www.authorstream.com Open in urlscan Pro
104.21.64.23 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.authorstream.com/cropbattle46/
Submission: On September 28 via manual (September 28th 2022, 9:48:47 pm UTC) from GB — Scanned from AU

Summary HTTP 90 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 19 domains to perform 90 HTTP transactions. The main IP is 104.21.64.23, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is www.authorstream.com. The Cisco Umbrella rank of the primary domain is 406785.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.

This is the only time www.authorstream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	104.21.64.23 104.21.64.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.12.95 142.251.12.95	15169 (GOOGLE) (GOOGLE)
5	142.251.12.139 142.251.12.139	15169 (GOOGLE) (GOOGLE)
4	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
2	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
4	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1 2	142.251.12.97 142.251.12.97	15169 (GOOGLE) (GOOGLE)
5	74.125.68.155 74.125.68.155	15169 (GOOGLE) (GOOGLE)
1	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
2	172.217.194.84 172.217.194.84	15169 (GOOGLE) (GOOGLE)
1	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
1	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
3	142.251.12.132 142.251.12.132	15169 (GOOGLE) (GOOGLE)
2	23.108.101.160 23.108.101.160	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
9	172.217.194.132 172.217.194.132	15169 (GOOGLE) (GOOGLE)
3	142.251.12.105 142.251.12.105	15169 (GOOGLE) (GOOGLE)
9	23.193.108.22 23.193.108.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	42.99.140.216 42.99.140.216	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
3	23.207.36.20 23.207.36.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.227.190.204 3.227.190.204	14618 (AMAZON-AES) (AMAZON-AES)
1	23.193.109.76 23.193.109.76	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.46.132 199.232.46.132	54113 (FASTLY) (FASTLY)
1 1	172.253.118.157 172.253.118.157	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
5	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
90	25

22 104.21.64.23 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.authorstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.139 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f139.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.97 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.84 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net

51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.108.101.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

b1-sindc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1t-sindc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

widgets.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.105 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.193.108.22 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-108-22.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.216 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-216.pacnet.net

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.207.36.20 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.190.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-190-204.compute-1.amazonaws.com

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.193.109.76 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-109-76.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.46.132 (Singapore, Singapore)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.157 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	authorstream.com www.authorstream.com — Cisco Umbrella Rank: 406785	189 KB
17	googlesyndication.com 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	81 KB
12	media.net hblg.media.net — Cisco Umbrella Rank: 1594 contextual.media.net — Cisco Umbrella Rank: 560 warp.media.net — Cisco Umbrella Rank: 2302 lg3.media.net — Cisco Umbrella Rank: 3952 cs.media.net — Cisco Umbrella Rank: 1341	162 KB
11	google.com apis.google.com — Cisco Umbrella Rank: 109 accounts.google.com — Cisco Umbrella Rank: 77 adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	131 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	150 KB
3	zemanta.com b1-sindc1.zemanta.com — Cisco Umbrella Rank: 51697 widgets.zemanta.com — Cisco Umbrella Rank: 9232 b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 40404	5 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	115 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 344	921 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 743	142 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 294	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	89 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	15 KB
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 2477	5 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1243	3 KB
1	cheqzone.com obs.cheqzone.com — Cisco Umbrella Rank: 7159	3 KB
1	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1603
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 103730	792 B
1	gstatic.com ssl.gstatic.com	5 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 284	27 KB
90	19

	Domain	Requested by
22	www.authorstream.com	www.authorstream.com
9	tpc.googlesyndication.com	www.authorstream.com 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.authorstream.com
5	apis.google.com	www.authorstream.com apis.google.com accounts.google.com
3	lg3.media.net	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com www.authorstream.com
3	contextual.media.net	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com contextual.media.net
3	hblg.media.net	www.authorstream.com 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
3	www.google.com	www.authorstream.com 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com tpc.googlesyndication.com
3	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	www.authorstream.com 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
2	match.adsrvr.org	2 redirects
2	cs.media.net	contextual.media.net
2	accounts.google.com	apis.google.com www.authorstream.com
2	static.xx.fbcdn.net	www.facebook.com
2	ssl.google-analytics.com	1 redirects www.authorstream.com
2	connect.facebook.net	www.authorstream.com connect.facebook.net
2	www.facebook.com	www.authorstream.com connect.facebook.net
1	cm.g.doubleclick.net	1 redirects
1	zem.outbrainimg.com	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
1	widgets.outbrain.com	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
1	obs.cheqzone.com	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
1	b1t-sindc1.zemanta.com	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
1	warp.media.net	51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
1	qsearch-a.akamaihd.net	www.authorstream.com
1	widgets.zemanta.com	www.authorstream.com
1	b1-sindc1.zemanta.com	www.authorstream.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	ssl.gstatic.com	accounts.google.com
1	stats.g.doubleclick.net	www.authorstream.com
1	ajax.googleapis.com	www.authorstream.com
90	32

This site contains links to these domains. Also see Links.

Domain
upload.authorstream.com
fivem-servers.com
apps.facebook.com
blog.authorstream.com
twitter.com
www.facebook.com
www.youtube.com
plus.google.com
pinterest.com
itunes.apple.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-08` - `2022-10-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.cheqzone.com ZeroSSL ECC Domain Secure Site CA	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.outbrainimg.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.authorstream.com/cropbattle46/
Frame ID: 118FE8832F4C9F2F484038CBD2B3A7A8
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=189714297746419&href=http://www.facebook.com/pages/authorSTREAMcom/20531169249&send=false&layout=standard&width=250&show_faces=false&action=like&colorscheme=light&font&height=40
Frame ID: B4CD8C09F7BC3CC1B2EC0DD7A47C08F6
Requests: 3 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&rel=nofollow&count=true&origin=https%3A%2F%2Fwww.authorstream.com&url=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 919B3F616E47926E662A7B5BEECE9D1D
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&rel=nofollow&count=true&origin=https%3A%2F%2Fwww.authorstream.com&url=http%3A%2F%2Fwww.authorstream.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: A2B6AF57B018ED8B05B16AEB3F20790E
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.authorstream.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: D6966EEDD50496FBEBC245C4DB66D5CB
Requests: 5 HTTP requests in this frame

Frame: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F11600F031C7EB4BD59D2DEC808121F
Requests: 1 HTTP requests in this frame

Frame: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 99A668156A8445E6391A0894225354E8
Requests: 1 HTTP requests in this frame

Frame: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 22120306F4224F509C50E75A1EF43B2D
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_kIQOsE0Y7z-JMzLrQHT4ZGQAZiZlI1cnZy51YoKwI23ARABIABgpcCjgKQBggEXY2EtcHViLTc4NDcyOTYyNTQyNjUzNTGgAcX_nrkDyAEJ4AIAqAMBqgT4AU_QgT7RwIr6y4wkH-O-tLsE7wfIBDrCZetobxbKvpMUTCypEuJwu2de8BNgbTLGBe6NdaLX6FJidsdEJE4x3A4YRKhFCXqK69R-VLkGMptY5Vm0bAAlEk3EN4ZO8khm2-JTGbcWKSgv6z7goft9hkDKKeh_I5DpZH0bTO7jzGO4jXxwc_hqdUG6DrEOi9vAhTTQwvMTKqHidod74B70Xhulf7FP8Ubc8LaefBOG-zIRqIfJfzMOlgSL482dp9sfIFeQuZYQY-uqYJEqv5LuCXAAd2WaU5TnRoRuxpu4AevsOYsqfiqPjm29ropXA7Oq3epHOdr5VZqb4AQBgAaonPzo7OvXhsgBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc4NDcyOTYyNTQyNjUzNTEYiq8O&sigh=v9X4bCXkxMw&uach_m=[UACH]&cid=CAQSPwCsnQUxPXPU1lO3RmUQxGcx5ERazn6GlP0hIwmvRBNyIBHBXANAhZGMOKx7rzTZZqOr2MActfWdU7MGj7xq8RgBIBM
Frame ID: 8B5AF797A3028E9E665224F80252C4F6
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 70C85903490A576A14AEB79E35E907DB
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 89E9D14EAC81FB3EB00BE9FB0862FDFD
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88B2856F2CD228CB1CDFA4D779A777BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5A6683966469165B9340C2927CF40C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vester ’s Presentations on authorSTREAM

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

94 %
HTTPS

0 %
IPv6

19
Domains

32
Subdomains

25
IPs

5
Countries

1139 kB
Transfer

3373 kB
Size

15
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://upload.authorstream.com/multipleupload
Title: Upload

Search URL Search Domain Scan URL

URL: http://upload.authorstream.com/upload-presentation
Title: Single File Upload

Search URL Search Domain Scan URL

URL: https://fivem-servers.com//
Title: https://fivem-servers.com//

Search URL Search Domain Scan URL

URL: https://apps.facebook.com/authorstream/
Title: Facebook App

Search URL Search Domain Scan URL

URL: http://blog.authorstream.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/authorSTREAM

Search URL Search Domain Scan URL

URL: https://www.facebook.com/authorstream

Search URL Search Domain Scan URL

URL: https://www.youtube.com/authorSTREAM

Search URL Search Domain Scan URL

URL: https://plus.google.com/+authorstream/

Search URL Search Domain Scan URL

URL: https://pinterest.com/authorstream/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/authorstream/id740514399?mt=8

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1204956152&utmhn=www.authorstream.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vester%20%E2%80%99s%20Presentations%20on%20authorSTREAM&utmhid=1409186040&utmr=-&utmp=%2Fcropbattle46%2F&utmht=1664401721360&utmac=UA-211915-4&utmcc=__utma%3D5691427.1339868597.1664401721.1664401721.1664401721.1%3B%2B__utmz%3D5691427.1664401721.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1751619313&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-211915-4&cid=1339868597.1664401721&jid=1751619313&_v=5.7.2&z=1204956152

Request Chain 77

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3NDAzMzI0MTUzMTg0MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIdCFz-fwuf86TSopVLeFHA&google_cver=1

Request Chain 78

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=60ed1d94-cb97-4646-85a1-03d344fa9349

90 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.authorstream.com/cropbattle46/ 54 KB
14 KB 11494ms
11287ms Document
text/html 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 01bd0e5bbdc35a1a19c4ecf821f7263db4cf75a62687f4932b34f2057f7e1237

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 751faef268985ab0-MEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 21:48:39 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd1xFc6DGdSo6RP5LJEqu0UrcWlJAFiZsN9iPePkUG4i%2Fke8qX5vTQAu1YUvTKPwRMGYthuLmN9TJqFj1ckA9t0RaKsZfmSQvqCzaRueH8PXde%2BGCE6dq3uRM6YFzPbbfnjcJR1sqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET

GET
H2 200 profile.css
www.authorstream.com/asset/css/skin01/ 7 KB
3 KB 108ms
107ms Stylesheet
text/css 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/asset/css/skin01/profile.css?v=04052015
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d613e6d5f1ecd7f1af778c49721a6097c9ce8fd9ff5830b3fb259b1cb5fcf8bb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Nov 2014 16:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1059
etag: W/"04225b897fecf1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uzp7KC9tBfvYkKiM7Hi9hloptOKll6yff0qb6wEMXsp8PnqQLqwAQgrqrNgG8hqguwsF%2BUB%2FTZ9QS0tHX3mYCN3zeuyPvCR7MlDl6G2OUYLRlcCTx7OosipPGQW71uwI%2FMOOo%2BMjWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 751faf390eff5ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 WebResource.axd Show response
www.authorstream.com/ 20 KB
4 KB 315ms
314ms Script
application/x-javascript 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/WebResource.axd?d=VIwj5__4WC9nbmv3OjyR0jVNaeMqZJ4AJHiSIRRN7o_PAvqjvVbjWuuseV4R8JLSiLfXpsuB9ayn8byc1Rp5Ncu6EEs1&t=637291883023430478
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Jul 2020 13:18:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 2.0.50727
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsaWbr7l%2FQcMMRRBiEXqkoJbXEPPgy6qjx6UqTqPW4EKMRVeggkZHlAJY6LXFrOOvaWEK9r9DkIcWyMngk6EV6xabA0FEutHpidsn%2Fs2imjeLUOE%2FKXp1zgo6oX7%2BmDjAq0%2B5e4mcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
cf-ray: 751faf390f015ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 28 Sep 2023 16:55:15 GMT

GET
H2 200 WebResource.axd Show response
www.authorstream.com/ 733 B
675 B 919ms
918ms Script
text/javascript 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/WebResource.axd?d=mlBesx2C-GsBmMjUWdX9CUaolQl5kkXXdgbq_lajCSKK9iNa1hXNvaRktLCnLeFc9qZOIqnndH-JAaWFYH1XzWP0RyllTWnGcblLGrl1neAZZQFkn9EWsN9yx78wJZoJ_f0TserJMHkwIC2dnkO3BQ1idcPAO3zUFhtPlAqtGcT0-VRS0&t=634018515600000000
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8847142a3d89c2021670762e83a28e3240822a54eee5ddaceb2337e9b22e04b5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Feb 2010 23:26:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 2.0.50727
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BREEo4d9yZhsxdVDxQSwfCJt5aUgLB9LFybmP6O8y1LH836Gir60fGx%2FV5nfXbA%2Bb%2FvRgeH35c4r9fDYoes5ss3ZhiWG2gW7DgfqjCsSIcpdZ7cWo1c6vXg2KxvBYxDRpllwLAKjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public
cf-ray: 751faf390f045ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 28 Sep 2023 16:55:16 GMT

GET
H2 200 ScriptResource.axd Show response
www.authorstream.com/ 82 KB
21 KB 1129ms
1128ms Script
application/x-javascript 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/ScriptResource.axd?d=FsJDUXNowcVUCqOQh2BPDDUmcFpcYgPkcms3xwPLHjyhASt6kJ42-FOYyS5xkKV_2omP8fkFe1zEyTxzHo1nNJka99fNIB_p6wc6v4HmfRuOzcghtC4b-oX3bVu0LtUYyrye0g2&t=634456407600000000
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5b3436030f82bbf403c7d805737a45205393ac795106d22d1bdc83dd03a00e7f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 07 Jul 2011 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 2.0.50727
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HvZPTFevbZd2Q8qLuaLVPucdZuMdtsoI%2Fle8DjoEI%2BGXJOrqXDI%2FbYr9BCOAozGuQJwMfdFn2r1CfGHVwf8B2KA%2Fa13jA4a7acqVKJLfwm1oepG7%2F8cek33O%2FpdML1blHLvsysPvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
cf-ray: 751faf390f055ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 28 Sep 2023 16:55:16 GMT

GET
H2 200 ScriptResource.axd Show response
www.authorstream.com/ 29 KB
7 KB 891ms
890ms Script
application/x-javascript 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/ScriptResource.axd?d=r0B38pSP6dJGscx8Y5koSkTC7jblyYZT26D8zAASCwmjVaqEViNw8DtgAFIMWUyQFU5E3HTah6h4pq9hnGAVdvfoLLstYWDwAEygE0wqJA48T7dtk8ThH0E6zp4ex_OhsFiU3w2&t=634456407600000000
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 93f83c71ce8d0488dceb37b6be7be07dbed8f6299453c76b6092ec512be9ca0f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 07 Jul 2011 18:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 2.0.50727
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipohYgIC8k7zsBMPR2wDNSyWYWaxcHZ1kYFQLNXs8HWfEsaoyifrX0AaBvIwKwdZ1H69EyZrCHX1J4OmiGyrybf63b4gNVzAKCmBphg9ojSQStjGiSZ%2FOLZ55rGq%2Fzy4wCWvHn00pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public
cf-ray: 751faf390f065ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 28 Sep 2023 16:55:16 GMT

GET
H2 200 Header.js Show response
www.authorstream.com/Javascript/ 10 KB
3 KB 895ms
894ms Script
application/javascript 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/Javascript/Header.js?v=04052015
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ea07958ef9e75c93b501dc0a0bed0c9765a8b85091973285d86a467e6ed4443b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 11 Nov 2014 18:39:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"03a37c2defdcf1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09f5bIYCNd9VpPfJjxWK%2FlfUObp75BP1MMrGITp1BJ%2BpKF25m2q8sMGA7lfaYOo5%2F5QHJztWZEdoNZIQM02anIyjNNP0aw4PH7QJcNGUraSkhaRVPhzvcVmK7K1v2TdUf1pTNA4eVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 751faf390f075ab0-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 newtxt.png
www.authorstream.com/asset/css/skin01/images/ 356 B
857 B 103ms
103ms Image
image/png 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.authorstream.com/asset/css/skin01/images/newtxt.png
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 64d10996cba13f2abb570a90ce63118942e12860de88819a05e261fb4e93ab39

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1058
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 356
last-modified: Mon, 07 Oct 2013 16:15:00 GMT
server: cloudflare
etag: "0da235f78c3ce1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBM7kx6%2BR98Q2RgIQXJgA6rdbnJ3pJdX08u9eOieMYX8N%2FwsbsS3b0t%2FnMxTpPsVEHhSrvT6oBx9fWlSH5xorSkR9AwIQit2PQkNT7CC8TPt4e4dJ9VTJQ2AWasC8vCqxjeW%2Bjq9QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 751faf3eb8c95a55-MEL

GET
H3 200 profile_defaultuser.gif
www.authorstream.com/asset/css/skin01/images/ 2 KB
2 KB 108ms
107ms Image
image/gif 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.authorstream.com/asset/css/skin01/images/profile_defaultuser.gif
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bdcd4339130977a3aad3b8a44e6ff8a39114bf5a04c197d3aa6ff1e0e9750c41

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1058
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1858
last-modified: Mon, 31 Jan 2011 13:21:00 GMT
server: cloudflare
etag: "04697b349c1cb1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvnGIaYggIPivXA9QMk0SDw1203M79KgIDNTKojhSL%2BFXdCy9XhMA9vXZMuDJkMv1zaqhASkB5cUckCwGk7Czb7DjT4InT%2B1vHFz3fFOf1eB8ELfyXG5rSBcanYVuShflS9fAVJyGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 751faf3eb8cb5a55-MEL

GET
H3 200 FormShield.aspx
www.authorstream.com/cropbattle46/UserControls/Profile/ 5 KB
5 KB 914ms
914ms Image
image/png 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.authorstream.com/cropbattle46/UserControls/Profile/FormShield.aspx?__formShieldID=FormShield1&generate=image&properties=F7DC2E807AEE4EEC3AC09918430A0D86C59EAFE3A59B7DA0B1D662A35DD6C38C6118CC24A1DBE2B79B076029A63981A067EFAD5A41F1054106F4811EC4277673FB068A435FD67954CB650B13476095DAB4B615B739B9B229EDD9023138813CF471E7F3C273B38D0502B39B0ECD20D756
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 46966a0d75448308505e80480e6a9df8b104aa28fad06a71348d36bd86286d3c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache,no-cache
date: Wed, 28 Sep 2022 21:48:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADOQTmWKPFcENK2PkX8BbjtpyxzRkP65AuxWS36TOwdxdZZrviVFmHqgiax8EEDyvWNJmRHvbLFy%2FptDfLy7Is7Uv31ScMi77hTmemXjKY90H6OzxjcgbKBvUGQnuZ%2FjXZYktYag%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
cf-ray: 751faf3f69a15a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5134
expires: -1

GET
H3 200 WebResource.axd
www.authorstream.com/ 875 B
1 KB 885ms
885ms Image
image/gif 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.authorstream.com/WebResource.axd?d=dhGsqe3gX8y1dd4x6TQTgxko9ZwlFm_3joifTEK_r3cCD1lvimPdCgpfWSnY5uzZznV3HnHIAx4eRn4o4JwofBXF-mBN_7RjUhzXWBLaA9tHm37C77GY1Vu0mpl1w3vPfTusWT1vfhcUlxEJLYqtPj1NE2c1&t=634018515600000000
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ef9d011c7df9b1524ce72018a178b1cbc24a2bb32d27280a1c8174832d43f3d0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:41 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Feb 2010 23:26:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 2.0.50727
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63WjDSABG2z2tqcsZoTPI%2FJI0GOX0y8yRdBaES1tsbfFLXidgUF%2BpIpY0XJusfgHWmlu7ipJCMcNo2IEjlOZaTqZgriw671mCzXBfSCpjWdJXYHemxCtsIJ%2BDAWVPgRdtzT3ddaTNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public
cf-ray: 751faf3f69aa5a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 875
expires: Thu, 28 Sep 2023 16:55:16 GMT

GET
H3 200 WebResource.axd
www.authorstream.com/ 884 B
1 KB 884ms
883ms Image
image/gif 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.authorstream.com/WebResource.axd?d=jbC4Bgt0vp4y1C8chDUYqGkIKU0xihc8Nag_83N0NDQMBWAtRLVBeM4bgctFtsl9nv9xvUU6TjzNeyPPGqKtfUwRsyUWVs4QQ8ws3vEoldIljO_rI3MI6hRIuwsnNC1TXxiwCE02wbLCjeoF_AgxXK-s1Vk1&t=634018515600000000
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c83b801b2fc192e555da8407e684d998406db6958561c4aa3c5519a1ed94979c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:41 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Feb 2010 23:26:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 2.0.50727
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJofGLBgZuASz7CEloX5ATrItZ7jnGpCasUmeQbWYgBjgR0FOjKpmhVQL0KVxiKPh%2Fytt06L6ZPOm3VHLsar12Ens1JKdnk%2BNApqEimkWiNCuT414f9f1a0QwzQCb0y0aaW%2Fn5aXaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public
cf-ray: 751faf401aa25a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 884
expires: Thu, 28 Sep 2023 16:55:17 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4/ 77 KB
27 KB 529ms
181ms Script
text/javascript 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

sffe /

Resource Hash

517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:03:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27266
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 15:03:12 GMT

GET
H3 200 JScriptProfileLeftPannel.js Show response
www.authorstream.com/Javascript/ 283 KB
67 KB 1160ms
1159ms Script
application/javascript 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/Javascript/JScriptProfileLeftPannel.js?v=04052015
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4db98298945202552f2910f29b9dd7690ec69abe2a8c2c5fb9900093d74ab87f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 07 Jun 2018 21:25:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0f8e2ffa5fed31:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chzM%2BGM5PzVCsUpsLCimHzg6qxgMdHfVIia7yxqZqy%2BydgXBT9YrDv9uKICTVzzEssUQWG6b7nrTuzxWYlvM96%2FcrbKaMFxCP5EhWQLkrlWFKI6EG107bneEUTNkqospxxaiEb4i%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 751faf3e98995a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 531ms
183ms Script
text/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

sffe /

Resource Hash

534a53d39ef25508040154dad23052489294ade5253ac270051f5830da21c985

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 21:48:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20362
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "5f35d22782378ad2"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 21:48:40 GMT

GET
H3 200 main.css
www.authorstream.com/asset/css/skin01/ 65 KB
14 KB 106ms
105ms Stylesheet
text/css 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/asset/css/skin01/main.css?v=12112014
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/asset/css/skin01/profile.css?v=04052015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: caa20d7e8b2993a0420a41004f6326b65717531b212e5ec2977030ff2beee7b8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/asset/css/skin01/profile.css?v=04052015
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Nov 2014 17:50:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1058
etag: W/"0146dbfefdcf1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wasTSl69ko%2B49P60SqL2IIzluu%2BB7unjvohT8hJZUaJKVxUileSVgo7WVKVtA5SmzMFFxsdUb1SjBGYrGbQFKxBYDkXWq3SGXnSBaFkfPbvKY4YaUHfkky4zwnv9018TsIHLmj364w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 751faf39aa375a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 521ms
180ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

137671057898665ab14e11accd89c6c7d7536ef78d6e41429dd15d66cefc9f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27721
x-xss-protection: 0
server: sffe
etag: "1348 / 62 of 1000 / last-modified: 1664363254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Sep 2022 21:48:40 GMT

GET
H3 200 sprite.png
www.authorstream.com/asset/css/skin01/images/ 39 KB
40 KB 108ms
107ms Image
image/png 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.authorstream.com/asset/css/skin01/images/sprite.png?ver=02062014
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/asset/css/skin01/main.css?v=12112014
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 07955f8bc553a72866a6af5054683808110887748a373a74f8deea6bfe82eac3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/asset/css/skin01/main.css?v=12112014
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40104
last-modified: Mon, 02 Jun 2014 22:13:00 GMT
server: cloudflare
etag: "03e88d0af7ecf1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21dljx3qL7AnLY4%2FiEay8TzhDjJkMW5JT7zHoHfiYin3Rr2jbxw44T00ejhZ197BCxtm6CL3mOSwutYpuILGlzVyWcU6BRtwwXElDeJwdRRJjDn87al1vI1eau%2FnrJnZ1GqoYMnQWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 751faf403ad75a55-MEL

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame B4CD 33 KB
15 KB 780ms
437ms Document
text/html 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=189714297746419&href=http://www.facebook.com/pages/authorSTREAMcom/20531169249&send=false&layout=standard&width=250&show_faces=false&action=like&colorscheme=light&font&height=40

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

26a7336e61e700004321d198b3a65df2877f73175132a11fa84fed00756b65a8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.authorstream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 28 Sep 2022 21:48:40 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ToIwkuZ85izn/TNs7hkDT03BbUXrE4KDGFIVDDkhQMLu9ToXZMWTpt4WDeGwB0UUBEYpzFJaBb5yvO15JcMsMw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 515ms
171ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

4a956ff034e9e794e921a04cdcc99b2f16d10e6dc9c2e69ae3e7e171659b4f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 21:48:41 GMT
content-md5: PPdl9fHLSrF5l4/UCPmjyg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: a2/Nn05mHHSzvbzVM24zsgd3BUXYLh4Od/EUxE8CSRt+6RsrBMxECZgdPHTHo3k7Ik9azjO24TL6hmD/flq1vw==
x-fb-trip-id: 548340344
x-fb-content-md5: 271f50149a6f6d7ea213b3db1cc62ebc
cross-origin-opener-policy: same-origin-allow-popups
etag: "cef64cb3877063cd3664f675821682bf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Sep 2022 22:05:22 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 527ms
181ms Script
text/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 20:12:45 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5756
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 28 Sep 2022 22:12:45 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 146 KB
50 KB 179ms
178ms Script
text/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

sffe /

Resource Hash

c1821b9b1a07384ad285774138d30697bf5c6f8c5abd5dd39d262d71c0b3a848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51184
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 07:06:28 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 99 KB
34 KB 187ms
186ms Script
text/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

sffe /

Resource Hash

cd0d0ed99dfbe17e916653f52b3461b20ef311755771e359c129315f10a9c3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34613
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:13:39 GMT

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 919B 0
0

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame A2B6 0
0

GET
H3 200 pubads_impl_2022092201.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 523ms
181ms Script
text/javascript 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

sffe /

Resource Hash

b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131358
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 08:36:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Sep 2023 03:59:34 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 101 B
727 B 533ms
183ms XHR
application/json 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.authorstream.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

537b3147ffb480f8049190668ab82d07e01f563bb5966fc0e1d87d016af11b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Wed, 28 Sep 2022 21:48:41 GMT

GET
H2 200 ZSlOBDi037J.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y3/l/en_GB/ Frame B4CD 569 KB
141 KB 174ms
172ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y3/l/en_GB/ZSlOBDi037J.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=189714297746419&href=http://www.facebook.com/pages/authorSTREAMcom/20531169249&send=false&layout=standard&width=250&show_faces=false&action=like&colorscheme=light&font&height=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

4d426790c5e497e64bb2a437b084b09dbc25578e3f2649b1bac01414372f8414

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: i9VnFijyLb0jMYrrIl1TBQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 144236
x-fb-rlafr: 0
x-fb-debug: R8cvM0iMx5ETBGWcGBQzmS393xQZbrtscd9jh6CFBoLt9KFAwG3P0H3TzWZKsp8I9uqJYAkE/n+xyIh8VamfJA==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Sep 2023 04:09:07 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame B4CD 299 B
522 B 171ms
170ms Image
image/png 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:41 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: srtWkGXp6I2p00FKqoCteMYYVtWnOGng2MPAMOB6nAdWSbNzF8gsQSQoH1cVWTWjjh9hw9Xrb5EbM2ayB8WARQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Sep 2023 19:54:35 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 319 KB
87 KB 346ms
171ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90fcc18e246f5340154aff0e704df1c4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

1845620a70ecf35c90ce0483cfa1755afc97bd70ef266526538d7b7b1c88b8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.authorstream.com/
Origin: https://www.authorstream.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 21:48:41 GMT
content-md5: /G4sK1vyt0uUqtBOokJ/pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88832
x-fb-rlafr: 0
x-fb-debug: MiMWVH0s8yNVBF8LWsqx5lzOOg/Qirb9PKGISjowKEUnxU7CA0OPY4Y+zME3Rp9AYDQ5VVB5yaRy/5q5yGXl/A==
x-fb-content-md5: 7bb2fe9e96421c764d1804316e93ec68
cross-origin-opener-policy: same-origin-allow-popups
etag: "c56c714fdfd2ec049472332acc63a84d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Sep 2023 19:49:21 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1204956152&utmhn=www.authorstream.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-211915-4&cid=1339868597.1664401721&jid=1751619313&_v=5.7.2&z=1204956152

35 B
430 B

526ms
182ms

Image
image/gif

142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-211915-4&cid=1339868597.1664401721&jid=1751619313&_v=5.7.2&z=1204956152

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 21:48:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:41 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-211915-4&cid=1339868597.1664401721&jid=1751619313&_v=5.7.2&z=1204956152
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 transparentbg.gif
www.authorstream.com/asset/css/skin01/images/ 43 B
537 B 109ms
109ms Image
image/gif 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.authorstream.com/asset/css/skin01/images/transparentbg.gif
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 14acd582df7dc1168c3f3f96f6539df0099560997c2ff5e601ea3c4c98cb6ae3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1058
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Thu, 08 Jul 2010 06:15:00 GMT
server: cloudflare
etag: "08a22e5641ecb1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3k92rL9OttT8pixY5XI55JxgrXbpzhF2vbFGq4z3oSOB4EYiwF1eGeRzNLEK7h4%2F65RMFVw78Hrey9df7wMyczGXtxcksa57nDPJ4DrMnU8jEqhUK0NSm8G2XGulHyCppyDAu6PUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 751faf48dec35a55-MEL

GET
H3 200 AjaxServerResponse.aspx Show response
www.authorstream.com/action/ 122 B
639 B 308ms
307ms XHR
text/plain 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/action/AjaxServerResponse.aspx?type=GetProfileLPCountDetail&UserName=cropbattle46&isOwner=0
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/Javascript/JScriptProfileLeftPannel.js?v=04052015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ad7d9ae45b9ed6c91542bd6cd042c1fa5b63b4da24cd26acdb8e0d1dd872dd36

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/cropbattle46/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDAGl%2FzF7lavxLPAqnLEQFZcUWGNv22SWApKnw0bjap12p0x0KERNrqmMvx6fDfF1RvIM2DL6r1T3grXNJywHo6%2Bk%2F8yCknoL%2BG7Nf%2F%2FYMxMnWuiAThNpLNkXTAq6DZS%2Fyg%2FxyLRlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: private
cf-ray: 751faf48eee05a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 26 Sep 2022 21:48:41 GMT

POST
H3 200 CheckFollowUser Show response
www.authorstream.com/action/ajaxserverresponse.aspx/ 8 B
501 B 1322ms
1322ms XHR
application/json 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/action/ajaxserverresponse.aspx/CheckFollowUser
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/Javascript/JScriptProfileLeftPannel.js?v=04052015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 47dd31d39f93b6b4cb95f0650e93ba9054301574341e6835186dfc937cb59014

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.authorstream.com/cropbattle46/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 21:48:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0p91kRsVLf0roy967KN8fZ320BymjDtfWJay22VSTkpEjLkABoF4fLsYZTVA%2F8O7dz%2FG1beX0CLA5%2BqM1hu3W8664oa%2FbMtyQiUqwkMv%2BjDlMj%2Fp41PZk4rRH%2BPdgwEEO3oMa%2FsaKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 751faf48eee65a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8

POST
H3 200 ShowProfilePrivateMessgeLink Show response
www.authorstream.com/Action/AjaxServerResponse.aspx/ 4 B
496 B 909ms
909ms XHR
application/json 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/Action/AjaxServerResponse.aspx/ShowProfilePrivateMessgeLink
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/Javascript/JScriptProfileLeftPannel.js?v=04052015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.authorstream.com/cropbattle46/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 21:48:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bat%2BFPDNQy6ww%2BDkz67KipJCJr21mZWQcWONJA6awkfiE7Lt7djXJM50HsufMY1vhU9AJE2moc%2FWk4WjwE858R93i2GTUud4xA5DWYgnul%2BP2ret8LABTztO2RjT8nVK6mkdA%2FC%2F0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 751faf48eee75a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4

POST
H3 200 GetCountryCode Show response
www.authorstream.com/fbloginmethods.aspx/ 2 B
492 B 808ms
807ms XHR
application/json 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/fbloginmethods.aspx/GetCountryCode
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/Javascript/JScriptProfileLeftPannel.js?v=04052015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.authorstream.com/cropbattle46/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 28 Sep 2022 21:48:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBF6NPltcOqiKSskiLG9fJpKnMZ9iGMY0JIJde4baB%2Bn72yYWM8y%2Fd%2Fsb0XmgJlYf%2Fgfkkkcp2PiKQeB1RSc5ASLfnxAtutwWFt1EDGMKE9r9vSiM%2FIHjLGRJauYOUH9D6uiSKhxXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 751faf48feeb5a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

POST
H3 200 AddRecentVisitor Show response
www.authorstream.com/Action/AjaxServerResponse.aspx/ 4 B
492 B 930ms
930ms XHR
application/json 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/Action/AjaxServerResponse.aspx/AddRecentVisitor
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/Javascript/JScriptProfileLeftPannel.js?v=04052015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.authorstream.com/cropbattle46/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 21:48:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGOaMmvemg5FXV5JJNc8S2GnrLSQ%2Brd6XCAeIGfvxo83pbglnVDaCf%2BFDOyIZzZzT1JzXhzMGHF1rv2VQOYQ5WPt0dWAwRK%2Fnw1H8DS86scHhEdaVGMqelVsU6IHSCept53U2eX46Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 751faf48feed5a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4

POST
H3 200 GetProfileActivityPresentationIds Show response
www.authorstream.com/action/ajaxserverresponse.aspx/ 2 B
494 B 1393ms
1393ms XHR
application/json 104.21.64.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authorstream.com/action/ajaxserverresponse.aspx/GetProfileActivityPresentationIds
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/Javascript/JScriptProfileLeftPannel.js?v=04052015
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.64.23 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.authorstream.com/cropbattle46/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 28 Sep 2022 21:48:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeRYOVsK0gJUqR%2FyfPPRTwJBTohKKRh9oN3A27mXbSukvcQCowia9Cjrmv%2FPT2x%2BbKW5CLCtB%2B7KPch8mrNBLqf%2F3sHzmm5paIhl1V%2BOUi3AqvC4jOn9ENzdkbaDDT59z70CKepyzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 751faf48feef5a55-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame D696 566 B
902 B 522ms
184ms Document
text/html 172.217.194.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.authorstream.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f84.1e100.net

Software

ESF /

Resource Hash

0e0b82ade9c94250c61721e40b0fbeeb119b774ba8a1599340d318b944d00ea0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8aoNyEYJJ8S7NNzpoXRtrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.authorstream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8aoNyEYJJ8S7NNzpoXRtrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 28 Sep 2022 21:48:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 562ms
388ms Fetch
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=26672622939&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=90fcc18e246f5340154aff0e704df1c4

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 28 Sep 2022 21:48:42 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: LrVaJlEnuAAPrNn7dGb/KL/IBdr4JdtSc8zAHQpTsebet9nk2oxSFJhWOGH+A4wAH67AiR8iTIISftca8GB1AA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.authorstream.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 cspreport
accounts.google.com/o/ Frame D696 0
250 B 483ms
182ms Other
text/html 172.217.194.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f84.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N2ZvBDeIZObyg7Wgp0bXgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.authorstream.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-N2ZvBDeIZObyg7Wgp0bXgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame D696 10 KB
5 KB 526ms
179ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.authorstream.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 04:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 22:13:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 04:58:07 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame D696 14 KB
5 KB 180ms
180ms Script
text/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

sffe /

Resource Hash

ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 21:48:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "57666e60922e2537"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 21:48:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 533ms
184ms Script
application/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.authorstream.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 527ms
182ms Script
application/javascript 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.authorstream.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
20 KB 568ms
567ms XHR
text/plain 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=205757151903941&correlator=3640861614926494&eid=31069353%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=18998042%2CProfile468x60%2CProfile_Page_Left_banner%2CHeader_link_back&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=468x60%2C300x250%2C275x31&ifi=1&adks=1228988099%2C3225163688%2C4278447721&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1664401722476&lmt=1664401722&dlt=1664401719154&idt=3295&adxs=644%2C309%2C-12245933&adys=279%2C513%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46%2F&frm=20&vis=1&psz=468x60%7C300x250%7C175x31&msz=468x-1%7C300x-1%7C0x-1&fws=4%2C4%2C132&ohw=1600%2C1600%2C1600&ga_vid=1339868597.1664401721&ga_sid=1664401721&ga_hid=1409186040&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

03d516c02fd68fc228cf1b133ff890b676a9bb844cf92df7580eedf49bc3e035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20877
x-xss-protection: 0
google-lineitem-id: -1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.authorstream.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F11 6 KB
4 KB 524ms
180ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.authorstream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:48:42 GMT
expires: Thu, 28 Sep 2023 21:48:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame D696 53 KB
19 KB 179ms
179ms Script
text/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

sffe /

Resource Hash

98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 01:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19063
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 01:34:27 GMT

GET
H2 200 container.html Show response
51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 99A6 6 KB
3 KB 480ms
179ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.authorstream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:48:42 GMT
expires: Thu, 28 Sep 2023 21:48:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2212 6 KB
3 KB 483ms
182ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.authorstream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:48:42 GMT
expires: Thu, 28 Sep 2023 21:48:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8B5A 0
0 188ms
187ms Fetch
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_kIQOsE0Y7z-JMzLrQHT4ZGQAZiZlI1cnZy51YoKwI23ARABIABgpcCjgKQBggEXY2EtcHViLTc4NDcyOTYyNTQyNjUzNTGgAcX_nrkDyAEJ4AIAqAMBqgT4AU_QgT7RwIr6y4wkH-O-tLsE7wfIBDrCZetobxbKvpMUTCypEuJwu2de8BNgbTLGBe6NdaLX6FJidsdEJE4x3A4YRKhFCXqK69R-VLkGMptY5Vm0bAAlEk3EN4ZO8khm2-JTGbcWKSgv6z7goft9hkDKKeh_I5DpZH0bTO7jzGO4jXxwc_hqdUG6DrEOi9vAhTTQwvMTKqHidod74B70Xhulf7FP8Ubc8LaefBOG-zIRqIfJfzMOlgSL482dp9sfIFeQuZYQY-uqYJEqv5LuCXAAd2WaU5TnRoRuxpu4AevsOYsqfiqPjm29ropXA7Oq3epHOdr5VZqb4AQBgAaonPzo7OvXhsgBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc4NDcyOTYyNTQyNjUzNTEYiq8O&sigh=v9X4bCXkxMw&uach_m=[UACH]&cid=CAQSPwCsnQUxPXPU1lO3RmUQxGcx5ERazn6GlP0hIwmvRBNyIBHBXANAhZGMOKx7rzTZZqOr2MActfWdU7MGj7xq8RgBIBM
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f155.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK /
b1-sindc1.zemanta.com/bidder/win/googleadx_display/51f41873-3f77-11ed-b07e-3f77d5fa467a/YzTBOgAJPzwKK2XMAARw02p0g5Kf2v7rSYrhdA/HJV3PQZ4KOUXGY5V44PIM22SKQG4HII2XXPGPUURXG7SQNXNW3NPX3LFE5NCNMZVW4LU2A... Frame 8B5A 0
0 519ms
171ms Fetch 23.108.101.160
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/51f41873-3f77-11ed-b07e-3f77d5fa467a/YzTBOgAJPzwKK2XMAARw02p0g5Kf2v7rSYrhdA/HJV3PQZ4KOUXGY5V44PIM22SKQG4HII2XXPGPUURXG7SQNXNW3NPX3LFE5NCNMZVW4LU2AEDKO2ASNDUMGKHKRBI4T3QKBXDQXZTTFTJWSOQQ7THG5CXIIMLY6Y4RNW6YCRK5HGFAMRM4OEMB7GIX7ITT7U4TSDT7ES4HUZS6WM6VBTFOH56L4LY2MQXHN3W4PII6SNDUAO43F7Z6CLIGYCB6A3APES2TMIDQPZ52UC3HIRNDI6ZI3JLE6LVYDPSUA7RQZAJNJWQU6AJHLDKW47IJ2QPTKDDVDXA2Y3BDUJXY5ZRPLVN4HFFRAQOCGMIDXYBS7SVCPJ224VBIHCG5WQ7AOHMF7SPZ7PBFAEVJKWAIOU2W7ZESFYFUMRNERM5UTO7EOGZI5BARJZ455Y2NGQ4FORNA25FWQ5BQTVLJXAQVXSBLVD3KC6JUWKO5IN62CBYHQVFSQRDYLTI7FXJDCCAUD2QDJ2D7IJE3APCY4STYSKA3M2CKZKGGE4OWI6Y/?
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 28 Sep 2022 21:48:44 GMT
Content-Length: 0

GET
H2 200 widget-320x50.js Show response
widgets.zemanta.com/1661433531/ Frame 8B5A 11 KB
5 KB 271ms
87ms Script
application/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1661433531/widget-320x50.js
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 005a03a2f308a028baf0e8c890c3dfd430bae09dc95c3d6098b3e00cba7db3a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jW1YZ3bLUhl4XSXQNT5bJjM2OJ8xNTUS
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Sep 2022 21:48:43 GMT
x-amz-request-id: HKP660JFZMRM1NZ6
age: 35
x-cache: HIT
content-length: 4392
x-amz-id-2: 8rElMw6f0pDcwYdn80V87KNVj3AmOhzCQ4GNv6PzrpKlOMFjslK17mVgY72hnKtXq4Q5M1sNS+8=
x-served-by: cache-mel11253-MEL
last-modified: Thu, 25 Aug 2022 13:20:31 GMT
server: AmazonS3
x-timer: S1664401724.794258,VS0,VE1
etag: "18662d1b3e8de77a26572d47f1f55687"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 8B5A 3 KB
1 KB 480ms
178ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 20:49:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 8B5A 17 KB
8 KB 520ms
178ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 18:31:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B5A 0
0 566ms
227ms Image
text/html 142.251.12.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRo2eyDgxRKAUGoT73JkUg-NTjDlEdH9bXYePYcqaVT5ks_PcULqC-4ZU4KZzugDaGuDDmCOwfCDFdoF6jFUm6cwQjRWg
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8B5A 22 KB
7 KB 415ms
345ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 22 Sep 2023 12:05:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B5A 140 KB
44 KB 270ms
182ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 21:48:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2212 0
0 188ms
187ms Fetch
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTdW_OsE0Y73-JMzLrQHT4ZGQAazX_fBktPaok-ILwI23ARABIABgpcCjgKQBggEXY2EtcHViLTc4NDcyOTYyNTQyNjUzNTGgAZX1m98DyAEJ4AIAqAMBqgSGAk_Q2Oc6hZNK6uJnR1hp94QrwWHkNwisEva7YA5EKs4JZw3h81Fj2E4GtFEXPWyEpBd6Ur16lOjW-5mzfHnF3xg6tJgMI-e542qM3S8ROsnlW_0pxFvKm1aFhFvzckATbadDYKgUNWZXfpizbkiA_Vy_usSDTrgCA_o86Tjrt1QWy-C7Xo9IiJmWNJCn3gs9xyGi49vSyCf3FuKQ9V5EUagaJ8rxv_kItS-YMWKjadlH9sUGTfUHdLKoN-32mc47gKTBq6LV5dIlRT1QzM0bjs3kE682JWE4sIZI6CbKSQUEoNW5tGzsRklZ_eR_k5fZRA8E3SY9UYpyGw5gzgWQ3Uv4D43gfn3gBAGABtrisZ7Kkva7NKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA4IiGEQATIDioIBOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi03ODQ3Mjk2MjU0MjY1MzUxGIqvDg&sigh=QcCsnW_V0Wg&uach_m=[UACH]&cid=CAQSPwCsnQUxPXPU1lO3RmUQxGcx5ERazn6GlP0hIwmvRBNyIBHBXANAhZGMOKx7rzTZZqOr2MActfWdU7MGj7xq8RgBIBM
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f155.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 log
hblg.media.net/ Frame 2212 35 B
0 558ms
184ms Fetch
image/gif 23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=5.790388E-4&viewability=80&device_id=4&cbdp=0.104&slotVisibility=1&dn=authorstream.com&acid=a71a19ae40054dd49fd185819b286f39&ugd=4&size=300x250&pvid=4&csip=rtb-common-istio-7bf864cd55-9m92p.SG&ogbdp=0.15&prvReqId=63886266973104_1998877493_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46&scrid=1700080807683300300025000039600&mang=1&bidrestime=1664401722744&cid=8CU3SX34C&rme=nurl

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-108-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:44 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 28 Sep 2022 21:48:44 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 2212 35 B
0 868ms
282ms Fetch
image/gif 42.99.140.216
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.1500&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=3.0&adtyp=0&req_id=YzTBOgAKsjQK1RsnLQY_Ew&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=70.0576&exp=&fdbk_id=&second_bidder=*&search_res=31&floor_bucket=0.00&gpid_format=&seat=BID_API&size=300x250&url_l1=cropbattle46&f_seg=&prdp=0.1035&ogcbdp=0.1500&dfpbd=0.1035&server=1&ogerpm_wd_bkt=0-1&model_version=202209280323_generic_adx_1-cid_1&viewability=0.8000&dmm_r=0.0000&cut=31&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=AU-VIC&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.15&ugd_ver=&requrl=authorstream.com%2Fcropbattle46%2F&bidrestime=1664401722744&cc=AU&strg=harmony&ss=&current_hour=21&time_stamp=2022-09-28+21%3A48%3A42&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.1500&ct=Melbourne&akey=&mnckfl=0&bdp_bucket=0.15&algo=default&dc=apac_sg&splid=&dn=authorstream.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=a71a19ae40054dd49fd185819b286f39&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=1&totalTime=2662050&dmm_m1=2022-09-28+21%3A48%3A42.745705899&e_rpm=0.0000&dmm_m22=0.1500&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080807683300300025000039600&rawbid=0.1500&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-7bf864cd55-9m92p.SG&dfp_bucket=0.1&adblk=3225163688&itype=adx&pvid_seat=4_BID_API&cliIP=1741815296&advurl=topics.businessfocus.online%2F&level_base=0&crid=529820104&sat=1&br_id=265&cut_bkt=30&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.15
Requested by: Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-216.pacnet.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 21:48:44 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 28 Sep 2022 21:48:44 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 2212 162 KB
56 KB 573ms
202ms Script
text/javascript 23.207.36.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1de6a7c2b3f0387941c8ad10e556d5bec2df714cce004fb6502eb5e643c6b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 8-7
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 28 Sep 2022 21:48:44 GMT
server: Apache
etag: "969f4c03bd174197e5fb6dde419a0fff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-34
timing-allow-origin: *
expires: Wed, 28 Sep 2022 21:53:44 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 2212 61 KB
62 KB 554ms
184ms Script
application/javascript 23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-108-22.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Wed, 28 Sep 2022 21:48:44 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=83281
access-control-allow-credentials: true
content-length: 62892
expires: Thu, 29 Sep 2022 20:56:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 2212 3 KB
1 KB 455ms
181ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 20:49:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 2212 17 KB
7 KB 541ms
216ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 18:31:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2212 0
0 499ms
228ms Image
text/html 142.251.12.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMPo-n5IH4jW1gOZ3zt8YM1LywfopRpBonDqL91RiuClw9LbE743i-YDZCDCNy1oHioNWoizwV6qteX_T-jewDuZHV4Q
Requested by: Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f105.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2212 22 KB
7 KB 524ms
199ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 22 Sep 2023 12:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2212 140 KB
44 KB 481ms
180ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 21:48:43 GMT

GET
H/1.1 200
OK /
b1t-sindc1.zemanta.com/t/imp/impression/E7SB76ZDXD67DXGYAKYRI2JQW2YQREVLS76FS4H6ZDRUZC7RJXWHMUH5OJF5VJDAIM7JU5DE7MFPZBXDNEJH5MPV2CTHSYDXMT6KONERFA2QUWAGP7NP4C5OS3367VRKYWTZV27WZDWZUBAIX56NNXVTSZ6HO... Frame 8B5A 26 B
151 B 518ms
170ms Image
image/gif 23.108.101.160
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-sindc1.zemanta.com/t/imp/impression/E7SB76ZDXD67DXGYAKYRI2JQW2YQREVLS76FS4H6ZDRUZC7RJXWHMUH5OJF5VJDAIM7JU5DE7MFPZBXDNEJH5MPV2CTHSYDXMT6KONERFA2QUWAGP7NP4C5OS3367VRKYWTZV27WZDWZUBAIX56NNXVTSZ6HOVWAHYFITV2JKNEDKHOZPCR3RZ2DAK32U7XES73M7T4L5YBHBUWOEVAB2WXIWXCWTQQQSI4O7WXGN4OV24RDDVSA47GG6YFI4EDTNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZOZ6DQSE7XE4XYQUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTNUB5BKW55XIKRQ/?
Requested by: Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.101.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 21:48:44 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 show_pla
obs.cheqzone.com/ Frame 8B5A 3 KB
3 KB 888ms
302ms Image
image/gif 3.227.190.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/show_pla?id=93700&ch=%7B%22tag_id%22%3A%221228988099%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46%22%2C%22z_pub_id%22%3A%22www.authorstream.com%22%2C%22z_ad_id%22%3A72648459%2C%22ob_publ_id%22%3A0%2C%22ob_ad_id%22%3A0%2C%22ssp%22%3A%22googleadx_display%22%7D
Requested by: Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 3.227.190.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-190-204.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Sep 2022 21:48:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1750
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 8B5A 3 KB
3 KB 561ms
184ms Image
image/svg+xml 23.193.109.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.193.109.76 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-109-76.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:44 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 28 Oct 2022 21:48:44 GMT

GET
H2 200 814e1db4da5ee8dacf7743184e5242f2c0.jpg
zem.outbrainimg.com/p/srv/sha/a2/48/a5/ Frame 8B5A 5 KB
5 KB 513ms
170ms Image
image/jpeg 199.232.46.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/a2/48/a5/814e1db4da5ee8dacf7743184e5242f2c0.jpg?w=80&h=48&fit=crop&crop=faces&fm=jpg

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c2d27d35612b33122f111950fa07b31c6bb4e546ed3f9426aec7a30bc6d44fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:44 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 2537754
x-cache: HIT, MISS, HIT
x-imgix-id: 7e1d929cfcd5a517eb536661aa51e6ae5c6a800d
cross-origin-resource-policy: cross-origin
content-length: 4960
x-served-by: cache-sjc10043-SJC, cache-qpg1253-QPG, cache-qpg1279-QPG
x-imgix-render-farm: 01.1
last-modified: Tue, 30 Aug 2022 12:52:49 GMT
server: imgix
x-timer: S1664401724.273808,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ Frame 8B5A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca8a91cfd3b4fab1263f05e292ae9877ac9d8c1dee2ba41b1688041e816bdd73

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 smtr Show response
contextual.media.net/ Frame 2212 89 KB
33 KB 664ms
664ms Script
text/javascript 23.207.36.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=883899441&size=300x250&cc=AU&chnm=HARMONY&pid=8POHZR87R&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46&nse=5&vi=1664401724148680292&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44NNeg/gg&bcpf=B44NN8fOnRrolnfOur8eg%2Fgg&bdrId=4&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p0854224044t202209282148&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR-tzTzq2cANvQ%3D%3D&allsc=VIC

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

10b11b4e8176cb713beb3674f4f0013341f3ab3328af4705eed16739c02d6624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w: 21-l702
pragma: no-cache
date: Wed, 28 Sep 2022 21:48:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-tdrl
timing-allow-origin: *
content-length: 33408
expires: Wed, 28 Sep 2022 21:48:45 GMT

GET
H2 200 bping.php
lg3.media.net/ Frame 2212 15 B
15 B 227ms
184ms Image
text/html 23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=544&&vgd_cdv=805&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=883899441&vi=1664401724148680292&ugd=4&lf=6&cc=AU&sc=VIC&lper=100&wsip=2886994965&r=1664401724452&requrl=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=140952&vgd_rakh=1664401724119263599&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0854224044t202209282148&vgd_pgids=1&vgd_uspa=0&hvsid=00001664401724448017418153185165&gdpr=0&vgd_l2type=sca&vgd_end=1

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-108-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Wed, 28 Sep 2022 21:48:44 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=11229
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 70C8 26 KB
10 KB 219ms
218ms Document
text/html 23.207.36.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.36.20 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-36-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

288e958f0f5d3e214cd46d4016ac005a6bbe347a0df64eb3896400b565ba2679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9411
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 21:48:44 GMT
expires: Fri, 30 Sep 2022 21:48:44 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 2212 35 B
199 B 185ms
185ms Image
image/gif 23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4384&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=2&spSource=0&ifst=0&vid=YzTBOgAKsjQK1RsnLQY_Ew&s_city=singapore&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=5.790388E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.150&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=83432a40&scrid=1700080807683300300025000039600&itypeid=17&mx_SPRIG=0&viewability=80&renderer=1&be=0&rtime=28.0&adj0=0.0&tmax=300&s_ip=172.217.47.6&adj2=0.0&adj1=0.0&feedback_id=YzTBOgAKsjQK1RsnLQY_Ew&adtypes=0&mx_aabpc=0&reqid=YzTBOgAKsjQK1RsnLQY_Ew&sc=AU-VIC&mowxReqId=a71a19ae40054dd49fd185819b286f39_1&ifdp=0&requrl=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46&bidrestime=1664401722744&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-883899441-40-12&coppa_enf=true&bdp=0.150&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dn=authorstream.com&dt=O&acid=a71a19ae40054dd49fd185819b286f39&actltime=34&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C7%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30&dfpBd=0.104&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300300025000039600&omul=1.0&res_mtype=0&chnl=HARMONY&pst=0&reqsize=300x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1664402322997&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=883899441&ckfl=0&lper=1&mx_tgs=250x250%7C300x250&dummy_vsid=false&cbdp=0.104&pvdTmax=253&ltime=34.0&epc=883899441&ctr_vendor=EXCHANGE&prvReqId=63886266973104_1998877493_52982010441&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-7847296254265351&ybnca_erpm=0.15&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=39&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-77468cdfcd-bnl8c&currsrc_date=2022-09-28+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-28+21%3A48%3A42&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_PmzTyS2VBQrz9gWR0c0cHVudhpuewwwivLIG5-CixQaFWoCPySx4Z2X-6NU89kswt0o&dmm_ogerpm=false&csip=rtb-common-istio-7bf864cd55-9m92p.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.15&tpbTkn=false&adblk=3225163688&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.15~vw_exc%3D0.8~vis_sd%3D684~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022092811~iurl_b%3D1792.24~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.49~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D10~riipua%3D115%2C115~et%3D25~rc%3D1~rps_sd%3D2022092814~vis_b%3D864.79~url_b%3D0.56~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.15~MFB%3D1p~bm%3D1~sid%3D883899441~sd%3D0~uid%3D1HeXvGm1OgFpIXpm1W~btd%3D248904454597467091069691495248159748046737787385008203231912460276932915412016620179456~d2p_l%3D30~3pcf%3D1000~uim%3D0~og_msh%3D0.09~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.95~vurl_b%3D1.03~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D38.06~vurl_l%3D20~CI%3D2743~nts%3D2~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.97~isif%3D0~lc%3D2~bid%3D0.15~dc%3D8~vl2r_b%3D4.54~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.8%7Eamp%3D1%7Ecbdp%3D0.104%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-7847296254265351%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3225163688%7Esobp%3D%7Ectr%3D5.790388E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.150%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D253&utime=1717&sf=0&cpr=0.5495063252637997

Requested by

Host: 51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
URL: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-108-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Wed, 28 Sep 2022 21:48:44 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Thu, 29 Sep 2022 03:48:44 GMT

GET
DATA 200
OK truncated
/ Frame 2212 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 265ab0d528fd455ddcf7cfd1c96beba4448a52238e027f706ca92bc00833b0a8

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cksync
cs.media.net/ Frame 70C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3NDAzMzI0MTUzMTg0MTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIdCFz-fwuf86TSopVLeFHA&google_cver=1

45 B
445 B

203ms
203ms

Image
image/gif

23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIdCFz-fwuf86TSopVLeFHA&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-108-22.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:45 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 28 Sep 2022 21:48:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIdCFz-fwuf86TSopVLeFHA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 70C8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=60ed1d94-cb97-4646-85a1-03d344fa9349

45 B
451 B

205ms
200ms

Image
image/gif

23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=60ed1d94-cb97-4646-85a1-03d344fa9349
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-108-22.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:45 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 28 Sep 2022 21:48:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=60ed1d94-cb97-4646-85a1-03d344fa9349
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
DATA 200
OK truncated
/ Frame 89E9 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 89E9 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 89E9 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 89E9 15 B
159 B 187ms
186ms Script
text/html 23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5081&&&vgd_l2type=sca&fp=H8lf5NdHQU5QNRgFirfW_r3cTp4HxjIwgi3LRca-Bli9A7VELSvGCYw0jZYBUEjYEmFlmuQex69Lcn6hBjUNe017PzErbrqPnDvbMfbuwOsqBonSLmg-wnkooE1cDM6s8XUcWEZS4rI%3D&cme=pycXanm7UEJw12GIQ3hkGtTRUSDt9SY8WyQiBJF-3uBvq1k02k0stGShSDNwAs2DCaGqJabb1cvXlu7tRtgDH3xgk-e27d4HzaAYYMmjrVj2Rp1llkHDZGckho77zZTlKorNOMjFHNb2VlIANGEMr1LfEIaFgUI0pItfXY0gFgFqNls89bMCmQDpIyziNc3a9ryZZQNhreuoi1km9kO2bQ%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD7KyBZ4nhgPb0vI7vc013u-g6_KXgczhXMHlgUYOsI5cYTcdqUqLMbyRWw0eghnPDg%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ck5zOP-KvLUOtjGtV0cZ-Gjt13IYIjPfjyTr-Zp3JifmcucdEFp_dQxza5Se6A6tZmGp1IKBfC9504S--h32DTw0nC7u-rLUZZ25ulHRD_8f749O1aDXNeGVjjGG5_aq9fqZ3UOnLNaOzIpAVMqpJXETG_SoZu8DoZCcdoDxUJGzVHxP5T4aPDshuWTctlgqZWL_Jt-DDSM0wWjWewmzyjUnyfhngpyi5XZUKkB_f69o%3D%7C&v=1&geo=-37.83%7C144.92&dlper=20&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721322&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=High+Paying+Jobs&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=13666242&kbc2[]=1%3D0.49%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.22%7C62%3D0.89%7C66%3D0.93%7C12%3D0.15%7C10%3D6.20%7C60%3D0.77%7Cps%3D0.393%7C3%3D0.38%7C4%3D4.14&ktd[]=274911592704&ktrkt[]=High+Paying+Jobs&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=340189069&kbc2[]=1%3D0.35%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.22%7C62%3D0.56%7C66%3D0.93%7C12%3D0.26%7C10%3D6.20%7C60%3D0.35%7Cps%3D0.393%7C3%3D0.38%7C4%3D3.84&ktd[]=274894815488&ktrkt[]=Website+Maker+App&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=350575367&kbc2[]=1%3D0.53%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.22%7C62%3D1.21%7C66%3D0.49%7C12%3D1.08%7C10%3D6.20%7C60%3D0.53%7Cps%3D0.393%7C3%3D0.71%7C4%3D4.59&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2022&kwd[]=Unsecured+Personal+Loans&kwt[]=210&kbc[]=629&kwp[]=4&kid[]=29424974&kbc2[]=1%3D0.24%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.22%7C62%3D0.71%7C66%3D0.69%7C12%3D2.11%7C10%3D6.20%7C60%3D0.11%7Cps%3D0.348%7C3%3D0.57%7C4%3D1.00&ktd[]=274911461632&ktrkt[]=Unsecured+Personal+Loans&kwd[]=New+Short+Haircuts&kwt[]=210&kbc[]=629&kwp[]=5&kid[]=129464754&kbc2[]=1%3D0.81%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.22%7C62%3D1.13%7C66%3D0.96%7C12%3D0.77%7C10%3D6.20%7C60%3D0.80%7Cps%3D0.348%7C3%3D0.06%7C4%3D1.57&ktd[]=274911461632&ktrkt[]=New+Short+Haircuts&cid=8CUABW64L&vi=1664401724148680292&tdAdd[]=ib%3D0&vsid=3074033241531885&tdAdd[]=asnum%3D140952&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=805&vgd_l3_sc=VIC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721322&vgd_nrrv=79615&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=port+melbourne&vgd_go_pid=8POHZR87R&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1664401724119263599&sttm=1664401724448&upk=1664401724.12039&hvsid=00001664401724448017418153185165&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080807683300300025000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POHZR87R&&abpl=2&&kbbq=%26asn%3D140952&&vgd_vstrid=3074033241531885&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.uX~eBMJ-Nv9.W~e8QMQOvFWH~ONfvu~QNOve8N~eM1QzvuH9iXf~ejfLMQOvf9ff9ifWuu~8xLjMGvuhif.fH~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.Hi~8Evu_b76F~kGGv9~e8QMxLjMjvu9~L88Ex1vuuX%2CuuX~J7vfX~LNvu~LEQMQOvf9ff9ifWuH~e8QMGvWFH.hi~xLjMGv9.XF~xLjM7e8v9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.uX~csRvuE~GYvu~Q8OvWWAWiiHHu~QOv9~x8OvuqJteZYuaysEVtEYup~G7OvfHWi9HHXHXihHFh9iu9FiFiuHiXfHWuXihHW9HFhAhhWhAWX99Wf9AfAuiufHF9fhFiAfiuXHuf9uFFf9uhiHXF~OfEMjvA9~AENkvu999~x8Yv9~myMYQwv9.9i~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iX~exLjMGvu.9A~QQvIK~x8Bvou~NJv9~LEQMGvAW.9F~exLjMjvf9~%3DVvfhHA~z7Qvf~7Gvou~N7vEmL7nYJjGmxLzJ~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.ih~8Q8kv9~jNvf~G8Ov9.uX~ONvW~ejfLMGvH.XH~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.W~1YEvu~NGOEv9.u9H~OYYvw1LYmz5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGohWHhfiFfXHfFXAXu~O1jyvOJk1xj7~w7Yjvu~1OGjUvAffXuFAFWW~QmGEv~N7LvX.hi9AWW4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.uX9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vA9~OmyGv9ou~8GNvu~OO7vou~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220926&vgd_scsver=323&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=VIC&vgd_l1rhst=contextual.media.net&hvsid=00001664401724448017418153185165&subBdr=196&bdrid=4&rc=0&rand=1664401725186&acid=a71a19ae40054dd49fd185819b286f39&matm=1664401725186&requrl=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46&vgd_ltimesrc=1&vgd_ltime=1622&vgd_rtime=1616&vgd_etm=11&vgd_l1hcsd=A7%7C6374&vgd_l1ch=1&vgd_lhl=2637&vgd_pgid=p0854224044t202209282148&vgd_adprefflag=11&vgd_csip=rtb-common-istio-7bf864cd55-9m92p.SG&vgd_sbSup=1&vgd_nrrs=79615&vgd_cntrdt=SF%7C51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1

Requested by

Host: www.authorstream.com
URL: https://www.authorstream.com/cropbattle46/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-108-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Wed, 28 Sep 2022 21:48:45 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=76340
content-length: 15

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B5A 42 B
497 B 529ms
183ms Fetch
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlpFDhBAb3-rY_UR_fWjOAFfaEtMsld-qDvmu_SbuU2XOIMjLQnNcp-7M-7yp-0LvxT91Bst3xPScFz29porEpiGSV&sig=Cg0ArKJSzBPgbODQBRfdEAE&id=lidar2&mcvt=1000&p=279,644,329,964&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1228988099&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664401723557&rpt=854&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 528ms
191ms XHR
application/json 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

06fdadb4fcb30a7e844613759217ffbdadbdf04928c1d7ec412f0b6b6d4d068c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11375
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 2212 35 B
200 B 185ms
184ms Image
image/gif 23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=2&spSource=0&ifst=0&vid=YzTBOgAKsjQK1RsnLQY_Ew&s_city=singapore&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=5.790388E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.150&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=83432a40&scrid=1700080807683300300025000039600&itypeid=17&mx_SPRIG=0&viewability=80&renderer=1&be=0&rtime=28.0&adj0=0.0&tmax=300&s_ip=172.217.47.6&adj2=0.0&adj1=0.0&feedback_id=YzTBOgAKsjQK1RsnLQY_Ew&adtypes=0&mx_aabpc=0&reqid=YzTBOgAKsjQK1RsnLQY_Ew&sc=AU-VIC&mowxReqId=a71a19ae40054dd49fd185819b286f39_1&ifdp=0&requrl=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46&bidrestime=1664401722744&pv_adtype=0&cc=AU&strg=HARMONY&pcrid=8CUABW64L-883899441-40-12&coppa_enf=true&bdp=0.150&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CHARMONY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dn=authorstream.com&dt=O&acid=a71a19ae40054dd49fd185819b286f39&actltime=34&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C7%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30&dfpBd=0.104&sckfl=0&dmm_erpm=true&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080807683300300025000039600&omul=1.0&res_mtype=0&chnl=HARMONY&pst=0&reqsize=300x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1664402322997&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=883899441&ckfl=0&lper=1&mx_tgs=250x250%7C300x250&dummy_vsid=false&cbdp=0.104&pvdTmax=253&ltime=34.0&epc=883899441&ctr_vendor=EXCHANGE&prvReqId=63886266973104_1998877493_52982010441&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-7847296254265351&ybnca_erpm=0.15&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=39&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-77468cdfcd-bnl8c&currsrc_date=2022-09-28+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-28+21%3A48%3A42&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_PmzTyS2VBQrz9gWR0c0cHVudhpuewwwivLIG5-CixQaFWoCPySx4Z2X-6NU89kswt0o&dmm_ogerpm=false&csip=rtb-common-istio-7bf864cd55-9m92p.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.15&tpbTkn=false&adblk=3225163688&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.15~vw_exc%3D0.8~vis_sd%3D684~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022092811~iurl_b%3D1792.24~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.49~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D10~riipua%3D115%2C115~et%3D25~rc%3D1~rps_sd%3D2022092814~vis_b%3D864.79~url_b%3D0.56~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.15~MFB%3D1p~bm%3D1~sid%3D883899441~sd%3D0~uid%3D1HeXvGm1OgFpIXpm1W~btd%3D248904454597467091069691495248159748046737787385008203231912460276932915412016620179456~d2p_l%3D30~3pcf%3D1000~uim%3D0~og_msh%3D0.09~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.95~vurl_b%3D1.03~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D38.06~vurl_l%3D20~CI%3D2743~nts%3D2~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.97~isif%3D0~lc%3D2~bid%3D0.15~dc%3D8~vl2r_b%3D4.54~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.8%7Eamp%3D1%7Ecbdp%3D0.104%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-7847296254265351%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3225163688%7Esobp%3D%7Ectr%3D5.790388E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.150%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D253&utime=1717&sf=0&cpr=0.5495063252637997&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-108-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:45 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 28 Sep 2022 21:48:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 183ms
183ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.authorstream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 21:48:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88B2 13 KB
5 KB 183ms
182ms Document
text/html 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.authorstream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 56072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 06:14:14 GMT
expires: Thu, 28 Sep 2023 06:14:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E5A6 783 B
1002 B 491ms
189ms Document
text/html 142.251.12.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f105.1e100.net

Software

GSE /

Resource Hash

91931c2ab0ef92574dc02e1e6d49cc2d5251e50fd8798dec18ea46b6a85c7bbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BBDz_rW9vBsKhRCOBwcCqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.authorstream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-BBDz_rW9vBsKhRCOBwcCqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:48:46 GMT
expires: Wed, 28 Sep 2022 21:48:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bqi.php
lg3.media.net/ Frame 2212 15 B
15 B 184ms
184ms Image
text/html 23.193.108.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2820&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8POHZR87R&katbid=-103&katen=1&cme=pycXanm7UEJw12GIQ3hkGtTRUSDt9SY8WyQiBJF-3uBvq1k02k0stGShSDNwAs2DCaGqJabb1cvXlu7tRtgDH3xgk-e27d4HzaAYYMmjrVj2Rp1llkHDZGckho77zZTlKorNOMjFHNb2VlIANGEMr1LfEIaFgUI0pItfXY0gFgFqNls89bMCmQDpIyziNc3a9ryZZQNhreuoi1km9kO2bQ==||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|a0AmFUYXmD7KyBZ4nhgPb0vI7vc013u-g6_KXgczhXMHlgUYOsI5cYTcdqUqLMbyRWw0eghnPDg=|dsA6EMpZ47R6ljdz__nQtthZoUpm2bb5|k5zOP-KvLUOtjGtV0cZ-Gjt13IYIjPfjyTr-Zp3JifmcucdEFp_dQxza5Se6A6tZmGp1IKBfC9504S--h32DTw0nC7u-rLUZZ25ulHRD_8f749O1aDXNeGVjjGG5_aq9fqZ3UOnLNaOzIpAVMqpJXETG_SoZu8DoZCcdoDxUJGzVHxP5T4aPDshuWTctlgqZWL_Jt-DDSM0wWjWewmzyjUnyfhngpyi5XZUKkB_f69o=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=883899441&requrl=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46&vi=1664401724148680292&ugd=4&cc=AU&sc=VIC&bdrid=4&subBdr=196&startTime=1664401724440&vgd_l1rakh=1664401724119263599&l1ch=1&sttm=1664401724448&upk=1664401724.12039&hvsid=00001664401724448017418153185165&acid=a71a19ae40054dd49fd185819b286f39&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.15~vw_exc%3D0.8~vis_sd%3D684~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022092811~iurl_b%3D1792.24~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.49~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D10~riipua%3D115%2C115~et%3D25~rc%3D1~rps_sd%3D2022092814~vis_b%3D864.79~url_b%3D0.56~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.15~MFB%3D1p~bm%3D1~sid%3D883899441~sd%3D0~uid%3D1HeXvGm1OgFpIXpm1W~btd%3D248904454597467091069691495248159748046737787385008203231912460276932915412016620179456~d2p_l%3D30~3pcf%3D1000~uim%3D0~og_msh%3D0.09~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.95~vurl_b%3D1.03~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D38.06~vurl_l%3D20~CI%3D2743~nts%3D2~tb%3D-1~ct%3Dport%20melbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.97~isif%3D0~lc%3D2~bid%3D0.15~dc%3D8~vl2r_b%3D4.54~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.8%7Eamp%3D1%7Ecbdp%3D0.104%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-7847296254265351%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D3225163688%7Esobp%3D%7Ectr%3D5.790388E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.150%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D253&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=VIC&infr=1&twna=1&stime=1664401723582&vgd_ecrid=1700080807683300300025000039600&l1hcsd=l1!A7|6374&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p0854224044t202209282148&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.193.108.22 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-193-108-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Wed, 28 Sep 2022 21:48:46 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=73852
content-length: 15

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 88B2 36 KB
16 KB 524ms
184ms Script
text/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:16:46 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2212 42 B
108 B 484ms
183ms Fetch
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqlVq3QM2SXM_PpH7cTv11lxf9kqdqZMAX4Zq6JtKq7U1XSeaa1nSL2TUzpR-3PArxWge0Q4NP4mYWFH0MRDXUd5mK&sig=Cg0ArKJSzAjeC4C6tlIZEAE&id=lidar2&mcvt=1000&p=565,309,819,609&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3225163688&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664401723072&rpt=2358&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 21:48:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E5A6 0
0 272ms
240ms Image
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=205757151903941&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 88B2 0
10 B 182ms
181ms Image
text/plain 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4j2GWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:48:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&rel=nofollow&count=true&origin=https%3A%2F%2Fwww.authorstream.com&url=https%3A%2F%2Fwww.authorstream.com%2Fcropbattle46%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&rel=nofollow&count=true&origin=https%3A%2F%2Fwww.authorstream.com&url=http%3A%2F%2Fwww.authorstream.com%2F&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

469 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.authorstream.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: iaycq3f4sgv3x5yy1vvix03b
.authorstream.com/	1970-01-20 06:20:03	Name: pstc Value: 47
.authorstream.com/	1970-01-20 15:56:01	Name: __utma Value: 5691427.1339868597.1664401721.1664401721.1664401721.1
.authorstream.com/	1969-12-31 23:59:59	Name: __utmc Value: 5691427
.authorstream.com/	1970-01-20 10:42:49	Name: __utmz Value: 5691427.1664401721.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.authorstream.com/	1970-01-20 06:20:02	Name: __utmt Value: 1
.authorstream.com/	1970-01-20 06:20:03	Name: __utmb Value: 5691427.1.10.1664401721
.authorstream.com/	1970-01-20 15:41:37	Name: __gads Value: ID=922eedb0c3cd370e-22776c8fc7d600bb:T=1664401722:S=ALNI_MbIn5Xs3yjOlmbouWcAwchfvCsE0g
.authorstream.com/	1970-01-20 15:41:37	Name: __gpi Value: UID=000009fe769980ba:T=1664401722:RT=1664401722:S=ALNI_MajAhHVHbqRQYthhBupRzibNu8_cg
.doubleclick.net/	1970-01-20 15:56:01	Name: IDE Value: AHWqTUk51LJ4rUrpxHktgqfQ9d7o6YSMydfYW_Z9kgy_MrgDnMQzP0lQ8PMfFiV2q0A
.adsrvr.org/	1970-01-20 15:05:37	Name: TDID Value: 60ed1d94-cb97-4646-85a1-03d344fa9349
.adsrvr.org/	1970-01-20 15:05:37	Name: TDCPM Value: CAEYBSABKAIyCwjckpurvumQOxAFOAE.
.media.net/	1970-01-20 15:05:37	Name: visitor-id Value: 3074033241531885000V10
.media.net/	1970-01-20 06:40:11	Name: data-ttd Value: 60ed1d94-cb97-4646-85a1-03d344fa9349~~1
.media.net/	1970-01-20 06:40:11	Name: data-g Value: CAESEIdCFz-fwuf86TSopVLeFHA~~6

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://www.authorstream.com/cropbattle46/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1664401720789&_gfid=I0_1664401720789&parent=https%3A%2F%2Fwww.authorstream.com&pfname=&rpctoken=31676649'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://www.authorstream.com/cropbattle46/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I1_1664401720798&_gfid=I1_1664401720798&parent=https%3A%2F%2Fwww.authorstream.com&pfname=&rpctoken=32615900'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.authorstream.com/cropbattle46/ Message: Mixed Content: The page at 'https://www.authorstream.com/cropbattle46/' was loaded over HTTPS, but requested an insecure element 'http://www.authorstream.com/asset/css/skin01/images/transparentbg.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

51da0a9d23671ab1bb8e830602074c94.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.com.au
ajax.googleapis.com
apis.google.com
b1-sindc1.zemanta.com
b1t-sindc1.zemanta.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.media.net
hblg.media.net
lg3.media.net
match.adsrvr.org
obs.cheqzone.com
pagead2.googlesyndication.com
qsearch-a.akamaihd.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssl.gstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
warp.media.net
widgets.outbrain.com
widgets.zemanta.com
www.authorstream.com
www.facebook.com
www.google.com
www.googletagservices.com
zem.outbrainimg.com
apis.google.com
104.21.64.23
142.251.10.154
142.251.12.105
142.251.12.132
142.251.12.139
142.251.12.154
142.251.12.155
142.251.12.94
142.251.12.95
142.251.12.97
151.101.2.132
157.240.235.1
157.240.235.35
172.217.194.132
172.217.194.154
172.217.194.84
172.253.118.157
199.232.46.132
23.108.101.160
23.193.108.22
23.193.109.76
23.207.36.20
3.227.190.204
3.33.220.150
42.99.140.216
74.125.68.155
005a03a2f308a028baf0e8c890c3dfd430bae09dc95c3d6098b3e00cba7db3a3
01bd0e5bbdc35a1a19c4ecf821f7263db4cf75a62687f4932b34f2057f7e1237
03d516c02fd68fc228cf1b133ff890b676a9bb844cf92df7580eedf49bc3e035
06fdadb4fcb30a7e844613759217ffbdadbdf04928c1d7ec412f0b6b6d4d068c
07955f8bc553a72866a6af5054683808110887748a373a74f8deea6bfe82eac3
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0e0b82ade9c94250c61721e40b0fbeeb119b774ba8a1599340d318b944d00ea0
10b11b4e8176cb713beb3674f4f0013341f3ab3328af4705eed16739c02d6624
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
137671057898665ab14e11accd89c6c7d7536ef78d6e41429dd15d66cefc9f5c
14acd582df7dc1168c3f3f96f6539df0099560997c2ff5e601ea3c4c98cb6ae3
1845620a70ecf35c90ce0483cfa1755afc97bd70ef266526538d7b7b1c88b8de
265ab0d528fd455ddcf7cfd1c96beba4448a52238e027f706ca92bc00833b0a8
26a7336e61e700004321d198b3a65df2877f73175132a11fa84fed00756b65a8
288e958f0f5d3e214cd46d4016ac005a6bbe347a0df64eb3896400b565ba2679
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
46966a0d75448308505e80480e6a9df8b104aa28fad06a71348d36bd86286d3c
47dd31d39f93b6b4cb95f0650e93ba9054301574341e6835186dfc937cb59014
4a956ff034e9e794e921a04cdcc99b2f16d10e6dc9c2e69ae3e7e171659b4f11
4d426790c5e497e64bb2a437b084b09dbc25578e3f2649b1bac01414372f8414
4db98298945202552f2910f29b9dd7690ec69abe2a8c2c5fb9900093d74ab87f
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
534a53d39ef25508040154dad23052489294ade5253ac270051f5830da21c985
537b3147ffb480f8049190668ab82d07e01f563bb5966fc0e1d87d016af11b74
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b3436030f82bbf403c7d805737a45205393ac795106d22d1bdc83dd03a00e7f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d10996cba13f2abb570a90ce63118942e12860de88819a05e261fb4e93ab39
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8847142a3d89c2021670762e83a28e3240822a54eee5ddaceb2337e9b22e04b5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91931c2ab0ef92574dc02e1e6d49cc2d5251e50fd8798dec18ea46b6a85c7bbd
93f83c71ce8d0488dceb37b6be7be07dbed8f6299453c76b6092ec512be9ca0f
98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df
a1de6a7c2b3f0387941c8ad10e556d5bec2df714cce004fb6502eb5e643c6b3c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad7d9ae45b9ed6c91542bd6cd042c1fa5b63b4da24cd26acdb8e0d1dd872dd36
ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bdcd4339130977a3aad3b8a44e6ff8a39114bf5a04c197d3aa6ff1e0e9750c41
c1821b9b1a07384ad285774138d30697bf5c6f8c5abd5dd39d262d71c0b3a848
c2d27d35612b33122f111950fa07b31c6bb4e546ed3f9426aec7a30bc6d44fd6
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c83b801b2fc192e555da8407e684d998406db6958561c4aa3c5519a1ed94979c
ca8a91cfd3b4fab1263f05e292ae9877ac9d8c1dee2ba41b1688041e816bdd73
caa20d7e8b2993a0420a41004f6326b65717531b212e5ec2977030ff2beee7b8
cd0d0ed99dfbe17e916653f52b3461b20ef311755771e359c129315f10a9c3e4
d613e6d5f1ecd7f1af778c49721a6097c9ce8fd9ff5830b3fb259b1cb5fcf8bb
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea07958ef9e75c93b501dc0a0bed0c9765a8b85091973285d86a467e6ed4443b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9d011c7df9b1524ce72018a178b1cbc24a2bb32d27280a1c8174832d43f3d0

www.authorstream.com Open in urlscan Pro 104.21.64.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

94 %HTTPS

0 %IPv6

19 Domains

32 Subdomains

25 IPs

5 Countries

1139 kBTransfer

3373 kBSize

15 Cookies

11 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.authorstream.com Open in urlscan Pro
104.21.64.23 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

94 %
HTTPS

0 %
IPv6

19
Domains

32
Subdomains

25
IPs

5
Countries

1139 kB
Transfer

3373 kB
Size

15
Cookies

90 HTTP transactions
5 data transactions