbefe58281a7677f2828707e922

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 17 Jul 2020 14:09:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2020 21:19:34 GMT
Server: nginx
ETag: W/"5f0f72e6-15b3a"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Sat, 18 Jul 2020 14:09:43 GMT

GET
H2 200 safe-frame.php Show response
www.questionablecontent.net/ Frame 5FF1 639 B
353 B 207ms
206ms Document
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.23
Resource Hash: 64eb97c3fa815b3efef427f78221d20b063cbff8f4623de76b8ed48e5c698e8c

Request headers

:method: GET
:authority: www.questionablecontent.net
:scheme: https
:path: /safe-frame.php?mode=AdSense&adunit=5308843506
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da94ab11662034e01d80d7016cd7e4d4b1594994982; __utma=260522194.879693206.1594994983.1594994983.1594994983.1; __utmc=260522194; __utmz=260522194.1594994983.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=260522194.1.10.1594994983
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/

Response headers

status: 200
date: Fri, 17 Jul 2020 14:09:43 GMT
content-type: text/html
x-powered-by: PHP/5.4.23
cf-cache-status: DYNAMIC
cf-request-id: 03feb519190000d6b114995200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b448ad4f9b2d6b1-FRA
content-encoding: br

GET
H2 404 jquery.min.js
www.questionablecontent.net/js/vendor/ 0
0 11ms
10ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/jquery.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad4f9b3d6b1-FRA
cf-request-id: 03feb519190000d6b114996200000001

GET
H2 404 what-input.min.js
www.questionablecontent.net/js/vendor/ 0
0 11ms
11ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/vendor/what-input.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad519ecd6b1-FRA
cf-request-id: 03feb5192a0000d6b114997200000001

GET
H2 200 aws-sdk-kinesis.min.js Show response
cdn.intergi.com/pageos/js/libs/ 227 KB
79 KB 66ms
66ms Script
text/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/pageos/js/libs/aws-sdk-kinesis.min.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.4.55/kinesis.29f2e0e1fcb8320d435d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
last-modified: Mon, 14 Jan 2019 21:27:42 GMT
etag: "1547501262"
status: 200
x-hw: 1594994983.cds017.lo4.hn,1594994983.cds030.lo4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
content-length: 80823

GET
H2 200 cmp.js Show response
cdn.intergient.com/pageos/1.4.55/cmp/ 165 KB
45 KB 63ms
62ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.4.55/gdpr.fca5bd8020a5912d1460.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b739b99ac64980238146f66594f1c7a86c79a71a33acb98db9c8d1b7cbca417

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 18:19:08 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1593454743/ctime:1593454742/gid:20/gname:staff/md5:d14e5e20483a2c3e491b93dbb6d18e05/mode:33188/mtime:1593454742/uid:501/uname:thomascreamer
x-amz-request-id: F8BBFAAB2B916020
etag: "d14e5e20483a2c3e491b93dbb6d18e05"
x-hw: 1594994983.cds064.lo4.hn,1594994983.cds212.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=29995772
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45254
x-amz-id-2: f9VzEcJhdUAChJaWgCst1T+OM4cBTyM1MjwsLMccZGVBRveEAaeV6MXGg9qpEVYmpsUlEJY6+F4=

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=560616780737475&ev=PageView&dl=https%3A%2F%2Fwww.questionablecontent.net%2F&rl=&if=false&ts=1594994983241&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=62&fbp=fb.1.1594994983240.271465286&it=1594994983045&coo=false&rqm=GET

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 404 foundation.min.js
www.questionablecontent.net/js/ 0
0 15ms
14ms Script
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/js/foundation.min.js
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 135
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b448ad54a41d6b1-FRA
cf-request-id: 03feb519480000d6b11499b200000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3A79 117 KB
41 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcdba056d63a6f9a02f8066b18be573c32b79507854189baf3f0d10414d4461e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42370
x-xss-protection: 0
server: cafe
etag: 15539805577875352861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 548ms
137ms Script
application/javascript 52.205.225.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=1811301889.657755

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.225.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Apache /

Resource Hash

a09e189211a25ff5bcd9aca5e92b41565266e44b247ae4222ce753f802c4d8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jul 2020 14:09:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 732
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 safe-frame.php Show response
www.questionablecontent.net/ Frame F741 639 B
353 B 109ms
109ms Document
text/html 2606:4700:3038::681f:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.23
Resource Hash: 9989e01296e023f6b12010fd9e3d6ffa8d6f4f638be4b9925df26d264e769515

Request headers

:method: GET
:authority: www.questionablecontent.net
:scheme: https
:path: /safe-frame.php?mode=AdSense&adunit=6553760051
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da94ab11662034e01d80d7016cd7e4d4b1594994982; __utma=260522194.879693206.1594994983.1594994983.1594994983.1; __utmc=260522194; __utmz=260522194.1594994983.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=260522194.1.10.1594994983; _fbp=fb.1.1594994983240.271465286
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/

Response headers

status: 200
date: Fri, 17 Jul 2020 14:09:43 GMT
content-type: text/html
x-powered-by: PHP/5.4.23
cf-cache-status: DYNAMIC
cf-request-id: 03feb5197a0000d6b1149a4200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b448ad59ae0d6b1-FRA
content-encoding: br

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ 220 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84780
x-xss-protection: 0
server: cafe
etag: 2308157152436191864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/ Frame C27E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200715/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 16 Jul 2020 10:06:22 GMT
expires: Thu, 30 Jul 2020 10:06:22 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 101001
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 570ms
143ms Script
application/javascript 52.205.225.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=3068106974.045064

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.225.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Apache /

Resource Hash

7ce2998e06d43db1397373dc26c47d03e7e53770fd88faf7c02b387ae3ffad43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jul 2020 14:09:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 733
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 yi.js Show response
mb.moatads.com/ 1 KB
2 KB 226ms
73ms Script
text/html 54.77.133.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.questionablecontent.net%2F&confidence=2&pcode=playwireprebidheader597261727146&callback=MoatNadoAllJsonpRequest_50720135
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.133.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: 53b74746d972161cabeb905ac4ba7e5ed0356fbf660fbdfe2346f97b7e43c99c

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
server: TornadoServer/4.5.3
etag: "e08807a7312f8400ec216acfb35aecf5d80c6cf7"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 1462

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 59ms
57ms Image
image/gif 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1594994983346&de=578885790830&d=PLAYWIRE_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=c0e0cb4-clean&iw=9414c38&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=questionablecontent.net&bd=questionablecontent.net&ac=1&bq=11&f=0&na=576780694&cs=0
Requested by: Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 14:09:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame F61F 175 B
558 B 63ms
63ms Script
application/x-javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=218211&tid=791c0a38578e470eaf73102dad5d7d147c643bb7&mode=1&dmn=www.questionablecontent.net
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 56d33f4f46a270908782ec5a6ed7159083ea30b9af3e3c06ae4a76f6827ff449

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 17 Jul 2020 14:09:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 154

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3A79 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3A79 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ Frame 3A79 220 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84780
x-xss-protection: 0
server: cafe
etag: 2308157152436191864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 400 ads
googleads.g.doubleclick.net/pagead/ Frame 1B04 0
0 21ms
21ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1737303903&adf=1137708138&lmt=1594994983&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1594994983294&bpp=28&bdt=756&idt=147&shv=r20200715&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=4459626528437&frm=20&pv=2&ga_vid=729478037.1594994983&ga_sid=1594994983&ga_hid=1801646310&ga_fc=0&iag=0&icsg=4486053679332348&dssz=57&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=3692&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2878520159919426&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cbr%7C&abl=CS&fu=8208&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=163

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?output=html&adk=1737303903&adf=1137708138&lmt=1594994983&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1594994983294&bpp=28&bdt=756&idt=147&shv=r20200715&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=4459626528437&frm=20&pv=2&ga_vid=729478037.1594994983&ga_sid=1594994983&ga_hid=1801646310&ga_fc=0&iag=0&icsg=4486053679332348&dssz=57&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=3692&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2878520159919426&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cbr%7C&abl=CS&fu=8208&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=163
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/

Response headers

status: 400
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Jul 2020 14:09:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Jul-2020 14:24:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 99 KB
18 KB 8ms
8ms Fetch
application/json 2600:9000:20eb:9800:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77b7ecc7c4aa2db7a32cb9d4d8daea84888e126a02eb6d55d7884de2f3be9fa7

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 16:14:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 78913
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 16 Jul 2020 16:00:42 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: mZpZhgvhYw41YwwZX9iFU1IoE2evD.ri
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: 9fRrpS7CnsP4eXDixcT6q2Yp0iNamA2CbFoYLQA_VJCjuwqT5wYy4A==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F741 117 KB
41 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcdba056d63a6f9a02f8066b18be573c32b79507854189baf3f0d10414d4461e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42370
x-xss-protection: 0
server: cafe
etag: 15539805577875352861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5FF1 117 KB
41 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcdba056d63a6f9a02f8066b18be573c32b79507854189baf3f0d10414d4461e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42370
x-xss-protection: 0
server: cafe
etag: 15539805577875352861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F2A8 0
0 49ms
48ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0126922120845423&output=html&h=280&slotname=3675749653&adk=4294478711&adf=3279755397&w=954&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=954x280&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594994983418&bpp=6&bdt=175&idt=139&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=2&ga_vid=856070987.1594994984&ga_sid=1594994984&ga_hid=772804834&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=323&ady=80&biw=1600&bih=1200&isw=970&ish=150&ifk=3799165976&scr_x=0&scr_y=0&eid=21066533&oid=3&pvsid=4438519513942081&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C150&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.ww75d8p8l3mb&fsb=1&dtd=147

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0126922120845423&output=html&h=280&slotname=3675749653&adk=4294478711&adf=3279755397&w=954&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=954x280&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594994983418&bpp=6&bdt=175&idt=139&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=2&ga_vid=856070987.1594994984&ga_sid=1594994984&ga_hid=772804834&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=323&ady=80&biw=1600&bih=1200&isw=970&ish=150&ifk=3799165976&scr_x=0&scr_y=0&eid=21066533&oid=3&pvsid=4438519513942081&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C150&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.ww75d8p8l3mb&fsb=1&dtd=147
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Jul 2020 14:09:43 GMT
server: cafe
content-length: 198
x-xss-protection: 0
set-cookie: IDE=AHWqTUnztqIfVT2WVR0v70MwQRA8jwrmspiBv14jJh685cOXkJQNtDSfKhQvolaP; expires=Wed, 11-Aug-2021 14:09:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Jul 2020 14:09:43 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A79 71 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5FF1 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5FF1 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ Frame 5FF1 220 KB
83 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84780
x-xss-protection: 0
server: cafe
etag: 2308157152436191864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F741 109 B
168 B 18ms
17ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F741 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.questionablecontent.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ Frame F741 220 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84780
x-xss-protection: 0
server: cafe
etag: 2308157152436191864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3A79 7 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba52e5db93ffbdfb9b14bf3c3fe10a9060c743f0c556e37071c2588ab71dc6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A79 14 KB
5 KB 46ms
38ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C9C1 0
0 46ms
46ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0126922120845423&output=html&h=125&slotname=5308843506&adk=137528354&adf=3279755399&w=151&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=151x125&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&adsid=NT&dt=1594994983593&bpp=4&bdt=129&idt=84&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=1&ga_vid=61494841.1594994984&ga_sid=1594994984&ga_hid=1143128164&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1141&ady=427&biw=1600&bih=1200&isw=167&ish=150&ifk=3930757590&scr_x=0&scr_y=0&eid=21066713&oid=3&pvsid=3975511116378948&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C167%2C150&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.wvrr6cq230dx&fsb=1&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0126922120845423&output=html&h=125&slotname=5308843506&adk=137528354&adf=3279755399&w=151&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=151x125&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&adsid=NT&dt=1594994983593&bpp=4&bdt=129&idt=84&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=1&ga_vid=61494841.1594994984&ga_sid=1594994984&ga_hid=1143128164&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1141&ady=427&biw=1600&bih=1200&isw=167&ish=150&ifk=3930757590&scr_x=0&scr_y=0&eid=21066713&oid=3&pvsid=3975511116378948&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C167%2C150&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.wvrr6cq230dx&fsb=1&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnztqIfVT2WVR0v70MwQRA8jwrmspiBv14jJh685cOXkJQNtDSfKhQvolaP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Jul 2020 14:09:43 GMT
server: cafe
content-length: 199
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FF1 71 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 291F 0
0 65ms
64ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0126922120845423&output=html&h=280&slotname=6553760051&adk=984839962&adf=3279755401&w=984&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=984x280&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594994983602&bpp=1&bdt=139&idt=85&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=1&ga_vid=2095962286.1594994984&ga_sid=1594994984&ga_hid=296848388&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=3663&biw=1600&bih=1200&isw=1000&ish=150&ifk=1163435473&scr_x=0&scr_y=0&eid=21066716&oid=3&pvsid=4188212204175220&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1000%2C150&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.qacu21qab364&btvi=1&fsb=1&dtd=90

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0126922120845423&output=html&h=280&slotname=6553760051&adk=984839962&adf=3279755401&w=984&fwrn=3&fwrnh=100&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=984x280&url=https%3A%2F%2Fwww.questionablecontent.net%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594994983602&bpp=1&bdt=139&idt=85&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=4459626528437&frm=23&ife=1&pv=1&ga_vid=2095962286.1594994984&ga_sid=1594994984&ga_hid=296848388&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=3663&biw=1600&bih=1200&isw=1000&ish=150&ifk=1163435473&scr_x=0&scr_y=0&eid=21066716&oid=3&pvsid=4188212204175220&pem=728&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1000%2C150&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8340&bc=31&ifi=1&uci=1.qacu21qab364&btvi=1&fsb=1&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnztqIfVT2WVR0v70MwQRA8jwrmspiBv14jJh685cOXkJQNtDSfKhQvolaP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Jul 2020 14:09:43 GMT
server: cafe
content-length: 199
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F741 71 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 1E67 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 17 Jul 2020 13:33:42 GMT
expires: Sat, 17 Jul 2021 13:33:42 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2161
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5FF1 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

346ce5bd11572c1c89a219898d6469c638740d918511353815e22d488499a9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5579
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F741 7 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef473572d5db99c5b4961ecc4f160edad1fb11ce42bb9ac2cad09554bc31801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5622
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FF1 14 KB
5 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F741 14 KB
5 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:43 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 3243 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 17 Jul 2020 13:33:42 GMT
expires: Sat, 17 Jul 2021 13:33:42 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2161
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame CD95 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 17 Jul 2020 13:33:42 GMT
expires: Sat, 17 Jul 2021 13:33:42 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2161
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=1811301889.657755&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible
https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=1811301889.657755&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1

42 B
758 B

141ms
141ms

Image
image/gif

52.205.225.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=1811301889.657755&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.225.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jul 2020 14:09:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 17 Jul 2020 14:09:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=1811301889.657755&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=3068106974.045064&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible
https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=3068106974.045064&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1

42 B
758 B

143ms
143ms

Image
image/gif

52.205.225.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=3068106974.045064&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.225.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jul 2020 14:09:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 17 Jul 2020 14:09:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=81395407-05ad-4188-ae6e-732b205fbcdb&ord=3068106974.045064&ref=https%3A%2F%2Fwww.questionablecontent.net%2F&dvis=visible&ip=194.99.105.99&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A79 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=4438519513942081&bg=!BAelBx9YAshMxRSvimICAAAAR1IAAAApmQGxPE0pBfa2xys6enzM64vwpJAoGJrrtcR2ipwrz6gADIwgy4yoe25ijto6cUwQ-8jT1E3LV6aJehxmL9EAhs4BLCUWETXriwOfWhoM6GNUriChPq3cKtBzPTQ4RTcpfZorZbXkWWzLK37yOoj2bJlqTXqit8ufpWEU5w8s_rgNeyDYKZQicQ65cpI51BBlMKcYEVrACa9O1VhvMFpzx-xHp72fjABpTA7rTQnMKDJovucgc7OffxgOzZ4eC7jDH24lum67RDXY9ok9ApjRqRLqJWMnJ_wkDZDjdpZjxmKOLtUYBqoVr0yPFRxyz5vC-kG-iiAsTUtEx-znCH5z5zha5sC3nPlgAa4RnGPo1NkrTBecCqaHT8ZyIRLJ9t7GMLeiWShN1twGX920Azkzs9jb8NcdiAyzqaX91V8St8EmKelmVd4JJeVDN-l6NyyMfjCgC8rajVov0IAbxnUirDSSz0_wo32F1P0LB_l5Ei-2TYXNQl3_cqeYwtfga7KYzacV3SRs5zOqUhilI5xb4cGYcOvTQlqmwJZHh0eDsudWJeoWC8YdXSvtoA1z0r4TCKqoDg

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=3675749653
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 14:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FF1 0
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=3975511116378948&bg=!p6SlpLxYZLmFSlkZhpQCAAAAeFIAAAAOmQGx4T-YMeXrtdrBLVJv5vcrkHBX0gBGsjak2eSx0R4mX7xWsdbRTpBAK8IyXSRGZlGbGRScwXPnm29Yx92qPxFoyZoW9_O8ukqEpmjCav1dq3-XMqGkoGJjJeCW0EqUmUY8xSBKbs9IJEDO6nHI24Z5Ye59atIO2iiDYWz40vOXw3IHmAYSX6Ccf51ISGgjUGeOpWeR67nSumI9Ak6DyhS6hqlx5fFXXzrZa9eKfLZAtwpnm9BAu2ehx_im4NAas0ZCDvR1JV4x2ip8ICCZRsZqxu2tuyJOh1G0xG0IUky2jgXXojzbl0xaTWY7-KJmTHriMLciSutTFIzTddebGACcSVeEhn9QyVJTGBYW-cYP6kRhiYq2MFOY0mNuvjyCvaHYQKCwX2SjmAN4M6tKZHC3WOetM_-5GHKlqVunv2o2eaqXGYhiyYMtIZSqC0rhdV66D2F0Pm9a3gkSLO1PMgp7kwg7OQe9AcMRKOgel2_jRUtRGRGanVGOhuTZv-vPHK4s2YcXhRVmRod4t5gx6t5X7TdNIzxqhwS_s0BQM9x-I_BQ-0LeiJcXnDXOXQgaUZD_lw

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=5308843506
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 14:09:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F741 0
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=4188212204175220&bg=!xMelx99Y9Kn5YhKVcj4CAAAAc1IAAAAUmQGxnYh9dyeVkqMaNerR0qQ7y1tIsqiYCqP9RJpKelh7m2AmtbAWhGSYiw5ZzZ06O_RK83qxGfQcQyaj0Ofgj8U2PDDJlZrjfTM5BuhBUNfRyW9K1NOS2c9w6NPpR7RgC2LQRVOtyvwj7OsTAlEkH57HKamWyUBSiJyQIx89H5i-19HSLh6HJXT40A_1MGZyS0qCQ0zQOURJ2oTLk6B3yH7yjMr2BJgggKuLl4CbNlKyJn3EMt2N682mFKde_hSOqDyi0dqxRkbnf70_nepL_LHT92HKo57JvucaVXq6SthORgjYPReHDg3EMgQQtVlX3_-ZOa6s9v9d8VpyjfU9LMfQi0WtCyAOTwpMGKazlBB4Bctcn1kRvsejJ1ajGg_-6SiAS-JCsj5ocF8TLodQaFgOc41A-Wq0qr2ATgbIB1iP87IFSOORtxdc4AHnTBn3MzkJkj3P-tiRiP6z8bhkujAzhiLPNS0s1B8W1u2qVYFzdsGFbILg24tvvVgCMDjvYcDj1aMxFR-iASUI0MAYzotCjDxtf2cwIWwDGEElren6AvB5w5-hMZYYRBoXv5lMeEsHcQ

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/safe-frame.php?mode=AdSense&adunit=6553760051
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 14:09:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=560616780737475&ev=Microdata&dl=https%3A%2F%2Fwww.questionablecontent.net%2F&rl=&if=false&ts=1594994984768&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Questionable%20Content%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=62&fbp=fb.1.1594994983240.271465286&it=1594994983045&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.questionablecontent.net
URL: https://www.questionablecontent.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 17 Jul 2020 14:09:44 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dff62e9e7a2f2a69981451de35ac180f336131ced82f528b646f88c239283b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5676
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 14:09:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 17 Jul 2020 14:09:50 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame CC4F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.questionablecontent.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.questionablecontent.net/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 17 Jul 2020 13:33:42 GMT
expires: Sat, 17 Jul 2021 13:33:42 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2168
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=2878520159919426&bg=!9_Sl9OxYUBmF8Nja01sCAAAATFIAAAATmQGMaiaZE86okJtAIJDxLNAsp27oV4CShVXYjl1nZ33okJ57PBYjR3YBe1Q0DuKxryoQOHey-kTHnNdst9lO1yPysI6-AeKUPFtM7SXNXCZawwahjYUnzS4OtOngVADDabq9hpDbtrwfHrsu3NTQhAG16zPjw_Un1BcV9UXvD8-catsi3sZZ5xVhOmL-AFf9pPI3PEZuAKaYPXbI0mP_1dS_Dd6RD9jVE5c1jRaRPzFevEPfYaj1-UFpGk06rUeNoi1uZQcvWAMfDH4ZpywIPYwDHHgdToCSsitfZrCHtUpeqVnN39EHCswbanGCzexNf0tFZovEVJbanaMLwdN21Qbz4hwV-df7gSZO6Ge1UHQOdFOEqqpFepCU4It9muSq1h6wOsDGS5wHQykBlopO8RgXFLpBCL_C3C2_R18Sgj9-jBwozLzMfDAnNxMRSJpJ8x58A9aD6pyupajrtvkHd28bMGL_piP2EM5QmXKND3FF9dsEAj-q73pYkznkStBvZry5boq6sfqb9sk0iqJm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.questionablecontent.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 14:09:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.flattr.com
URL: http://api.flattr.com/js/0.6/load.js?mode=auto

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - An invalid email address was specified for 'em'. This data will not be sent with any events for this Pixel.
console-api	log	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: DEBUG - (CMP) Using configuration: [object Object]
console-api	log	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: DEBUG - (CMP) Read consent data from local cookie undefined
console-api	log	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: DEBUG - (CMP) Successfully loaded CMP version: 0.0.0 in 10ms
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Notify event: isLoaded
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Process 3 queued commands
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Proccess command: showConsentTool, parameter: undefined
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Proccess command: addEventListener, parameter: onSubmit
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Proccess command: addEventListener, parameter: cmpReady
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Queuing command: getConsentData until consent data is available
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Queuing command: getVendorConsents until consent data is available
console-api	info	URL: https://cdn.intergient.com/pageos/1.4.55/cmp/cmp.js?version=1(Line 1) Message: INFO - (CMP) Notify event: cmpReady

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.flattr.com
cdn.intergi.com
cdn.intergient.com
cdn.ko-fi.com
config.playwire.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ko-fi.com
mb.moatads.com
pagead2.googlesyndication.com
px.moatads.com
ssl.google-analytics.com
storage.ko-fi.com
thor.blindferret.media
tpc.googlesyndication.com
trkn.us
vendorlist.consensu.org
www.facebook.com
www.googletagservices.com
www.questionablecontent.net
z.moatads.com
api.flattr.com
151.139.128.10
151.139.240.88
205.185.216.42
2600:9000:20eb:9800:1:af78:4c0:93a1
2606:4700:20::ac43:485f
2606:4700:3038::681f:8ae
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:814::2001
2a00:1450:4001:815::2002
2a00:1450:4001:815::2003
2a00:1450:4001:819::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:81f::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.205.225.148
54.77.133.33
72.251.249.9
92.122.255.233
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09d49af68b40a08f35493d92a70f04874295ff4089d2dc83cec94f4fe340a17d
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1230a04561b9afd1e26eaba7b547ea29a620c56dca7ccd61f0490331cd997be9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16005b3c3af51a4f2ef08f24c40eb5a1f8a33b6fe80060d41a8c262075ad9be1
18dc4d6395524e8b8fb8d851bffbd372033edbbf68ad923aab9f735999d07d36
1d94a19ff32e319cbcb9e8d3f6e68f3b0498e2d6e0d87b7cac978a8467322dde
1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173
2b739b99ac64980238146f66594f1c7a86c79a71a33acb98db9c8d1b7cbca417
2cb8b8d43757565bef395470a6606f714d89cb15f00387c8b651f22010a8113c
346ce5bd11572c1c89a219898d6469c638740d918511353815e22d488499a9d9
3ef473572d5db99c5b4961ecc4f160edad1fb11ce42bb9ac2cad09554bc31801
4190e6dacfcf5608dd2ce7d55ff1a614d6051a2852ce4804a1606b5718eaa46f
45a2a605aba7a433fdb038c1078819af9d6f88ebb295fda9e0e587f0835ea7bd
4bedf598ed293d51f0192b5a15d9b66b41fd5c16c3b92ec2bfcdabe5f14a9fcd
53b74746d972161cabeb905ac4ba7e5ed0356fbf660fbdfe2346f97b7e43c99c
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
53deee17c59cbc0e2f46169ba695e9d8f7dca2ea01bcc1520938ac9b7afaca30
56d33f4f46a270908782ec5a6ed7159083ea30b9af3e3c06ae4a76f6827ff449
5e5273c26cd380d3eee43f9e5467f1b81438902fe42e8b24bb3684d5b813b275
64eb97c3fa815b3efef427f78221d20b063cbff8f4623de76b8ed48e5c698e8c
6cfb63b918cd89b3945eef85b2a3deebed28efb9708820c029d8904717b19324
77497ed9283076bd511d093641509afe3cd0855fef385cc82af3edaf5f0a6d75
77b7ecc7c4aa2db7a32cb9d4d8daea84888e126a02eb6d55d7884de2f3be9fa7
78d3b3d3eace4a47186f7fda9583b831df7e01703474ae6005d47e3a7edebd32
7ce2998e06d43db1397373dc26c47d03e7e53770fd88faf7c02b387ae3ffad43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88db72584919a04a5e6427320ca87e24ab0dc9790d322407cfeb6dd7e57c4835
8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931
98ad3a458eb668fd2e5ff9a2a095a16fa5a42ba7b7f3a5908b725b9bf8aaaeb7
9989e01296e023f6b12010fd9e3d6ffa8d6f4f638be4b9925df26d264e769515
a09e189211a25ff5bcd9aca5e92b41565266e44b247ae4222ce753f802c4d8b4
a37b198fe456abc263ff79d4ee594174579c6bbefe58281a7677f2828707e922
a97e2486e279a2b5bf69bcff95f7cb25134574da875dbbcf9404467749b21253
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
b6d4694862695db68d8bc0ab8c10d98f1c7a2e7096147535ae3edfa260d36a1a
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
ba52e5db93ffbdfb9b14bf3c3fe10a9060c743f0c556e37071c2588ab71dc6fa
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
be3a092cfb18bd13d872bb4e9f076a7cac9dea4b6dd1b960607e32401e37a166
be5f93e0853b8b5d53c91d8c3eaf9e09a2f38d0804d173a46a3b7e073812d92b
bea1dff2cbfb263bf09ebe39a5e66cb8c1ff55d694637a3ae5d1716ac933c1a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11804e120e235c4f1fef56b735c6e1f00582c6f47a192080c2188ab5e2f40cb
d503deb607817970d6cae2ccccb5b2acdf945732258f2c7fc2a5d47b5a4a8af1
db5a55f3799ed683dac0915244e2a967217b32d7e837a26d60ff38cbb5d6ef29
dff62e9e7a2f2a69981451de35ac180f336131ced82f528b646f88c239283b8b
e0309a282e9ea80a675a164d038ecad8de092f0361c10f57272c38e6f0048af5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbedadd60034866067f37da6701c7137a5d3e8054acdd2d94e1ba0f2b1c15db
f1561861cdea1c48b2b04179e5d5ab8f1e4b5311b42720efd52cbf958b723d15
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fcdba056d63a6f9a02f8066b18be573c32b79507854189baf3f0d10414d4461e

www.questionablecontent.net Open in urlscan Pro 2606:4700:3038::681f:8ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

99 %HTTPS

67 %IPv6

21 Domains

27 Subdomains

22 IPs

5 Countries

1746 kBTransfer

4665 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.questionablecontent.net Open in urlscan Pro
2606:4700:3038::681f:8ae Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

99 %
HTTPS

67 %
IPv6

21
Domains

27
Subdomains

22
IPs

5
Countries

1746 kB
Transfer

4665 kB
Size

0
Cookies

106 HTTP transactions
0 data transactions