questiondekho.com Open in urlscan Pro
111.118.215.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://questiondekho.com/
Submission: On March 27 via manual (March 27th 2023, 7:23:55 am UTC) from IN — Scanned from DE

Summary HTTP 141 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 24 domains to perform 141 HTTP transactions. The main IP is 111.118.215.156, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is questiondekho.com.

This is the only time questiondekho.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	111.118.215.156 111.118.215.156	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
2 29	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	3.65.4.114 3.65.4.114	16509 (AMAZON-02) (AMAZON-02)
3 10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2 2	3.123.59.105 3.123.59.105	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
141	30

10 111.118.215.156 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: md-in-26.webhostbox.net

questiondekho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.4.114 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-4-114.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.59.105 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-59-105.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	697 KB
30	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 255 cm.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	156 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	83 KB
10	questiondekho.com questiondekho.com	143 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 11018 ic.tynt.com — Cisco Umbrella Rank: 6770 de.tynt.com — Cisco Umbrella Rank: 1610	8 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	185 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 535 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	243 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8820	818 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 749 s.tribalfusion.com — Cisco Umbrella Rank: 1837	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 743	2 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 66909	757 B
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 14974	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 322	463 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1455	351 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 740	713 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 470	875 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	608 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 15754	312 B
1	waust.at waust.at — Cisco Umbrella Rank: 40417	7 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	8 KB
141	24

	Domain	Requested by
29	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net questiondekho.com tpc.googlesyndication.com pagead2.googlesyndication.com
26	pagead2.googlesyndication.com	questiondekho.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net questiondekho.com
10	s0.2mdn.net	questiondekho.com s0.2mdn.net
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
10	questiondekho.com	questiondekho.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	ic.tynt.com	questiondekho.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	googleads4.g.doubleclick.net	questiondekho.com
2	pm.w55c.net	2 redirects
2	d.adtriba.com	1 redirects googleads.g.doubleclick.net
2	encrypted-tbn3.gstatic.com	questiondekho.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	t.dtscout.com	waust.at t.dtscout.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	questiondekho.com googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	encrypted-tbn2.gstatic.com	questiondekho.com
1	static.doubleclick.net	questiondekho.com
1	de.tynt.com	cdn.tynt.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	waust.at	questiondekho.com
1	cdn.ampproject.org	questiondekho.com
141	36

This site contains links to these domains. Also see Links.

Domain
www.questiondekho.com

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.dtscout.com GTS CA 1P5	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 20 frames:

Primary Page: http://questiondekho.com/
Frame ID: A7533CFBFA33DAC057C801B187AC6CDF
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: 7A4E635E5517EAEA24471C627E655633
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&adk=1812271804&adf=3025194257&lmt=1679901831&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=http%3A%2F%2Fquestiondekho.com%2F&ea=0&pra=5&wgl=1&dt=1679901830400&bpp=440&bdt=133&idt=714&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5223661186765&frm=20&pv=2&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=741
Frame ID: 654E6DCACC9490DEA650790234B2A4AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=250&slotname=2614391832&adk=1015902282&adf=3599744201&pi=t.ma~as.2614391832&w=332&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&format=332x250&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1679901830841&bpp=13&bdt=574&idt=310&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=999&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w1NyEUK9Ok&p=http%3A//questiondekho.com&dtd=316
Frame ID: 7C4B619AE3D7797E5DC4801C74076520
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7
Frame ID: BA9C8F56B3B149D499894EA04414C66E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0092854B4CD4B2E2767020BAF8A293C0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js
Frame ID: 032424B6E9BEBC6C2533ED02EC67E689
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: 26E2822FD18273059C370971C1D3ADC3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: EF1C3719B90585E225A6281B5343922C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0FEC8DB2683812B950063BF2A6C8B92D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E6CD8064C16938DC29AC027734110460
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js
Frame ID: 721C42BFB97AB6857A6248F76E7D4F8C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js
Frame ID: 40A283284C16B04125357868D616F4C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiIjr3jATAB&v=APEucNU4S3ZiydFqJ_KPYSw1aPJroOwgfIPRsl6w9tlEXJ_EAre62ghr2uxr_uJEiGESwWVnhwls1q4iG-cZgf9O0njQnSlMt-m3YvqQiRjBevaVYM-zTqJe0N1CT7FDdv-eixby0i1kgWgKAmxn3ZZqMMWVyYffqWFhBUA3ALlUHLMl1g8U11M
Frame ID: 033D6AEC85971C65BF90163BB1CE60AA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BD18F296B6E32DC443D88DB634B0AE32
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2A9234990B4CF028987D6E42A2AB333
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D500AF2EAFD1E19784505BFEB442D09B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
Frame ID: 51A2D9A91151064A4EA070210F9395F1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 153AD8E0E3CBD8EDB7BC9757D1FF3710
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1423D699A4BF1709D4C8BD9B4A59E672
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Question Dekho - Previous Year Question Papers, Exam Pattern & Syllabus, Engineering Objective Questions, Aptitude, Reasoning and GK Questions.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

141
Requests

79 %
HTTPS

58 %
IPv6

24
Domains

36
Subdomains

30
IPs

6
Countries

1551 kB
Transfer

3809 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.questiondekho.com/
Title: Question Dekho

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAxIivxQEQ2AQY2AQyCEI4uKqUTIEL HTTP 301
https://tpc.googlesyndication.com/simgad/4553853186076129233

Request Chain 85

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3ldWhTxCEBxjhATIIVZ3N4eay-pM HTTP 301
https://tpc.googlesyndication.com/simgad/13251395389140663389

Request Chain 92

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCFEiDg9gVPwz9ptXrD8twAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECbO60Vr-D1icSJMHGuzSXQ&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDM1ODIzMTc3OTI0MjgxNw%3D%3D

Request Chain 113

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&google_cver=1&google_push=Aer7DvIq6RqgSC71vYsQGR-oHxPccjwoqQfGTCxyUQFKM5y8G6muaUnrpQJHvplCtk1uWOPsIcgzg9eJCkfzjK4wNM8rhgj_qKyYPHI HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&google_cver=1&google_push=Aer7DvIq6RqgSC71vYsQGR-oHxPccjwoqQfGTCxyUQFKM5y8G6muaUnrpQJHvplCtk1uWOPsIcgzg9eJCkfzjK4wNM8rhgj_qKyYPHI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTBkOUpzQXIxUEdIY1E1&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&google_cver=1&google_push=Aer7DvIq6RqgSC71vYsQGR-oHxPccjwoqQfGTCxyUQFKM5y8G6muaUnrpQJHvplCtk1uWOPsIcgzg9eJCkfzjK4wNM8rhgj_qKyYPHI

Request Chain 114

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELJNgV7pVxZA0i0-vsd1M3k&google_cver=1&google_push=Aer7DvJLf4vY_HvsHSfiPmAl1wpYe1tRxFuW45-Cnqu8PpeN76WXEoTxH-z9IzHPpkiQizUylBajkx1tLmfcLEi7QpSEa7RfCXRjgw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJLf4vY_HvsHSfiPmAl1wpYe1tRxFuW45-Cnqu8PpeN76WXEoTxH-z9IzHPpkiQizUylBajkx1tLmfcLEi7QpSEa7RfCXRjgw

Request Chain 115

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFF5o8IWKrjC6ir1Vy5TOjo&google_cver=1&google_push=Aer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFF5o8IWKrjC6ir1Vy5TOjo&google_cver=1&google_push=Aer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 116

https://um.simpli.fi/gp_match?google_gid=CAESEPBSO1zZlNRWIzjp59NPCq0&google_cver=1&google_push=Aer7DvIchIhx-Et2uc7_g55m2HvhwWTewthrdV2GEGScsbhi2IlHj3gl4WvFbbkuZXQ0qoTUPGpT48JfFq3-lRfTx-5daVuTy5bHsDk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CFDE06A457684A3E8A2D3CD2B115D412&google_push=Aer7DvIchIhx-Et2uc7_g55m2HvhwWTewthrdV2GEGScsbhi2IlHj3gl4WvFbbkuZXQ0qoTUPGpT48JfFq3-lRfTx-5daVuTy5bHsDk

Request Chain 118

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM4QaoY01C43LJT1jpv_GDE&google_cver=1&google_push=Aer7DvJnz29tXyAwUFNuRtzi0J6xZqJ7kg-KhH7s2ekYlpZMCiKQkV0kpRGp8zZuC2QsOqCN9h3BZFzuAb75DWZQXcCL6nocmBRA3w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZRSTZFNUwtMVctNzlDWQ==&google_push=Aer7DvJnz29tXyAwUFNuRtzi0J6xZqJ7kg-KhH7s2ekYlpZMCiKQkV0kpRGp8zZuC2QsOqCN9h3BZFzuAb75DWZQXcCL6nocmBRA3w

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDLq0AN8Qsd602AeGeTLNvg&google_cver=1&google_push=Aer7DvJa5wGylPyHhzeBMzYnEVtSGKanIn7NXd7VcsK4w6yARpuAISpMwzjJQjuJ3SxinYc-Zbk4L0fUeCaAaefZY_PsC3nx4wimyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDLq0AN8Qsd602AeGeTLNvg&google_hm=ZCFEiDg9gVPwz9ptXrD8twAAFF8AAAAB&google_nid=index&google_push=Aer7DvJa5wGylPyHhzeBMzYnEVtSGKanIn7NXd7VcsK4w6yARpuAISpMwzjJQjuJ3SxinYc-Zbk4L0fUeCaAaefZY_PsC3nx4wimyQ

141 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
questiondekho.com/ 36 KB
12 KB 1239ms
269ms Document
text/html 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: 299242bce6465264db6504357b7b955936ee5311996445a40cf9dad41e053890

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 11569
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Mar 2023 07:23:50 GMT
Keep-Alive: timeout=5, max=75
Link: <http://questiondekho.com/wp-json/>; rel="https://api.w.org/"
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 89ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb8cf9bf722295e2a48de24cc0358d87a2757f109cac4737a3e3e1d907b45e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51796
X-XSS-Protection: 0
Server: cafe
ETag: 14809478176199324505
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 27 Mar 2023 07:23:50 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 9 KB
1 KB 47ms
23ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.22

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf613b4d30e323b9c9e0d25320225643cd2ad1dca73186ada1c0a47d290ba918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Mon, 27 Mar 2023 07:23:50 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 27 Mar 2023 07:23:50 GMT

GET
H/1.1 200
OK genericons.css
questiondekho.com/wp-content/themes/frontier/includes/genericons/ 18 KB
12 KB 142ms
141ms Stylesheet
text/css 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.2.4
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: ee9ce6d4a4b227c67e13a20dcf2b47d96dd996d5909925bb13b8bdc6c917c092

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jun 2015 12:14:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 12095

GET
H/1.1 200
OK style.css
questiondekho.com/wp-content/themes/frontier/ 26 KB
9 KB 269ms
139ms Stylesheet
text/css 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/wp-content/themes/frontier/style.css?ver=1.2.4
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: d5c729afa086eac1b1a9c50ffdfe22513894a26b31e2da16758aef5833f41823

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jun 2015 12:14:11 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 8415

GET
H/1.1 200
OK responsive.css
questiondekho.com/wp-content/themes/frontier/ 3 KB
1 KB 273ms
141ms Stylesheet
text/css 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/wp-content/themes/frontier/responsive.css?ver=1.2.4
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: 5fdd5c2d5f69393afd852c1945b13560c6bb399c1c275dbb2b8045704b023f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jun 2015 12:14:11 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 897

GET
H/1.1 200
OK jquery.js Show response
questiondekho.com/wp-includes/js/jquery/ 95 KB
42 KB 289ms
156ms Script
application/javascript 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 01:38:16 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75

GET
H/1.1 200
OK jquery-migrate.min.js Show response
questiondekho.com/wp-includes/js/jquery/ 10 KB
5 KB 283ms
149ms Script
application/javascript 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jul 2018 16:53:55 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=75
Content-Length: 4444

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 170ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5bbad916e1cb3ac783edb5f862190cc83c06ee0a12bb9dcd982b5d27ae83477

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 07:23:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7580
x-xss-protection: 0
server: sffe
etag: "1f8d9f2f90c092c6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 27 Mar 2023 07:23:50 GMT

GET
H/1.1 200
OK qd_logo.png
questiondekho.com/wp-content/uploads/2015/06/ 56 KB
56 KB 145ms
141ms Image
image/png 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://questiondekho.com/wp-content/uploads/2015/06/qd_logo.png
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: 9c8af9b9379db6cb66ae9f96c03c55a8d256b1267dc74ee337ebb94aff75c40e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Last-Modified: Sat, 20 Jun 2015 18:10:26 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 57195

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 103ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7575503819776315

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf93beae9c9085751b9dcb838aa90ec6cf8f6574209fc51e5b28c03c5adc6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Origin: http://questiondekho.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49020
x-xss-protection: 0
server: cafe
etag: 11044139242988115449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:50 GMT

GET
H/1.1 200
OK c.js Show response
waust.at/ 13 KB
7 KB 64ms
24ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/c.js
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2677
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
Server: cloudflare
etag: W/"63c04130-32c5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVm17RUCiBEPbOx81Y%2FjKSYCv4DdFgMGMs7H4gboUDQwm5msAzN1Ne17qRm%2BkITOMzsPztHUYuAWnCj5LazZIGq7ZWtrO%2F2sKjegLy4TCgEhxlg6HYdJPH5krkxZI5lS%2F87wnYF2"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
CF-RAY: 7ae5e3eb0ec206e0-AMS
expires: Tue, 28 Mar 2023 06:39:13 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
questiondekho.com/wp-includes/js/ 1 KB
1 KB 141ms
141ms Script
application/javascript 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/wp-includes/js/wp-embed.min.js?ver=4.9.22
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 13:40:01 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 750

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
questiondekho.com/wp-includes/js/ 12 KB
5 KB 146ms
142ms Script
application/javascript 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://questiondekho.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 13:40:01 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 4628

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 126ms
88ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7575503819776315&plah=questiondekho.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e98f434c6ff5fbb5a84019b7ccde3a323455034ff8dcd201a7bcfdabd5b9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119751
x-xss-protection: 0
server: cafe
etag: 4924944517275408231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame 7A4E 10 KB
5 KB 91ms
22ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 13:16:09 GMT
etag: 2378337311435320485
expires: Sun, 09 Apr 2023 13:16:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK honeycomb.png
questiondekho.com/wp-content/themes/frontier/images/ 265 B
506 B 144ms
141ms Image
image/png 111.118.215.156
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://questiondekho.com/wp-content/themes/frontier/images/honeycomb.png
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: HTTP/1.1
Server: 111.118.215.156 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-in-26.webhostbox.net
Software: Apache /
Resource Hash: 5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:50 GMT
Last-Modified: Sat, 20 Jun 2015 12:14:11 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 265

GET
H/1.1 200
OK ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 38ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.22

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://questiondekho.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:40:12 GMT
X-Content-Type-Options: nosniff
Age: 513818
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15700
X-XSS-Protection: 0
Last-Modified: Tue, 19 Apr 2022 18:51:55 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 20 Mar 2024 08:40:12 GMT

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41e07f5aa74582dc1959930998036e6b8f88c10d1fa18dd99f6c0c9fe40eb5c0

Request headers

Referer: http://questiondekho.com/
Origin: http://questiondekho.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
19 KB 48ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.22

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://questiondekho.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 08:46:11 GMT
X-Content-Type-Options: nosniff
Age: 513459
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 18260
X-XSS-Protection: 0
Last-Modified: Mon, 11 Jul 2022 21:03:24 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 20 Mar 2024 08:46:11 GMT

GET
H2 200 / Show response
t.dtscout.com/i/ 2 KB
2 KB 255ms
206ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fquestiondekho.com%2F&j=
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
x-t: 0.527
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft0CUXaIiADnQ%2FT2keOdA%2FHRodAoUI90yZv7HvtxWSsiXQQ7I2j%2FZi8oN4TTeiHnZt27tBSS2ucCC75T%2Bj6rDSd2ALJstxyrHRXAEb5KbAIeYQyyYIhWej4Tz%2F%2FeL9lVxgNHLe6hU2sbTh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 7ae5e3eb9db59a3f-FRA
expires: Mon, 27 Mar 2023 07:23:50 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 28 B
312 B 166ms
121ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=0f5vzmbhmp&t=Question%20Dekho%20-%20Previous%20Year%20Question%20Papers%2C%20Exam%20Pattern%20%26%20Syllabus%2C%20Enginee&c=c&x=http%3A%2F%2Fquestiondekho.com%2F&y=&a=0&d=1.836&v=27&r=5629
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef63d41549fbeab1407f8697efa49fc347884e3f8b27818c52620f08f66d642

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
CF-RAY: 7ae5e3eb9f570e08-AMS

GET
H2 200 tc.js Show response
cdn.tynt.com/ 18 KB
7 KB 185ms
24ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: http://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 15:48:11 GMT
server: cloudflare
age: 56122
etag: W/"6410973b-4750"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7ae5e3ed5f763635-FRA
expires: Thu, 30 Mar 2023 07:23:51 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 94ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=questiondekho.com&callback=_gfp_s_&client=ca-pub-7575503819776315

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7575503819776315&plah=questiondekho.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c87c8f1aa8e2d6353d469866871ad8c1d3008cd040bb4956295d61fc4b993a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 108ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=questiondekho.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 74ms
35ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=questiondekho.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 654E 344 KB
61 KB 681ms
680ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&adk=1812271804&adf=3025194257&lmt=1679901831&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=http%3A%2F%2Fquestiondekho.com%2F&ea=0&pra=5&wgl=1&dt=1679901830400&bpp=440&bdt=133&idt=714&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5223661186765&frm=20&pv=2&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=741

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d4600bc096adb79f155c88ba9d143a454ed023e36b027a2c9ab23a0f35f0c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 62741
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:51 GMT
expires: Mon, 27 Mar 2023 07:23:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C4B 74 KB
30 KB 627ms
626ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=250&slotname=2614391832&adk=1015902282&adf=3599744201&pi=t.ma~as.2614391832&w=332&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&format=332x250&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1679901830841&bpp=13&bdt=574&idt=310&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=999&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w1NyEUK9Ok&p=http%3A//questiondekho.com&dtd=316

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54d3ca3e8d4e9d94a3295911b8d2c0505ad898941f24554fb23b0607ccc13ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30190
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:51 GMT
expires: Mon, 27 Mar 2023 07:23:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
347 B 184ms
184ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=questiondekho.com&_ss=3ugq63wksh&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=3i0u&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fquestiondekho.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee88fad510c267019bd87038fd30b9f8fc9e67cb5654b79d2558e906078f381

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
x-t: 0.203
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1R%2FypxTGr6lOvJWyOVknCmRJw7DtAlseJsLP11oLKszPQe0K%2BtBjhjYlD0ZdVjereBRzg7o8uJ2J%2Bpz1fCE2PsB%2BKWqJIGJ%2BDrTI8lrcoEncTb8EJ2C%2FKrun1vMA%2BjFFFzOj71WtDMclNg%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7ae5e3ecdf189a3f-FRA
expires: Mon, 27 Mar 2023 07:23:50 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 333ms
108ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0f5vzmbhmp&lm=0&ts=1679901831281&dn=TC&iso=0&pu=http%3A%2F%2Fquestiondekho.com%2F&t=Question%20Dekho%20-%20Previous%20Year%20Question%20Papers%2C%20Exam%20Pattern%20%26%20Syllabus%2C%20Engineering%20Objective%20Questions%2C%20Aptitude%2C%20Reasoning%20and%20GK%20Questions.
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 27 Mar 2023 07:23:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 349ms
108ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!0f5vzmbhmp&dn=TC&cc=1&r=&pu=http%3A%2F%2Fquestiondekho.com%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 27 Mar 2023 07:23:51 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Tue, 28 Mar 2023 07:23:51 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 108ms
107ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0f5vzmbhmp&lm=0&ts=1679901831281&dn=TC&iso=0&pu=http%3A%2F%2Fquestiondekho.com%2F&t=Question%20Dekho%20-%20Previous%20Year%20Question%20Papers%2C%20Exam%20Pattern%20%26%20Syllabus%2C%20Engineering%20Objective%20Questions%2C%20Aptitude%2C%20Reasoning%20and%20GK%20Questions.
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 27 Mar 2023 07:23:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 108ms
108ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0f5vzmbhmp&lm=0&ts=1679901831281&dn=TC&iso=0&pu=http%3A%2F%2Fquestiondekho.com%2F
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 27 Mar 2023 07:23:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 17081631987209901459
tpc.googlesyndication.com/simgad/ Frame 7C4B 50 KB
50 KB 61ms
25ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17081631987209901459?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmmYujaBpTzwzDTqwDuDRhiWsGN7A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=250&slotname=2614391832&adk=1015902282&adf=3599744201&pi=t.ma~as.2614391832&w=332&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&format=332x250&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1679901830841&bpp=13&bdt=574&idt=310&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=999&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w1NyEUK9Ok&p=http%3A//questiondekho.com&dtd=316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

571ef060d1196b5bfd1c457ad458328367a9c2f59bde00a0e106a20bb3128949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 08:57:15 GMT
x-content-type-options: nosniff
age: 167196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50956
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 10:47:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Mar 2024 08:57:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7C4B 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBstNh0QhZP3zC8q6x_APiPuPoAHd_ovXb9PbyOWjEdrZHhABIPqbnCFglbqwgrgHoAGHg7_3A8gBAqgDAcgDyQSqBNgBT9CmfP_-0pNriKWK9Zb8Xjb4NOvjbXhB4IDMMd078vpGcMCwkc3JBH5Ei50dPVofpr2OoUvGMK-LMCSVeQwpxQ8DEHOGH6cfI2_kCZzNlws41wPsasvx5Bn-6WBvAQo_ppoBzbXpoahcJcNVoVkC0uDQu9crgIStkqRYBh6xYhkAORtLvEN_mQe09UwLclYa8TQ7-xbg-bxa6vpzjQMGDkcz3hRiuawENJ8L6NdbMwGU_A7GjEQEvle9V1YYYIObANTkO7LvVvQJBYbKcm8KkF4RmhGArtOEwASkwejAmASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHprv-hQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC7ogfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03NTc1NTAzODE5Nzc2MzE1GAA&sigh=wba6R8nMr7k&uach_m=[UACH]&cid=CAQSGwDUE5ympR4Dk67htLvnqFusTUMaNDBZD8rXbxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=250&slotname=2614391832&adk=1015902282&adf=3599744201&pi=t.ma~as.2614391832&w=332&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&format=332x250&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1679901830841&bpp=13&bdt=574&idt=310&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=999&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w1NyEUK9Ok&p=http%3A//questiondekho.com&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Mar 2023 07:23:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Mar 2023 07:23:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 7C4B 22 KB
9 KB 43ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 7C4B 3 KB
1 KB 47ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 18:16:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 7C4B 20 KB
9 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C4B 158 KB
49 KB 64ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:51 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 7C4B 34 KB
14 KB 66ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:59:38 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 108ms
107ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0f5vzmbhmp&lm=0&ts=1679901831281&dn=TC&iso=0&pu=http%3A%2F%2Fquestiondekho.com%2F
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 27 Mar 2023 07:23:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 150 KB
51 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/reactive_library_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbce5f8be65ceb1141bc2f5c952b8dae03df3b54b95a782598ec42c19680ad9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52130
x-xss-protection: 0
server: cafe
etag: 12826576725120816503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:51 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=questiondekho.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=questiondekho.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA9C 21 KB
9 KB 536ms
536ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ce6dbb9f462d9a2e5c172c72fd2fb0e880f57a349afd821ecef0c97edda915e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 9077
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0092 143 B
166 B 13ms
12ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=250&slotname=2614391832&adk=1015902282&adf=3599744201&pi=t.ma~as.2614391832&w=332&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&format=332x250&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1679901830841&bpp=13&bdt=574&idt=310&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=999&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w1NyEUK9Ok&p=http%3A//questiondekho.com&dtd=316
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 06:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7C4B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc7b208d1d9fb1be615730d5b3b322f9c0de8e613d0c6dde8fe0315f28984548

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!0f5vzmbhmp&lm=0&ts=1679901831281&dn=TC&iso=0&pu=http%3A%2F%2Fquestiondekho.com%2F
Requested by: Host: questiondekho.com
URL: http://questiondekho.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 27 Mar 2023 07:23:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0092
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
23ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:52 GMT
expires: Mon, 27 Mar 2023 07:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0324 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:06:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:06:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=questiondekho.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=questiondekho.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame 26E2 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 22:29:08 GMT
etag: 2378337311435320485
expires: Sun, 09 Apr 2023 22:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame EF1C 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 22:29:08 GMT
etag: 2378337311435320485
expires: Sun, 09 Apr 2023 22:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame 0FEC 10 KB
4 KB 16ms
12ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 22:29:08 GMT
etag: 2378337311435320485
expires: Sun, 09 Apr 2023 22:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26E2 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4lelh0QhZNvfCvDX1fAPw_iQ2AmTmaXSb8jm1v71EPXI4IDOOBABIPqbnCFglZqVgqAHoAGrjOzEA8gBAqgDAcgDyQSqBMwBT9CfTeomelPo0dAiP8tf4SJFNc6FX0FlYruVtGu4QGkXXYMyL1WELnkH800drgpRnahYNUcaCCP7X8cMvweJ4e1c9MeTM_gDaoIHkeZ3IQuUwk-rXAcXTzfYyZwygXwLLE-0qN3hfkUqmKjrg9NxV3XQQXBcNOgwbyjSzQOgXLb4GjSFUr0rueOFBW-k74MsM-b7LNK-mGP4BGvar14e8aWcXVx_5z7tn2get6ZtFVBQpUwTHJwH9ljlrKjy73Rva19iN4J-QuScP6ikwATkoo3EpQSSBQQIBBgBkgUECAUYBKAGAoAHvfOTO6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK3HB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc1NzU1MDM4MTk3NzYzMTUYAA&sigh=B86ILBlAwUk&uach_m=[UACH]&cid=CAQSGwDUE5ymCxSwJgMuNHyT4zyOsp_mvDHKlKSoChgB

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 26E2 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:24:06 GMT

GET
H2 200 12688190493170463164
tpc.googlesyndication.com/simgad/ Frame 26E2 21 KB
21 KB 16ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12688190493170463164?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk9JBPt9IeEqjWBgfeGIl68HI5Klw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7d473c36ca04209b98d2e2427d830a4fb0e5d3727c7d595005710ada6462704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 07:41:10 GMT
x-content-type-options: nosniff
age: 344562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21634
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 21:42:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Mar 2024 07:41:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 26E2 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 18:16:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 26E2 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26E2 158 KB
49 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 26E2 34 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 12056988738142335449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:59:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF1C 3 KB
1010 B 70ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 06:03:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame EF1C 2 KB
765 B 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:22:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame EF1C 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:24:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame EF1C 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 18:16:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame EF1C 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF1C 158 KB
48 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame EF1C 34 KB
15 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 0FEC 2 KB
765 B 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:22:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 0FEC 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:24:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 0FEC 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 18:16:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 0FEC 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FEC 158 KB
48 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 0FEC 34 KB
14 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E6CD 143 B
166 B 15ms
12ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 06:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 26E2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeb226d6b4c6a0eb2fc02bdd3e6f1cd1031caea12e730650d0c8f03765acc48a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E6CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
27ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:52 GMT
expires: Mon, 27 Mar 2023 07:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 721C 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:06:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:06:40 GMT

GET
H3

200

4553853186076129233
tpc.googlesyndication.com/simgad/ Frame EF1C
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODAxIivxQEQ2AQY2AQyCEI4uKqUTIEL
https://tpc.googlesyndication.com/simgad/4553853186076129233

64 KB
64 KB

14ms
14ms

Image
image/jpeg

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4553853186076129233

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7157d26f3067dc7d90b2076a0d7181365046fbffe59447ed9cfae3d2aab6a5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 393520
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65821
x-xss-protection: 0
last-modified: Sun, 17 Jul 2022 12:00:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:05:12 GMT

Redirect headers

date: Sun, 26 Mar 2023 17:01:56 GMT
x-content-type-options: nosniff
server: cafe
age: 51716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4553853186076129233
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 17:01:56 GMT

GET
H2 200 2086092464041056419_9445831905889675350.gif
static.doubleclick.net/dynamic/5/413520551/ Frame EF1C 43 B
569 B 62ms
14ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/413520551/2086092464041056419_9445831905889675350.gif

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:42:13 GMT
x-content-type-options: nosniff
age: 337299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sat, 11 Mar 2023 15:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 09:42:13 GMT

GET
DATA 200
OK truncated
/ Frame EF1C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bec5840d9b242697e55419e2af7a57d5d2f2245d8b55ae80ebc4cf244e4ae78

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0FEC 31 KB
32 KB 102ms
25ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRZNowiemmHyourvzLllJdLbW0VNXDCZNpxTHRmPe5XlI7iWFM&usqp=CAI

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eda345a804a56a0afdcb9cd75c7f680b36950233429fbb65cec3fd51268ff6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 23:47:09 GMT
x-content-type-options: nosniff
age: 27403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32105
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 06:36:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 25 Mar 2024 23:47:09 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0FEC 33 KB
34 KB 69ms
14ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTnVNC9iES6nNyJ5QKRThf_83I_A0ngQmoIjrpZ8rj_2K-kgj7LKQ-jKQHtNqw&usqp=CAI

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc6a59a5e5379232a8c84b55c80345068b71615e1a4388b7e1cb29a7b96d1a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 23:35:54 GMT
x-content-type-options: nosniff
age: 200878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34029
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 05:32:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 23 Mar 2024 23:35:54 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0FEC 55 KB
56 KB 89ms
34ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT3XEytwYDsUCh73Vy-Yb9vwWphMNSXfgSDgQ3QxPRUqxrkvSv7o6Yu0axMlA&usqp=CAI

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53c39756f2337a39bc09852958b81eca878f9cb73a6fb384498df9f372aa22e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 393521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56733
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 10:57:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 18:05:11 GMT

GET
H3

200

13251395389140663389
tpc.googlesyndication.com/simgad/ Frame 0FEC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3ldWhTxCEBxjhATIIVZ3N4eay-pM
https://tpc.googlesyndication.com/simgad/13251395389140663389

20 KB
20 KB

16ms
14ms

Image
image/jpeg

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13251395389140663389

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf2e39014ab01a6e3103598525d7739fe548f755c5b1de72cf70f942f2cdc32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 393521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20811
x-xss-protection: 0
last-modified: Thu, 27 May 2021 23:18:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Mar 2024 18:05:11 GMT

Redirect headers

date: Mon, 27 Mar 2023 01:30:16 GMT
x-content-type-options: nosniff
server: cafe
age: 21216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13251395389140663389
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 01:30:16 GMT

GET
DATA 200
OK truncated
/ Frame 0FEC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcead1c038981a1f39a9224ec429358e697fd36dc920658770ec8dfbd33fb745

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF1C 0
19 B 56ms
55ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbE4Eh0QhZNzfCvDX1fAPw_iQ2An99vTZb7vDmcmXEZGX46mTDhABIPqbnCFglZqVgqAHoAHVlP7HA8gBBqkCV-6r0DkNsj6oAwHIAwKqBM8BT9Aa18iYLIpqZiAqk_1pQI16jgGZnAEm0KHEkW_5OOdcGnytYubg6Xyyqs-wDC6ZAb6JLVQAzig-aQl59OzPEK6KaU89UPHRhOJjfesfqXj3CWghmYz8RVbMwKkzLOUQiV5K9PjT3xM4J71i1vz_g6C2hsImI-53u5zIhhtSyBqWWF9BKrXUgzt83uwPqjUPsgMpXkYGGk0f4WzefDwcwNt2-Ci9prNSMa3-iNWyfPmkoRlQFiOdwhKKM6xewDqlBqLET_8_5gh37qKse-mJwATh1tG6oQSSBQQIBBgBkgUECAUYBKAGN4AHvL-pLqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBCt1QLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi03NTc1NTAzODE5Nzc2MzE1GAA&sigh=rn0MKweM5g8&uach_m=[UACH]&cid=CAQSGwDUE5ymCxSwJgMuNHyT4zyOsp_mvDHKlKSoChgB&template_id=493&vis=1

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 40A2 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:06:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:06:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0FEC 0
19 B 59ms
59ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV_8Ah0QhZN3fCvDX1fAPw_iQ2AmXzIvCb6yXoZztDtaP0L6CKRABIPqbnCFglZqVgqAHoAHHmbXdA8gBCagDAcgDywSqBNABT9DRvZT8wDfvp27P7d3tNvpB7ya0ePuu9aQngfEdkc3tbM7L-v0nq7HLiFICNxW51eeR0yOpH4o5K8iB404VKw72q-sJZEl7FuwBjZuD4NXjZp-IXv10MvZuCnE9DcxJ72oKxopzI3IXcI92qcN13DNN4Oho4-aMxzIh3mzjtu5aTAUJn137S9VfA6L2JTQ2S7shQrV1Z_X19t8Ypjg6PlrLLmm3lyQSGSzhwH0opF4Hlvm6IN6bbG7v6leMvF__1CFEl7WHO76C36G7ELBANMAEr620mvMDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6X2h8gCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJDjAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQD0BUBgBcBshccChoIABIUcHViLTc1NzU1MDM4MTk3NzYzMTUYAA&sigh=GHjC4q-eWtE&uach_m=[UACH]&cid=CAQSGwDUE5ymCxSwJgMuNHyT4zyOsp_mvDHKlKSoChgB&template_id=494&vis=1

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 033D 624 B
242 B 60ms
57ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiIjr3jATAB&v=APEucNU4S3ZiydFqJ_KPYSw1aPJroOwgfIPRsl6w9tlEXJ_EAre62ghr2uxr_uJEiGESwWVnhwls1q4iG-cZgf9O0njQnSlMt-m3YvqQiRjBevaVYM-zTqJe0N1CT7FDdv-eixby0i1kgWgKAmxn3ZZqMMWVyYffqWFhBUA3ALlUHLMl1g8U11M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BD18 78 KB
27 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame BD18
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

12ms
12ms

Image
image/gif

3.65.4.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7
Protocol: HTTP/1.1
Server: 3.65.4.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-4-114.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 07:23:52 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 27 Mar 2023 07:23:52 GMT
Last-Modified: Mon, 27 Mar 2023 07:23:52 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame BD18 3 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 18:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 18:16:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame BD18 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:22:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BD18 0
0 26ms
24ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyxi9zVqW3wigfSdLGO-_9E_Ti49_C4ThZQPxLlpFVxOMZXZmTrhH96r2BzFE2Hio4cLyOHUX_m_eDF1-ZAlD2J1Z67g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD18 158 KB
48 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD18 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAe0VfO5fMDtokSkOLyrQfek0fxVKUAdnL-hokXeVPO_W25mKjz8qwwiuqDwWhwZSg2rhyvt_DmSNjfXDMdK7BOE3dY46FITmtG6tu1DBko9gKEuA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD18 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2433646401212929822&x=1&ct=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 033D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiIjr3jATAB&v=APEucNU4S3ZiydFqJ_KPYSw1aPJroOwgfIPRsl6w9tlEXJ_EAre62ghr2uxr_uJEiGESwWVnhwls1q4iG-cZgf9O0njQnSlMt-m3YvqQiRjBevaVYM-zTqJe0N1CT7FDdv-eixby0i1kgWgKAmxn3ZZqMMWVyYffqWFhBUA3ALlUHLMl1g8U11M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Mar 2023 07:23:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 033D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCFEiDg9gVPwz9ptXrD8twAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiIjr3jATAB&v=APEucNU4S3ZiydFqJ_KPYSw1aPJroOwgfIPRsl6w9tlEXJ_EAre62ghr2uxr_uJEiGESwWVnhwls1q4iG-cZgf9O0njQnSlMt-m3YvqQiRjBevaVYM-zTqJe0N1CT7FDdv-eixby0i1kgWgKAmxn3ZZqMMWVyYffqWFhBUA3ALlUHLMl1g8U11M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Mar 2023 07:23:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIO2sr3pTu5IZA4eTs_RhOk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 033D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECbO60Vr-D1icSJMHGuzSXQ&google_cver=1

43 B
1 KB

77ms
52ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECbO60Vr-D1icSJMHGuzSXQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhiIjr3jATAB&v=APEucNU4S3ZiydFqJ_KPYSw1aPJroOwgfIPRsl6w9tlEXJ_EAre62ghr2uxr_uJEiGESwWVnhwls1q4iG-cZgf9O0njQnSlMt-m3YvqQiRjBevaVYM-zTqJe0N1CT7FDdv-eixby0i1kgWgKAmxn3ZZqMMWVyYffqWFhBUA3ALlUHLMl1g8U11M

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Mar 2023 07:23:52 GMT
AN-X-Request-Uuid: fb756b60-b780-4603-b4d9-c3f8b6a5b347
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECbO60Vr-D1icSJMHGuzSXQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 033D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDM1ODIzMTc3OTI0MjgxNw%3D%3D

170 B
243 B

23ms
22ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDM1ODIzMTc3OTI0MjgxNw%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Mar 2023 07:23:52 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5df1f526-6510-44d7-adda-ac7bd7be1032
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDM1ODIzMTc3OTI0MjgxNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD18 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6542059315562&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD18 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6542059315562&version=m202301230201&ct=119&x=1&cor=2433646401212930000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BD18 83 KB
35 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp2yPNCG-i2Tz56hGciAvyRcGV3tNQfeR281SQR_pI122eLhy7yQ-BTbHj_bMjWPTohJmp6UXpO2D4z-cRS8vUosZVYB2rl_-0r8jb-4k4TYTUC6OseRmzsEWZfMBF_7FbAUC5F78weCQ2IiO88ml5CAKl7Wcok8qkXMFaMa3Lfdpy4_Y&cry=1&dbm_d=AKAmf-BREbW954F1HqV1PqECLu-XQxocxsfSPoywz-sUyiaphjQkdbwrk_O8wIxn2m7GeGxOaswRSoS8XrWW3ZuToDIq2I5hvfIE5U3kKPZKN7PXZKNctz52UQ7wW47vtsMYTUyCk8Ri7eo1aeAjrG6HWvVJqt4cf8Ei7n4hfetfwGhiiUG9sxQVnaiR3eGPexSOExqg98KNQHqCFBMtjiNg0uUg4heDTcKvLdXJ3GZ70aqy66e1XWhM1txMS0pt_ZO2vWVwE1QSslnSv2zTMbTaDcSJToXmZLq62jN02QvKdD2cKqWqGXRyBwMuXPjvTJMEZ-dirG-jhxaNBQ2Lzda1-EsuCxe1Cnac8EBZtOMCYwzv-wTTcg2mfqcp-7GGAR4U0-GE1Fzy9ZV2BoOaQ0HCJCYhsK_Rr9Y_vg0zuZR9SL-PAE4Syt5e2d3CKO4YOqc9CiDGO8YX12hM6l9TY9AYgCeWKR4kpb_7rgTPKIwHM5nnaVxQv4MMr319j1AYrs9_TarJVQgrebwOU_xNe4nkXbX9YM7wI0Mlbf6yp_Dkr0N7M0I-2OoLoOpk8hn_UIThC5FtHBij3taHwMpvZ1S83uO3G7VJAaNG3ttw6Hc69iUwGZPb7iSwkECIG8b5CGfLcvA2_GzQfqidA0lDCKF8Ov6CFHTrzWYEFowZudThJ75hHY505KPBr4hu4DcOxd9imODz0xfNjA9DOWJSskF-NleaFo2Njt3oZHrEmyBDWgA8DY0PFu1kGSpTATomB8yve-H9zkHNZQZ_WDkxCiRgCHCc83k5yC3UhgNQv4c3kFzTsbLdY8AZituSvr5t1CgWmV89vJ5NDN2rq_Ki59oGVTHT3UY-mWGmIwDPH2_LGqoT2MPJwFJtcVSXA6J_qxWwCFGJtvkjJJ1tE7kKLsem6tvlfCrvg0qSlQhcV8GQvMIN29BVVoPNyS6rkq85wSYmg2F_Y4vnwSJuR4FwL_X4G56rKq0WFeeqPgHO3HvQ-ycpuhYsSRpo6nLCsgnADjTNTokMLV0ddVdkWSgx36tQ0luQJO_eOUhFrhQtu0RKa8U49hPbh1KTcwrFAzQlvlsQc8PpZeBv-MNoTrcUKz8229TLlkMq_LHG7r_HQbwj585W3U4dILNSPIZkRgW68MbKijD7Z7f0Ll2wZs6-EP0QzQKR90z8c7JZciYbE73nMJ8xu0SIOe5FNlcTNIS1HRsn4HCfXAePK_7j34VVHAQ6AKx4nXWMGLROlRIhG1eSlstZiI65ZSEb-K95TwcNPtZdBF7EQyEQAp5y4d0eEkwXAL0rHGbUBcUGJAqwQOXuQmNQgvgFoxlYCX2UBbIYHAyvOLMbEEg1j24oya4Lvhoellenf29SjnyWy4q2URfd9D6I9JWPiuKiiRIWnSPdvg3ko88AfzU6IAk-WPhVa9JrSO0Uw6F0pxQKfdb6PRT2x8L5g5svtm55i-EIqvpqAQy7jGNVYq_2VjlN9yC-MJJF8foIeB2BFoQ9Z2KVoUFBesolmqVz8xuI-mXpK7K0haHWwq5RedxMS9TKhw-6JUnAjIaax4DN1Vd2BqdCKiZvpNf6T36S8-ispRIrX5yysk_zey7onmoRbPVylsVNkMUEFXYQb5nCjWeFLifa3BksyErLbEyHMzMkmVpZ0Wci9ucS9azmBuje1TbSWoGel9yXvm2qLAflAeKO7xf_bIPeXovL1zqUxgJ04oWpzntwL5gkO7YDRMSkr5CCbK4rvgMpDtG95afn-9cLodVTk3TxKuno-MBRnjfvEo0eA1Yj0RaXbBJRMaY4jL7K-ic57Pn9oR3AVSmUY_F2RSQ_SUNfXeMUGMiRnEl9CIqoYPcnhhBhWX1yBwsDbWRoJHsvtmmqpn7sOgaXhTrQbOQXNvXjhKE4UQPT4xsm6Vij4-R1rYckSecKMD97Ps4X35s5lETZaUiwJH3xDpjyShJQowl9YNphup7m1YfO7v0QP7GUPADKuKBdDt-okS9QxqexsfDxnzkmwFwjKl0eMO0mQBm0kd-UkwkAzGMv8fWzmB46DAZbV_vHmiL6HwgJkdhLPch95nJD0HycgIobwTDkY7X7DZgTWGo6fMmEqyOV4e32Zn1Adij23pZ9uM3GtQCFQw4SDxlAcP41344FYmmVugp_aMJzMwzWfVFZI3b0zHIiE8MLFNj3cPD9HI8sO8xPK2bcZRWorn4LOnGBXgIQV46KbpvTPCYITmYV2HQpuzZtXVo2o_yX2Hyf_SjQ_FkWfLh9dtqUTD2RIzg6JY3mgVVWcxps7Do-AaEyGDMEAK2ndLLC4664Xg-5RILIzvtQ5HbkzgUUjhzRAm-DTTeAjHP90v08Ftj0T0P0zbq5SCqWyrYgFEVq6JnRUYG2-R4bHJGbMg_LByHSYtWw5TWzHH3OCoA2f451XtMYGI1v9ziBWJrQzBoaxS_zPASCERq4vcZDZHvMpHX4a1jGvrZPlLT9CscHoNSL5ycpJKrUzIu2Wo5QTJaak9nn_dKYzrzZLkIL7rXTSsFeENN1V2jTLULyPG7rMlOVC4QsDCLa1Cg0ym9X6FDj31xL0cLkhQb8vT6W07Rw_mcOWG3YCfajXWTI4sNqgn60b3898KpHWWMXFuXgVAhOhO_uecM98EmxO2WAaNmJIfRwR-OYxPZ5TEtdo19W1Cyrr69a1tRvqjj04USNHwWck47JoVKtldI1t6srAjGcsP5pAguiduwuM33Gl-ZSe0ziz_wMsQ7ZtyXV0pmYDZ0obKcy2qojlNOLd5xrXj5gnRlg0pLYfYiEwLmcCsFv1TTQD0zx0TRD7HBJfI1c5wWin8Hi1grtm58R3hMzf1EKhLifo9C_6UDGheDNMeXs1PEL-UhEgG0JTxHzCehG-dtCCKXWaLfszje4PeLdTmD0v_M2h8nTbGE9CvXzZqPgQ7VIsN4oGO5hVSPzBJSIQjPJ8iamNc45DS4LWF0yGEwGOVCmcGuucoGcQPGHDw8pdmCQzGsjZrPxwAHf0mfXCJWJyzEanWM2TzrA59x1_GmVyoD9xbzDlal6Rq9LmjiHtHi2mKfWmgVUE4_CmgofRpc-KVjUvrSojMpObEn7MO9xcQczP8fwajq77eyRutDEELU0fU5rgvJyr4O_3gWa09TyJP4C-xEDg1tNFehtXn7xpEzv1q4fvT_Ke7d3DqJKr_LUT9qbf4o9GmeYkDeaOp5plGUV0iONMUvEBiJxfJ0JQl2WsVRuJA7fxnTYcmWVrMgiQ4vdjNaqj7Xa0GjRCj8l7xp9TyHgd2mor5-MlZYGy3yWrRuvHEMY-JW6f6mH5YDHXxM1MIxgiqE3QAnywG81x9xvcf4totgWkai3KjjMrijyiGhGeN3fX2QmjgWAI0f7hGxXe1EMRnEtWIY570PR0cVm&cid=CAQSOwDUE5ymWZmocKbAcSenuN1pRI20f5a5a-YbQmCquerhbYF1koKqfGBNW41DYdRHhR-8S2lAFgL0ZjDVGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fquestiondekho.com%2F&ds=l&xdt=1&iif=1&cor=2433646401212930000&adk=497053795&idt=127&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41616d25f43131b000969ca5e440a2058a0cd2c3ef042c4aa99cf1132ac70fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35740
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BD18 106 KB
37 KB 49ms
12ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 12:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Mar 2023 12:06:31 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/ Frame BD18 11 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp2yPNCG-i2Tz56hGciAvyRcGV3tNQfeR281SQR_pI122eLhy7yQ-BTbHj_bMjWPTohJmp6UXpO2D4z-cRS8vUosZVYB2rl_-0r8jb-4k4TYTUC6OseRmzsEWZfMBF_7FbAUC5F78weCQ2IiO88ml5CAKl7Wcok8qkXMFaMa3Lfdpy4_Y&cry=1&dbm_d=AKAmf-BREbW954F1HqV1PqECLu-XQxocxsfSPoywz-sUyiaphjQkdbwrk_O8wIxn2m7GeGxOaswRSoS8XrWW3ZuToDIq2I5hvfIE5U3kKPZKN7PXZKNctz52UQ7wW47vtsMYTUyCk8Ri7eo1aeAjrG6HWvVJqt4cf8Ei7n4hfetfwGhiiUG9sxQVnaiR3eGPexSOExqg98KNQHqCFBMtjiNg0uUg4heDTcKvLdXJ3GZ70aqy66e1XWhM1txMS0pt_ZO2vWVwE1QSslnSv2zTMbTaDcSJToXmZLq62jN02QvKdD2cKqWqGXRyBwMuXPjvTJMEZ-dirG-jhxaNBQ2Lzda1-EsuCxe1Cnac8EBZtOMCYwzv-wTTcg2mfqcp-7GGAR4U0-GE1Fzy9ZV2BoOaQ0HCJCYhsK_Rr9Y_vg0zuZR9SL-PAE4Syt5e2d3CKO4YOqc9CiDGO8YX12hM6l9TY9AYgCeWKR4kpb_7rgTPKIwHM5nnaVxQv4MMr319j1AYrs9_TarJVQgrebwOU_xNe4nkXbX9YM7wI0Mlbf6yp_Dkr0N7M0I-2OoLoOpk8hn_UIThC5FtHBij3taHwMpvZ1S83uO3G7VJAaNG3ttw6Hc69iUwGZPb7iSwkECIG8b5CGfLcvA2_GzQfqidA0lDCKF8Ov6CFHTrzWYEFowZudThJ75hHY505KPBr4hu4DcOxd9imODz0xfNjA9DOWJSskF-NleaFo2Njt3oZHrEmyBDWgA8DY0PFu1kGSpTATomB8yve-H9zkHNZQZ_WDkxCiRgCHCc83k5yC3UhgNQv4c3kFzTsbLdY8AZituSvr5t1CgWmV89vJ5NDN2rq_Ki59oGVTHT3UY-mWGmIwDPH2_LGqoT2MPJwFJtcVSXA6J_qxWwCFGJtvkjJJ1tE7kKLsem6tvlfCrvg0qSlQhcV8GQvMIN29BVVoPNyS6rkq85wSYmg2F_Y4vnwSJuR4FwL_X4G56rKq0WFeeqPgHO3HvQ-ycpuhYsSRpo6nLCsgnADjTNTokMLV0ddVdkWSgx36tQ0luQJO_eOUhFrhQtu0RKa8U49hPbh1KTcwrFAzQlvlsQc8PpZeBv-MNoTrcUKz8229TLlkMq_LHG7r_HQbwj585W3U4dILNSPIZkRgW68MbKijD7Z7f0Ll2wZs6-EP0QzQKR90z8c7JZciYbE73nMJ8xu0SIOe5FNlcTNIS1HRsn4HCfXAePK_7j34VVHAQ6AKx4nXWMGLROlRIhG1eSlstZiI65ZSEb-K95TwcNPtZdBF7EQyEQAp5y4d0eEkwXAL0rHGbUBcUGJAqwQOXuQmNQgvgFoxlYCX2UBbIYHAyvOLMbEEg1j24oya4Lvhoellenf29SjnyWy4q2URfd9D6I9JWPiuKiiRIWnSPdvg3ko88AfzU6IAk-WPhVa9JrSO0Uw6F0pxQKfdb6PRT2x8L5g5svtm55i-EIqvpqAQy7jGNVYq_2VjlN9yC-MJJF8foIeB2BFoQ9Z2KVoUFBesolmqVz8xuI-mXpK7K0haHWwq5RedxMS9TKhw-6JUnAjIaax4DN1Vd2BqdCKiZvpNf6T36S8-ispRIrX5yysk_zey7onmoRbPVylsVNkMUEFXYQb5nCjWeFLifa3BksyErLbEyHMzMkmVpZ0Wci9ucS9azmBuje1TbSWoGel9yXvm2qLAflAeKO7xf_bIPeXovL1zqUxgJ04oWpzntwL5gkO7YDRMSkr5CCbK4rvgMpDtG95afn-9cLodVTk3TxKuno-MBRnjfvEo0eA1Yj0RaXbBJRMaY4jL7K-ic57Pn9oR3AVSmUY_F2RSQ_SUNfXeMUGMiRnEl9CIqoYPcnhhBhWX1yBwsDbWRoJHsvtmmqpn7sOgaXhTrQbOQXNvXjhKE4UQPT4xsm6Vij4-R1rYckSecKMD97Ps4X35s5lETZaUiwJH3xDpjyShJQowl9YNphup7m1YfO7v0QP7GUPADKuKBdDt-okS9QxqexsfDxnzkmwFwjKl0eMO0mQBm0kd-UkwkAzGMv8fWzmB46DAZbV_vHmiL6HwgJkdhLPch95nJD0HycgIobwTDkY7X7DZgTWGo6fMmEqyOV4e32Zn1Adij23pZ9uM3GtQCFQw4SDxlAcP41344FYmmVugp_aMJzMwzWfVFZI3b0zHIiE8MLFNj3cPD9HI8sO8xPK2bcZRWorn4LOnGBXgIQV46KbpvTPCYITmYV2HQpuzZtXVo2o_yX2Hyf_SjQ_FkWfLh9dtqUTD2RIzg6JY3mgVVWcxps7Do-AaEyGDMEAK2ndLLC4664Xg-5RILIzvtQ5HbkzgUUjhzRAm-DTTeAjHP90v08Ftj0T0P0zbq5SCqWyrYgFEVq6JnRUYG2-R4bHJGbMg_LByHSYtWw5TWzHH3OCoA2f451XtMYGI1v9ziBWJrQzBoaxS_zPASCERq4vcZDZHvMpHX4a1jGvrZPlLT9CscHoNSL5ycpJKrUzIu2Wo5QTJaak9nn_dKYzrzZLkIL7rXTSsFeENN1V2jTLULyPG7rMlOVC4QsDCLa1Cg0ym9X6FDj31xL0cLkhQb8vT6W07Rw_mcOWG3YCfajXWTI4sNqgn60b3898KpHWWMXFuXgVAhOhO_uecM98EmxO2WAaNmJIfRwR-OYxPZ5TEtdo19W1Cyrr69a1tRvqjj04USNHwWck47JoVKtldI1t6srAjGcsP5pAguiduwuM33Gl-ZSe0ziz_wMsQ7ZtyXV0pmYDZ0obKcy2qojlNOLd5xrXj5gnRlg0pLYfYiEwLmcCsFv1TTQD0zx0TRD7HBJfI1c5wWin8Hi1grtm58R3hMzf1EKhLifo9C_6UDGheDNMeXs1PEL-UhEgG0JTxHzCehG-dtCCKXWaLfszje4PeLdTmD0v_M2h8nTbGE9CvXzZqPgQ7VIsN4oGO5hVSPzBJSIQjPJ8iamNc45DS4LWF0yGEwGOVCmcGuucoGcQPGHDw8pdmCQzGsjZrPxwAHf0mfXCJWJyzEanWM2TzrA59x1_GmVyoD9xbzDlal6Rq9LmjiHtHi2mKfWmgVUE4_CmgofRpc-KVjUvrSojMpObEn7MO9xcQczP8fwajq77eyRutDEELU0fU5rgvJyr4O_3gWa09TyJP4C-xEDg1tNFehtXn7xpEzv1q4fvT_Ke7d3DqJKr_LUT9qbf4o9GmeYkDeaOp5plGUV0iONMUvEBiJxfJ0JQl2WsVRuJA7fxnTYcmWVrMgiQ4vdjNaqj7Xa0GjRCj8l7xp9TyHgd2mor5-MlZYGy3yWrRuvHEMY-JW6f6mH5YDHXxM1MIxgiqE3QAnywG81x9xvcf4totgWkai3KjjMrijyiGhGeN3fX2QmjgWAI0f7hGxXe1EMRnEtWIY570PR0cVm&cid=CAQSOwDUE5ymWZmocKbAcSenuN1pRI20f5a5a-YbQmCquerhbYF1koKqfGBNW41DYdRHhR-8S2lAFgL0ZjDVGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fquestiondekho.com%2F&ds=l&xdt=1&iif=1&cor=2433646401212930000&adk=497053795&idt=127&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:18:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4115
x-xss-protection: 0
server: cafe
etag: 1914039858798321668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:18:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame BD18 28 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 16:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10980
x-xss-protection: 0
server: cafe
etag: 17255800071175307161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Apr 2023 16:33:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BD18 41 KB
15 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 09:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Mar 2024 09:39:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E2A9 1 KB
643 B 17ms
14ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Mar 2023 17:46:38 GMT
etag: 48472445140208031
expires: Mon, 27 Mar 2023 17:46:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD18 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89c71b31b34005d9dbc73a7adac5b45c95bfba160be190fdb34877b60bc8647d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D500 22 KB
8 KB 16ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 138608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 16:53:44 GMT
expires: Sun, 24 Mar 2024 16:53:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2A9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTBkOUpzQXIxUEdIY1E1&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&google_cver=1&google_push=Aer7DvIq6RqgSC71vYsQGR-oHxPccjwoqQfGTCxyUQFKM5y...

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTBkOUpzQXIxUEdIY1E1&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&google_cver=1&google_push=Aer7DvIq6RqgSC71vYsQGR-oHxPccjwoqQfGTCxyUQFKM5y8G6muaUnrpQJHvplCtk1uWOPsIcgzg9eJCkfzjK4wNM8rhgj_qKyYPHI

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Mar 2023 07:23:51 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZTBkOUpzQXIxUEdIY1E1&google_gid=CAESEEom-V-WAVxZJgh-TkGGw-o&google_cver=1&google_push=Aer7DvIq6RqgSC71vYsQGR-oHxPccjwoqQfGTCxyUQFKM5y8G6muaUnrpQJHvplCtk1uWOPsIcgzg9eJCkfzjK4wNM8rhgj_qKyYPHI
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2A9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELJNgV7pVxZA0i0-vsd1M3k&google_cver=1&google_push=Aer7DvJLf4vY_HvsHSfiPmAl1wpYe1tRxFuW45-Cnqu8PpeN76WXEoTxH-z9IzHPpkiQizUylBajkx1tLmfcLEi7...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJLf4vY_HvsHSfiPmAl1wpYe1tRxFuW45-Cnqu8PpeN76WXEoTxH-z9IzHPpkiQizUylBajkx1tLmfcLEi7QpSEa7RfCXRjgw

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJLf4vY_HvsHSfiPmAl1wpYe1tRxFuW45-Cnqu8PpeN76WXEoTxH-z9IzHPpkiQizUylBajkx1tLmfcLEi7QpSEa7RfCXRjgw

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 27 Mar 2023 07:23:53 GMT
Server: MT3 668 4401257 master cdg-pixel-x30 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJLf4vY_HvsHSfiPmAl1wpYe1tRxFuW45-Cnqu8PpeN76WXEoTxH-z9IzHPpkiQizUylBajkx1tLmfcLEi7QpSEa7RfCXRjgw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E2A9
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFF5o8IWKrjC6ir1Vy5TOjo&google_cver=1&google_push=Aer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFF5o8IWKrjC6ir1Vy5TOjo&google_cver=1&google_push=Aer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1X...

43 B
428 B

208ms
194ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFF5o8IWKrjC6ir1Vy5TOjo&google_cver=1&google_push=Aer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ae5e3f8bfb0b954-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 74
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFF5o8IWKrjC6ir1Vy5TOjo&google_cver=1&google_push=Aer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKr2S9l6hUeJNgbEsC77BjS2EIsZ5eTaRIZGXHeMoeg2yC46Ao-d973dKFI2F_NKZr9tkkMqL7rJA2FPI15d8O3aVKUv1Xys6M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7ae5e3f77e3bb954-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2A9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPBSO1zZlNRWIzjp59NPCq0&google_cver=1&google_push=Aer7DvIchIhx-Et2uc7_g55m2HvhwWTewthrdV2GEGScsbhi2IlHj3gl4WvFbbkuZXQ0qoTUPGpT48JfFq3-lRfTx-5daVuTy5bHsDk
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CFDE06A457684A3E8A2D3CD2B115D412&google_push=Aer7DvIchIhx-Et2uc7_g55m2HvhwWTewthrdV2GEGScsbhi2IlHj3gl4WvFbbkuZXQ0qoTUPGpT48JfFq3-lRf...

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CFDE06A457684A3E8A2D3CD2B115D412&google_push=Aer7DvIchIhx-Et2uc7_g55m2HvhwWTewthrdV2GEGScsbhi2IlHj3gl4WvFbbkuZXQ0qoTUPGpT48JfFq3-lRfTx-5daVuTy5bHsDk

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Mar 2023 07:23:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CFDE06A457684A3E8A2D3CD2B115D412&google_push=Aer7DvIchIhx-Et2uc7_g55m2HvhwWTewthrdV2GEGScsbhi2IlHj3gl4WvFbbkuZXQ0qoTUPGpT48JfFq3-lRfTx-5daVuTy5bHsDk
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 26 Mar 2023 07:23:52 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E2A9 43 B
351 B 98ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBY7ipJ4Qa4trn7ZsEv5ozo&google_cver=1&google_push=Aer7DvIEqVtAUz5eEPMqHbZq4G46Ym_IX_73ZgFXPTIU-VPmm11ErdcCfdzEs47EeRhoZyuMovfyh-bAuasoVtF4bcLpycqOCR0BPlA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7575503819776315&output=html&h=280&adk=1580959786&adf=2266133671&pi=t.aa~a.4092242131~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1679901831&rafmt=1&to=qs&pwprc=4931205397&format=350x280&url=http%3A%2F%2Fquestiondekho.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1679901831896&bpp=1&bdt=1629&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D574ba1e382d86082-2207fb4b6cdd0060%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ&gpic=UID%3D00000bccbf30b78f%3AT%3D1679901831%3ART%3D1679901831%3AS%3DALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ&prev_fmts=0x0%2C332x250&nras=2&correlator=5223661186765&frm=20&pv=1&ga_vid=2040016790.1679901831&ga_sid=1679901831&ga_hid=1350762199&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=990&ady=1614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C42532090%2C44759842%2C44759875%2C44759926%2C42531706%2C44786632&oid=2&pvsid=3441926418949895&tmod=1070538480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RE2gfLJLc3&p=http%3A//questiondekho.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pl658ndjl708hddrb4g49tkcc755ttpv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2A9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM4QaoY01C43LJT1jpv_GDE&google_cver=1&google_push=Aer7DvJnz29tXyAwUFNuRtzi0J6xZqJ7kg-KhH7s2ekYlpZMCiKQkV0kpRGp8zZuC2QsOqCN9h3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZRSTZFNUwtMVctNzlDWQ==&google_push=Aer7DvJnz29tXyAwUFNuRtzi0J6xZqJ7kg-KhH7s2ekYlpZMCiKQkV0kpRGp8zZuC2QsOqCN9h3BZFzuAb75DWZQXcCL6nocmBRA3w

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZRSTZFNUwtMVctNzlDWQ==&google_push=Aer7DvJnz29tXyAwUFNuRtzi0J6xZqJ7kg-KhH7s2ekYlpZMCiKQkV0kpRGp8zZuC2QsOqCN9h3BZFzuAb75DWZQXcCL6nocmBRA3w

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZRSTZFNUwtMVctNzlDWQ==&google_push=Aer7DvJnz29tXyAwUFNuRtzi0J6xZqJ7kg-KhH7s2ekYlpZMCiKQkV0kpRGp8zZuC2QsOqCN9h3BZFzuAb75DWZQXcCL6nocmBRA3w
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2A9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDLq0AN8Qsd602AeGeTLNvg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDLq0AN8Qsd602AeGeTLNvg&google_hm=ZCFEiDg9gVPwz9ptXrD8twAAFF8AAAAB&google_nid=index&google_push=Aer7DvJa5wGylPyHhzeBMzYnEVtSGKanIn7NX...

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDLq0AN8Qsd602AeGeTLNvg&google_hm=ZCFEiDg9gVPwz9ptXrD8twAAFF8AAAAB&google_nid=index&google_push=Aer7DvJa5wGylPyHhzeBMzYnEVtSGKanIn7NXd7VcsK4w6yARpuAISpMwzjJQjuJ3SxinYc-Zbk4L0fUeCaAaefZY_PsC3nx4wimyQ

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Mar 2023 07:23:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDLq0AN8Qsd602AeGeTLNvg&google_hm=ZCFEiDg9gVPwz9ptXrD8twAAFF8AAAAB&google_nid=index&google_push=Aer7DvJa5wGylPyHhzeBMzYnEVtSGKanIn7NXd7VcsK4w6yARpuAISpMwzjJQjuJ3SxinYc-Zbk4L0fUeCaAaefZY_PsC3nx4wimyQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E2A9 0
59 B 22ms
21ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbFb87Wu7H6XrcPhiLZEQ39CDros4VgKH95uIsSaMOw_S9OubR0fMp40p6xPRF1fvm_XnH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6869575005487295488/ Frame 51A2 17 KB
4 KB 40ms
13ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

377086469e18b5fb725af10e50e0ede2f6b702f3836d24ff2bff490566986850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4272
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 04:37:24 GMT
expires: Tue, 26 Mar 2024 04:37:24 GMT
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD18 0
0 122ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-4eRY2THUfucugFxeaXNMbJoAAlYv81kJofMsFP_HHIsISWEbgZU8p_YoTuw2yttpWGaInUk-QaRNBfLoPfwFcrA6qdDXL7WyAFSccFXuS-38zIeS37Kz2fBeg0xnWDvrs6_QEwHMW2S4M0HDk2hMA1tZtwnFkV8b167StA_XzeUVndzyNa5f8Fpl18hAJWsh3JUqxdXWHmAI3Opqloe86Fm9vjXDyMMM64RXzKLN7KDeQWMk7kosH837qPTMGf0csFtCHdEXjC9QBX8RpMvaQ_PxbQPeQLONZ2V4V9PsQtGTAi2E4fTU_oJ-w8RBpV8XCIXSQI6NWjSdIXV-sFAtIJXwYY27Y8ovq7H32zjIh7LMeXhF0Vq2s5kFB7VPfRRvHqh2XpvOViXbn2mmr8fks8Q9AvurpTp7yK5WIyRhRC8Ok9TL9QO8XZPhAzz6C00rMbuI0Oe1C7cSMmFmU91TD6DuiIHA6HaFpNYqZ8J5j5MZsuB8QUQ8xglGucvyKCs3aIXsNTySP09pTWB5SRM88bJ9GKNRa3_alF-vEff2xbrkfgWsJLqnoL73VDhz8XBr9Kv4_-3-0mQfLNh0rEYYGYi7bURWNLMldAGIEa1tEbNU7lzQu1WiTLw2k3FcHkpMj6wqqj2kCCPRQJUEK8ynJ4VqV10HSlDSYXOj6CkoWIVSlw0bXIyFXyl1lqt9ZHnMu7rWwtz0vSuMUdg9ZoqHoYenX7nb3-Px55WMzfCF0pwB0PXp7WhyQBfKUXbHoFdKCbxR7TZl-laDeh9hFGnFyKXNpoexMVaH1euxco5CXpkI0385T_hxZxTsNyrldI_SeUa04jxRvSYhqo1l-xQn2WOkLniqNME0yV8DgtFfrN7D3gZnLyuDri8gKiopNgRQ3HgQEwNy39KZGTr4S9gSi_2AVyyzlxDe1EY93qaXA0PPCSlsw9j2c_e9vvluxz3Y1vtDneedyukdncQVgTjKQjj8J94LoFd0Ch9LbRAeDC_r5tmQz8YVHsncIHrBY9ZxDtS7UQuGzQ6F5nZ7S9Kok1j-CsF_B1AJYXE_5Ub3QhgLNjCagfe9tI4PtAtUgxkDgEBpCHVux0SEf2p1937immRzIxMJwe0MrGR5ooYq3_Ny3W6x6LFeofTiyzKcUb-Ou17LsukAMIf8Rn8LR5V79fmIXQ-eEF2dy_PENipPRh1_qPuhKyeARto2aW8_zuI7nt71jFwQBMJY4RJrpBZ7tCi6LSXA4g&sai=AMfl-YS5V9Nl0h34a6WdYfW7lXW3jsBiCaJ-UVTEVOYaxobyfPcSOtOhMBNwPPQXyZ9SLTOqwA1wPlhKSQlIBmz5DGIVnnEQS8dpIH2IjkN-OS1U0mSoSn_mSzjDkZO8uqa6Q3YA_BxcU4MSoI6A7Y-UwXmNdGsEKlXHkWZhMItO7ta34v8V--M7Lc6Af6wywTkV19do3O2UFF386obD0yY8JOuSAUyBgXeZWB4QvH7765q60Zt-8bTz6kMnnfYrNrqCK3_w&sig=Cg0ArKJSzKEN3NIpBT2SEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=98&cisv=r20230322.93636&arae=0&ftch=1&adurl=

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Mar 2023 07:23:52 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 27 Mar 2023 07:23:52 GMT

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame D500 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:06:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:06:40 GMT

GET
H3 200 a6fc438daf2c8cc18f7294c60eb5597b.js Show response
s0.2mdn.net/sadbundle/6869575005487295488/ Frame 51A2 57 KB
15 KB 13ms
13ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/a6fc438daf2c8cc18f7294c60eb5597b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aecc48eb93fc11fa599dbf5ba5f0411c9a8dfdff8ea03764240c5d734d35665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 22:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15831
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Mar 2024 22:23:16 GMT

GET
H3 200 9881d7df0b300d92200ebcbe31ea57a7.svg
s0.2mdn.net/sadbundle/6869575005487295488/media/ Frame 51A2 2 KB
790 B 16ms
15ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/media/9881d7df0b300d92200ebcbe31ea57a7.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8537b6920d550414d47001cd97c0f4b41d76bdc02f0eaeffef3c1a213212fa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 06:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Mar 2024 06:00:24 GMT

GET
H3 200 b6e5e1a1941f6ed1191bcbbe10cb098a.svg
s0.2mdn.net/sadbundle/6869575005487295488/media/ Frame 51A2 16 KB
5 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/media/b6e5e1a1941f6ed1191bcbbe10cb098a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f02a39ba502a1fa814fa82b8c1dfeabaab073166051ee7305d1ba9fc42aeb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5119
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Mar 2024 06:39:48 GMT

GET
H3 200 ac4848f5dbf9aff1f6f13ddd9583fb81.svg
s0.2mdn.net/sadbundle/6869575005487295488/media/ Frame 51A2 13 KB
4 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/media/ac4848f5dbf9aff1f6f13ddd9583fb81.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4549
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Mar 2024 00:08:02 GMT

GET
H3 200 a00eb48deee088245bb5d39d51e93abe.svg
s0.2mdn.net/sadbundle/6869575005487295488/media/ Frame 51A2 7 KB
2 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/media/a00eb48deee088245bb5d39d51e93abe.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c827e055a544156dae3013f2bf5637a00a6b82a5d695d7605efb4303179025e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 22:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31508
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1962
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Mar 2024 22:38:44 GMT

GET
H3 200 ae743642ee8d3d2574d130a2181831e2.svg
s0.2mdn.net/sadbundle/6869575005487295488/media/ Frame 51A2 6 KB
2 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/media/ae743642ee8d3d2574d130a2181831e2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee8651f41a2888999142535c898b4f57011ac0d55870bd523a4cd663dfcc644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 03:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1544
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Mar 2024 03:03:05 GMT

GET
H3 200 7a7b4b5508d51d47dff70a7f173c77b3.svg
s0.2mdn.net/sadbundle/6869575005487295488/media/ Frame 51A2 37 KB
11 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/media/7a7b4b5508d51d47dff70a7f173c77b3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6e13f701dde9d4c37a808e2b895f9fb7fd83c90b93bc2dd990a83541fe4a43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 13:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10834
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Mar 2024 13:59:38 GMT

GET
H3 200 59f3e15235f4882a000c976856859546.svg
s0.2mdn.net/sadbundle/6869575005487295488/media/ Frame 51A2 4 KB
1 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6869575005487295488/media/59f3e15235f4882a000c976856859546.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf331a5a040cc1a3698545e26216f9825c6987fbe5b479149b422e048f0e0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6869575005487295488/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 23:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1497
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 13:11:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Mar 2024 23:20:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD18 0
0 52ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-4eRY2THUfucugFxeaXNMbJoAAlYv81kJofMsFP_HHIsISWEbgZU8p_YoTuw2yttpWGaInUk-QaRNBfLoPfwFcrA6qdDXL7WyAFSccFXuS-38zIeS37Kz2fBeg0xnWDvrs6_QEwHMW2S4M0HDk2hMA1tZtwnFkV8b167StA_XzeUVndzyNa5f8Fpl18hAJWsh3JUqxdXWHmAI3Opqloe86Fm9vjXDyMMM64RXzKLN7KDeQWMk7kosH837qPTMGf0csFtCHdEXjC9QBX8RpMvaQ_PxbQPeQLONZ2V4V9PsQtGTAi2E4fTU_oJ-w8RBpV8XCIXSQI6NWjSdIXV-sFAtIJXwYY27Y8ovq7H32zjIh7LMeXhF0Vq2s5kFB7VPfRRvHqh2XpvOViXbn2mmr8fks8Q9AvurpTp7yK5WIyRhRC8Ok9TL9QO8XZPhAzz6C00rMbuI0Oe1C7cSMmFmU91TD6DuiIHA6HaFpNYqZ8J5j5MZsuB8QUQ8xglGucvyKCs3aIXsNTySP09pTWB5SRM88bJ9GKNRa3_alF-vEff2xbrkfgWsJLqnoL73VDhz8XBr9Kv4_-3-0mQfLNh0rEYYGYi7bURWNLMldAGIEa1tEbNU7lzQu1WiTLw2k3FcHkpMj6wqqj2kCCPRQJUEK8ynJ4VqV10HSlDSYXOj6CkoWIVSlw0bXIyFXyl1lqt9ZHnMu7rWwtz0vSuMUdg9ZoqHoYenX7nb3-Px55WMzfCF0pwB0PXp7WhyQBfKUXbHoFdKCbxR7TZl-laDeh9hFGnFyKXNpoexMVaH1euxco5CXpkI0385T_hxZxTsNyrldI_SeUa04jxRvSYhqo1l-xQn2WOkLniqNME0yV8DgtFfrN7D3gZnLyuDri8gKiopNgRQ3HgQEwNy39KZGTr4S9gSi_2AVyyzlxDe1EY93qaXA0PPCSlsw9j2c_e9vvluxz3Y1vtDneedyukdncQVgTjKQjj8J94LoFd0Ch9LbRAeDC_r5tmQz8YVHsncIHrBY9ZxDtS7UQuGzQ6F5nZ7S9Kok1j-CsF_B1AJYXE_5Ub3QhgLNjCagfe9tI4PtAtUgxkDgEBpCHVux0SEf2p1937immRzIxMJwe0MrGR5ooYq3_Ny3W6x6LFeofTiyzKcUb-Ou17LsukAMIf8Rn8LR5V79fmIXQ-eEF2dy_PENipPRh1_qPuhKyeARto2aW8_zuI7nt71jFwQBMJY4RJrpBZ7tCi6LSXA4g&sai=AMfl-YS5V9Nl0h34a6WdYfW7lXW3jsBiCaJ-UVTEVOYaxobyfPcSOtOhMBNwPPQXyZ9SLTOqwA1wPlhKSQlIBmz5DGIVnnEQS8dpIH2IjkN-OS1U0mSoSn_mSzjDkZO8uqa6Q3YA_BxcU4MSoI6A7Y-UwXmNdGsEKlXHkWZhMItO7ta34v8V--M7Lc6Af6wywTkV19do3O2UFF386obD0yY8JOuSAUyBgXeZWB4QvH7765q60Zt-8bTz6kMnnfYrNrqCK3_w&sig=Cg0ArKJSzKEN3NIpBT2SEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=268&vt=11&dtpt=167&dett=3&cstd=98&cisv=r20230322.93636&arae=0&ftch=1&adurl=

Requested by

Host: questiondekho.com
URL: http://questiondekho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Mar 2023 07:23:53 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 63ms
62ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425cb82c6ed98016be073ac5e0a855931667c8531057e935640f1a3658a07767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11360
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C4B 42 B
174 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1d9YOQ5_17XDalx-XaOkIfrLXD9gFhUBBmr4-S-PgzeYPQiAv6d8uzsgPZXx4cCZIiDNWWHNvKSLn1bU-dL19nRvcc-hFCduGdkqjsr1wr7zAybi22jBENHW0oYkT8wRsDuu2NA&sai=AMfl-YSKPRjpLkEk4Wir_9-Wes13gLsCmqf6-mhjVsMHp15srEb_E4pW6XxXlrq_ACr4XpqGO-J-WSScmZqd&sig=Cg0ArKJSzCOLG53wWZmXEAE&cid=CAQSGwDUE5ympR4Dk67htLvnqFusTUMaNDBZD8rXbxgB&id=lidar2&mcvt=1005&p=0,16,250,316&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1015902282&rs=2&la=0&cr=0&vs=4&r=v&rst=1679901831158&rpt=799&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D500 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6QOLiEQhZPOxKtqZx_APqq2J2AcAAAAAOAHgBAI&bg=!1Nel14PNAAbO2UOH7tk7ADkAdvg8WkLpcAaOyTI19a1zzC8s0LPwCIwS2m8xF5cfaGM_acKvC4TDmhvuJuYIMfIQRVfyo1umfwwCAAAAc1IAAAACaAEHmQLnJpOPSH16oGQh1kdiGhC7U7zUQnG7lNWlfokxZ207u2YAQKNnuY9F7kYn334pQvC15R0VpcT2vYSjxmvEt8k5rleMkqaBFRs5TqV4GkLqw6AIeHzFJ9A5vY43e-8qJJjB8iNj4UiLUhz7GqiekBfxXEVsNEAh6dYcpYzS9k2dEncMwPsvJB27KLMmaqWZ-oIwBYNlQfJlasXFr9mGXi9Yt33BCuR4GrS-6RTg71T7Mn5pzh9LMREzwRwFh3_X3tztta8vZys_tToviUbRrT5qqu9rxBbV0QrJOigTnOJE0VybpCMydTvXJ-KvLSisdpid4nFgRq6490Qpc0TpZJ57TMksO0q5t3hQ9K76E0I17eywKqDXSxCKw6MIsHokoTIuXLD2gYSytlH1YepjZXNKNrt3AG-vhLfSEMrDwKnkNSrylAxnIwUCJl9iQHVqCV2UDmrUORYZ0ARkTIYjLMFnb2f4LxoVOX9zlniT9wvWG5-meyIUbo0AP6fqud8y65j7Ml5ZfPl1L5f1ytKAfcR9uu2C5rF5DHp34nxrDaLfK8KTePSBZMgjgzmbaWjHk_FoBq1oM6sfSTarJfSO-Mf2uCXuGeLTYGY6aHWZIa3_VwvFuhgRsZZK3WmsPs2AipMXPHvaot6l6TR3ZHZoU5Eo-96BPsMhqHvX2UkM9sRIOt_M00o8BfedgBFzPWKK3py1bbyMD69AmWNNHetKrTokAkA5VDYIS0JKVmEtbww8ABph-6wuxNYBwQHO7zd7m73ULbkruNfinAbM3hg-IPPVQkVrIAnqbpZI0adxECaqm_Yov2jSS0-qjA_0dohVHUpWM0Lu4deeFk72YxZkw9vuWUNrNDDT_XWZjJnZJ0JXpe4WvS2waxN5bY5movn54_XRuHeSuAzJaCNJ-WtVhBtNyvgOdfpHldk_NCe-MpsV8Ox97XwDEMPSBpeiUMMKEkSQinUuI-ZM7WY97e67WnXOEUjByCTPCyc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 07:23:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 153A 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 06:59:50 GMT
expires: Tue, 26 Mar 2024 06:59:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1423 783 B
536 B 25ms
25ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

384ef7a41fc355d1f22bed8e80a32ad73858fb5315fed9e0077a7e50cb5cfba8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OVEdj12Fm934a4mwc8qBpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://questiondekho.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-OVEdj12Fm934a4mwc8qBpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 07:23:53 GMT
expires: Mon, 27 Mar 2023 07:23:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 153A 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 17:06:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 17:06:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1423 0
0 49ms
48ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230322&jk=3441926418949895&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 153A 0
11 B 13ms
12ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ACogiw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:23:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF1C 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvu85h7ubN7C5jB_4j39n21XHjfF3RTYKauFYvGjCSjpkmLw3A7nVl5sm682QLegBJBRcgwseH-8voIlWm0nL-XBi0na__rM1kznTsAfg64J4GkLC6lYGk_UW8k2QYRAopORybRrg&sai=AMfl-YQQm7W8urT7vqe7AFhdXVNev7XCAXhtqyFiBstth2SZfZg6qleQHPlpdtCI2V9tKZMfvCJWgk_sKDl_&sig=Cg0ArKJSzNMQxaVSlsp5EAE&cid=CAQSGwDUE5ymCxSwJgMuNHyT4zyOsp_mvDHKlKSoChgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1679901832054&rpt=246&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0FEC 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrG9WyQxm02FqeSJrHh-wjNEeJ-QtD7XxJ4RwHWK_wD6PCYIc_kpd1aAJn9_TQPo260pEeZbLXLiXdEs-K-oYcnQCTrNv7v-EwRnQIMGWG-JKgbO2F2plfts2a5vtLh7UcheAWAA&sai=AMfl-YSQ559Nvm7oN6nMURrpaemySHo0lUmIHoc5dlWqbP0dXZcUwKTAzR_em-nCAokOeodLFP_UUkE6PdIn&sig=Cg0ArKJSzLEXdQ2LJgINEAE&cid=CAQSGwDUE5ymCxSwJgMuNHyT4zyOsp_mvDHKlKSoChgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1679901832058&rpt=267&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26E2 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstApeSHfRmdflqjpPr4t-yf47W4JuOK2V61qi4-z9TOh5FRBBhgSR3hn4Ih_6YqaiHU2_6pGx9-dZer4rBHTHqmrMWjeWp5AgW3egru1cz-ZMX2joSp9wpNJCI5zxgCBnxSy7W3_w&sai=AMfl-YTX5T4lylO5O_T3y38sISeYHm5CisxxdU2CdQLh4_3I9DwrSR0xiGDFUFK8OGDEYnifttDyP3So422q&sig=Cg0ArKJSzKLA06eA3X4gEAE&cid=CAQSGwDUE5ymCxSwJgMuNHyT4zyOsp_mvDHKlKSoChgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=125,806,1000,1133,1256&tos=125,681,194,133,123&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1679901832044&rpt=170&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
50ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=3441926418949895&bg=!Pj2lPWnNAAbO2UOH7tk7ADkAdvg8Wi4yG6WM-3zXO_sMTHszjoFa7kylkav4pbEh2foqP17PBjng-wlsL26iC66KQBM55CS3T_kCAAAAYlIAAAAEaAEHCgBIBHd6jJ49HiLIVLFcIEYoBGkkQREX6iLninLJCgmC6bMPmS4iph3MJRmDRbPhFGZ9Y_huIZziPMn8mHc44E9xfUczTFKtERn1mQKhorRLC_gRE_IfB1s7kLfcwBbwwrV1AHvX8ExQh0Dko3ASKi3vfreV1lYtCs7HLpy-f6mcC96-dKbdr7ZmO5J_3IV5DOHFRFqqbHHPY6zCOAsDFabW51hczO1efsf8qr2norJx2voP43U1GjPm6-G1PtmScD9SG4k8DI9mTVoDVED53emw42ITfMCcfusXocDYoiNCpFvoAJ1cdSc7vY6fhz8CMFaickuEXt6yo0R1kS3trE3q-WafvCxRs8y-4YWWTQfKj01MDgS0st0nSMPgzPbty5f95ia-_uzypKmGJNQz24A_VzpcorwCB9_nCsyR7MGsY7GU-QRXsTddIA5dAqkKRPbfwja3TAchv_EYY-SC9NanpkH3ufxhdtsQUakFanz0SEx_S1qoufIdeJIisdZc5zMbbq8cf_FsxWg51NGZ4jMMbHeQssfehT_VbLskHQveju4_WlX9EzsBPHlbcK977epiO6RHyWaq6UxepnJrkRhahXbgu_KN7W6ckjw4StDqhCfc6d0KYnHUUDAGdhHYJxvdTcTU_LUEhab1x1bekLhxPNRF57cGE-pgCtkqO6MTr4_YqTPNRZ0St9nWt1vmoQwf-Fvw8bg_KHT1FEyjgywF4wiIx4JY6HuZKz7HqanoTSrVpuwcyZ_WFCsIxaq5a7Xr-fa1exdj6ieBhZFsqxQWJogVmCAgH5xcJXkaHKLPkBHvStKWISqhNoe85Umz7q_zCS18nUHPbB9bJr1TyzXMAf9DiyXcdt7UN6r28n5zDBC6MTc61JympAAL3GdmZ7Db8KwRjohRaRwMXKBVIY05lfKP6VQ3wUp7ZmWQNsyKW87ABKqVtmm6oN4_0gaEBKTUQXSgYYcH8jRXnw15PPumFtE2uMJb6v3ciuMY2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://questiondekho.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD18 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6542059315562&version=m202301230201&ct=119&x=1&cor=2433646401212930000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 07:23:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-20 10:38:26	Name: m Value: 1
.dtscout.com/	1970-01-20 10:38:36	Name: oa Value: 1
.dtscout.com/	1970-01-20 13:02:21	Name: df Value: 1679901831
.questiondekho.com/	1970-01-20 19:59:57	Name: __gads Value: ID=574ba1e382d86082-2207fb4b6cdd0060:T=1679901831:RT=1679901831:S=ALNI_MZPdnAgz_1Y8SxI0i62TSMOEXowWQ
.questiondekho.com/	1970-01-20 19:59:57	Name: __gpi Value: UID=00000bccbf30b78f:T=1679901831:RT=1679901831:S=ALNI_Mb7C8Pg9hcglZ4-zWQh-2Zu4xZ-xQ
.doubleclick.net/	1970-01-20 19:59:57	Name: IDE Value: AHWqTUnsCpEmlVPiqJ3UYQStTgbTgx2Cv0YbA9tCwRU9Qbi4Gal1vnXtaLzqP7cT3B0
.doubleclick.net/	1970-01-20 10:38:25	Name: DSID Value: NO_DATA
.adtriba.com/	1970-01-20 20:14:21	Name: atbgdid Value: 7e920c16-96b1-47e1-96d9-52caa1ee8d42
.adnxs.com/	1970-01-20 12:47:57	Name: uuid2 Value: 6324358231779242817
.casalemedia.com/	1970-01-20 19:23:57	Name: CMID Value: ZCFEiDg9gVPwz9ptXrD8twAA
.casalemedia.com/	1970-01-20 12:47:57	Name: CMPS Value: 5215
.casalemedia.com/	1970-01-20 12:47:57	Name: CMPRO Value: 5215
.adnxs.com/	1970-01-20 12:47:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$G?Z-)8!@wnfH8K6pQK`!5=E<*L5?%KBfpy?g]DYxc3NgeEgPf^J_rs%_>s]WnJ[r7[9RFMZ9T5_m!x'Wq)M@d_
.w55c.net/	1970-01-20 20:10:02	Name: wfivefivec Value: e0d9JsAr1PGHcQ5
.simpli.fi/	1970-01-20 19:25:24	Name: suid Value: CFDE06A457684A3E8A2D3CD2B115D412
.w55c.net/	1970-01-20 11:21:33	Name: matchgoogle Value: 5
.mathtag.com/	1970-01-20 20:04:17	Name: uuid Value: 14026421-4489-4000-bc06-779564b82d28
.mathtag.com/	1970-01-20 11:21:33	Name: mt_mop Value: 4:1679901833
.tribalfusion.com/	1970-01-20 12:47:57	Name: ANON_ID Value: amnsIHy4ZawFBA9MAJP7aYEZbRUyquN8PSPyVW3ZavEZdW2ZaMnO4I5Yjbb7pdplZcoaFYGv8RPF1Gbr9ofbYdvgZc3eOiL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.tynt.com
cm.g.doubleclick.net
d.adtriba.com
de.tynt.com
dsum-sec.casalemedia.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ic.tynt.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
questiondekho.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
ssum-sec.casalemedia.com
static.doubleclick.net
sync.mathtag.com
t.dtscout.com
tpc.googlesyndication.com
um.simpli.fi
waust.at
whos.amung.us
www.google.com
www.googletagservices.com
www.gstatic.com
111.118.215.156
142.250.181.226
142.250.185.130
172.64.151.83
185.29.134.244
185.80.39.216
185.89.210.244
2606:4700:10::ac43:88d
2606:4700:20::ac43:4739
2606:4700:21::8d65:780b
2606:4700::6812:18ad
2a00:1450:4001:800::200e
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
3.123.59.105
3.65.4.114
34.91.62.186
35.186.253.211
67.202.105.31
67.202.105.33
69.173.144.138
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11f1414c6342d8a5a5124286921298b09b1e776f0aae7bbc4c83b96685166019
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15eaeb49112cb71de08a452c992fed4d87476508ede572843ab40ef34d254ebf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f02a39ba502a1fa814fa82b8c1dfeabaab073166051ee7305d1ba9fc42aeb6
299242bce6465264db6504357b7b955936ee5311996445a40cf9dad41e053890
2bec5840d9b242697e55419e2af7a57d5d2f2245d8b55ae80ebc4cf244e4ae78
2eda345a804a56a0afdcb9cd75c7f680b36950233429fbb65cec3fd51268ff6d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
377086469e18b5fb725af10e50e0ede2f6b702f3836d24ff2bff490566986850
384ef7a41fc355d1f22bed8e80a32ad73858fb5315fed9e0077a7e50cb5cfba8
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3ef63d41549fbeab1407f8697efa49fc347884e3f8b27818c52620f08f66d642
41616d25f43131b000969ca5e440a2058a0cd2c3ef042c4aa99cf1132ac70fa1
41e07f5aa74582dc1959930998036e6b8f88c10d1fa18dd99f6c0c9fe40eb5c0
425cb82c6ed98016be073ac5e0a855931667c8531057e935640f1a3658a07767
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4aecc48eb93fc11fa599dbf5ba5f0411c9a8dfdff8ea03764240c5d734d35665
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
53c39756f2337a39bc09852958b81eca878f9cb73a6fb384498df9f372aa22e9
54d3ca3e8d4e9d94a3295911b8d2c0505ad898941f24554fb23b0607ccc13ead
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571ef060d1196b5bfd1c457ad458328367a9c2f59bde00a0e106a20bb3128949
5c87c8f1aa8e2d6353d469866871ad8c1d3008cd040bb4956295d61fc4b993a4
5ce6dbb9f462d9a2e5c172c72fd2fb0e880f57a349afd821ecef0c97edda915e
5ee8651f41a2888999142535c898b4f57011ac0d55870bd523a4cd663dfcc644
5fdd5c2d5f69393afd852c1945b13560c6bb399c1c275dbb2b8045704b023f51
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
7157d26f3067dc7d90b2076a0d7181365046fbffe59447ed9cfae3d2aab6a5bf
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
7d4600bc096adb79f155c88ba9d143a454ed023e36b027a2c9ab23a0f35f0c33
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
8537b6920d550414d47001cd97c0f4b41d76bdc02f0eaeffef3c1a213212fa78
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
89c71b31b34005d9dbc73a7adac5b45c95bfba160be190fdb34877b60bc8647d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8af9b9379db6cb66ae9f96c03c55a8d256b1267dc74ee337ebb94aff75c40e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3501a3f0a7b6bc47f9f81c7be85b3603816fe2d3026ab4b396127ed9eb8895c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1804777ba20dafab3f354093af8b20442bec0eb61b2d34ea8a735a3bfefa278
b7e98f434c6ff5fbb5a84019b7ccde3a323455034ff8dcd201a7bcfdabd5b9b7
bb8cf9bf722295e2a48de24cc0358d87a2757f109cac4737a3e3e1d907b45e5a
bc7b208d1d9fb1be615730d5b3b322f9c0de8e613d0c6dde8fe0315f28984548
bcead1c038981a1f39a9224ec429358e697fd36dc920658770ec8dfbd33fb745
bee88fad510c267019bd87038fd30b9f8fc9e67cb5654b79d2558e906078f381
bf93beae9c9085751b9dcb838aa90ec6cf8f6574209fc51e5b28c03c5adc6dd4
c6e13f701dde9d4c37a808e2b895f9fb7fd83c90b93bc2dd990a83541fe4a43d
c827e055a544156dae3013f2bf5637a00a6b82a5d695d7605efb4303179025e3
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbf2e39014ab01a6e3103598525d7739fe548f755c5b1de72cf70f942f2cdc32
cbf331a5a040cc1a3698545e26216f9825c6987fbe5b479149b422e048f0e0e9
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf613b4d30e323b9c9e0d25320225643cd2ad1dca73186ada1c0a47d290ba918
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d5bbad916e1cb3ac783edb5f862190cc83c06ee0a12bb9dcd982b5d27ae83477
d5c729afa086eac1b1a9c50ffdfe22513894a26b31e2da16758aef5833f41823
d7d473c36ca04209b98d2e2427d830a4fb0e5d3727c7d595005710ada6462704
dbce5f8be65ceb1141bc2f5c952b8dae03df3b54b95a782598ec42c19680ad9e
ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee9ce6d4a4b227c67e13a20dcf2b47d96dd996d5909925bb13b8bdc6c917c092
eeb226d6b4c6a0eb2fc02bdd3e6f1cd1031caea12e730650d0c8f03765acc48a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293
fc6a59a5e5379232a8c84b55c80345068b71615e1a4388b7e1cb29a7b96d1a31

questiondekho.com Open in urlscan Pro 111.118.215.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

141 Requests

79 %HTTPS

58 %IPv6

24 Domains

36 Subdomains

30 IPs

6 Countries

1551 kBTransfer

3809 kBSize

19 Cookies

1 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

questiondekho.com Open in urlscan Pro
111.118.215.156 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

79 %
HTTPS

58 %
IPv6

24
Domains

36
Subdomains

30
IPs

6
Countries

1551 kB
Transfer

3809 kB
Size

19
Cookies

141 HTTP transactions
7 data transactions