onexamsalert.com Open in urlscan Pro
2606:4700:30::6812:39f4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onexamsalert.com/
Submission: On September 29 via automatic, source certstream-suspicious (September 29th 2018, 8:40:27 pm UTC)

Summary HTTP 42 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 42 HTTP transactions. The main IP is 2606:4700:30::6812:39f4, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is onexamsalert.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 29th 2018. Valid for: a year.

This is the only time onexamsalert.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:30:... 2606:4700:30::6812:39f4	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2400:cb00:204... 2400:cb00:2048:1::6810:cea5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
16	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
42	9

14 2606:4700:30::6812:39f4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

onexamsalert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6810:cea5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	onexamsalert.com onexamsalert.com	80 KB
9	googlesyndication.com pagead2.googlesyndication.com	126 KB
7	doubleclick.net googleads.g.doubleclick.net
4	gstatic.com fonts.gstatic.com	40 KB
2	google-analytics.com www.google-analytics.com	16 KB
2	onesignal.com cdn.onesignal.com onesignal.com	69 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagmanager.com www.googletagmanager.com	27 KB
1	googleapis.com fonts.googleapis.com	1007 B
42	10

	Domain	Requested by
14	onexamsalert.com	onexamsalert.com
9	pagead2.googlesyndication.com	onexamsalert.com pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	fonts.gstatic.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com onexamsalert.com
1	onesignal.com	cdn.onesignal.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	onexamsalert.com
1	cdn.onesignal.com	onexamsalert.com
1	fonts.googleapis.com	onexamsalert.com
42	11

This site contains links to these domains. Also see Links.

Domain
ronangelo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-09-29` - `2019-09-29`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
ssl473492.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-14` - `2019-02-20`	6 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://onexamsalert.com/
Frame ID: C6C451C3207CD98D1838289988A107BF
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/zrt_lookup.html
Frame ID: B071821D1B1513FB0B490DCC2033F35D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 6917EE81C6644D7F59ABB2828EBEE9D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=130&slotname=6053173589&adk=4246843200&adf=3025194257&w=1200&lmt=1538253616&rafmt=11&guci=1.2.0.0.2.2.0&format=1200x130&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&wgl=1&adsid=NT&dt=1538253616463&bpp=24&bdt=933&fdt=24&idt=191&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&correlator=2297911734451&frm=20&pv=2&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=205261548543&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=1024648102&ifi=1&fsb=1&xpc=QQTWoWXej8&p=https%3A//onexamsalert.com&dtd=206
Frame ID: 3569936C37F7A0E8F7FFBB9DA125F1C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 0D1B59A3035BE2A32B7BD38C4F9FC1DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=127&slotname=6053173589&adk=3749396932&adf=926742899&w=730&lmt=1538253616&rafmt=11&guci=1.2.0.0.2.2.0&format=730x127&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&wgl=1&adsid=NT&dt=1538253616518&bpp=6&bdt=987&fdt=161&idt=164&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=1132&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=865250365&ifi=2&fsb=1&xpc=BCW78Zr0CJ&p=https%3A//onexamsalert.com&dtd=168
Frame ID: 1F3B255ECEFE8E65EA73D544DE46BF05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 330C5CA7528DC432428ED18DE92C40D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=90&slotname=3639898702&adk=1650959961&adf=2786929269&w=730&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=730x90&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=730&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616569&bpp=6&bdt=1039&fdt=131&idt=132&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=1865&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3542294308&ifi=3&fsb=1&xpc=A9bcjktBUF&p=https%3A//onexamsalert.com&dtd=137
Frame ID: 4ED25C5C8ED9772D3F83A4D7117ACC18
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 8DC14B9F4A77445CC24855202411F810
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=90&slotname=3639898702&adk=1650959961&adf=3327960623&w=730&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=730x90&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=730&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616587&bpp=7&bdt=1057&fdt=154&idt=156&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=2679&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3542294308&ifi=4&fsb=1&xpc=ZjROsgFPpt&p=https%3A//onexamsalert.com&dtd=161
Frame ID: 076FFBF7A9626FBFCD0FBF1F5DAA9949
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 9270085A81EB9404174B6DE4EAB336D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=600&slotname=3639898702&adk=3296958344&adf=4259140423&w=226&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=226x600&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=226&resp_fmts=4&wgl=1&adsid=NT&dt=1538253616594&bpp=6&bdt=1064&fdt=169&idt=171&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90%2C730x90&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1188&ady=225&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=598472353&ifi=5&fsb=1&xpc=UEjJDR2Cc1&p=https%3A//onexamsalert.com&dtd=176
Frame ID: 8B7B35D746EB7FA0642DBFE1F120B97F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: D4C048E33D821A254C6E3813E4435DDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=60&slotname=3639898702&adk=3240073448&adf=2343817851&w=583&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=583x60&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=583.047&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616621&bpp=8&bdt=1090&fdt=164&idt=165&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90%2C730x90%2C226x600&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=2862&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=638811875&ifi=6&fsb=1&xpc=xqWjvmeaCs&p=https%3A//onexamsalert.com&dtd=169
Frame ID: 310BF811E0E14A71935E1D28EC1C2174
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i
meta generator /WordPress( [\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i
meta generator /WordPress( [\d.]+)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

42
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

11
Subdomains

9
IPs

2
Countries

360 kB
Transfer

2042 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ronangelo.com/frontier/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onexamsalert.com/ 26 KB
7 KB 1888ms
1859ms Document
text/html 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.2.6
Resource Hash: dbdefc9b5ca437f92fd07489a173b0bccb905e752a31eb01df869c876d0a59fd

Request headers

:method: GET
:authority: onexamsalert.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sat, 29 Sep 2018 20:40:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613; expires=Sun, 29-Sep-19 20:40:13 GMT; path=/; domain=.onexamsalert.com; HttpOnly; Secure
x-powered-by: PHP/7.2.6
link: <https://onexamsalert.com/wp-json/>; rel="https://api.w.org/", <https://onexamsalert.com/>; rel=shortlink
vary: Accept-Encoding,User-Agent
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4621437d6cbbbf02-FRA
content-encoding: gzip

GET
H2 200 styles.css
onexamsalert.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
759 B 692ms
689ms Stylesheet
text/css 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 07 Sep 2018 07:19:25 GMT
server: cloudflare
etag: "cac1384-6cf-57542d3c90165-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891ef7bf02-FRA
content-length: 671
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
S 200 css
fonts.googleapis.com/ 10 KB
1007 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.8

Requested by

Host: onexamsalert.com
URL: https://onexamsalert.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

8d3942f11e6d6bc62e350790f447508f36ad3721424c85227f5b9a98531aa740

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
last-modified: Sat, 29 Sep 2018 20:40:15 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 29 Sep 2018 20:40:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Sat, 29 Sep 2018 20:40:15 GMT

GET
H2 200 genericons.css
onexamsalert.com/wp-content/themes/frontier/includes/genericons/ 28 KB
16 KB 901ms
898ms Stylesheet
text/css 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.2
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

:path: /wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.2
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Jul 2018 10:36:25 GMT
server: cloudflare
etag: "cac0146-6e71-5711b66be9c6d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891ef8bf02-FRA
content-length: 16451
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 style.css
onexamsalert.com/wp-content/themes/frontier/ 26 KB
6 KB 674ms
672ms Stylesheet
text/css 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/themes/frontier/style.css?ver=1.3.2
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe62e6d9252eeaf204e5bafbe121841069b2921c673ae4a52d2df5ba84ed1d0

Request headers

:path: /wp-content/themes/frontier/style.css?ver=1.3.2
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Jul 2018 10:36:25 GMT
server: cloudflare
etag: "cac0135-6641-5711b66be949d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891ef9bf02-FRA
content-length: 6196
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 responsive.css
onexamsalert.com/wp-content/themes/frontier/ 3 KB
893 B 698ms
695ms Stylesheet
text/css 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/themes/frontier/responsive.css?ver=1.3.2
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aabae36ee035e2a84ff6a04748907168e13730fad56b390a6198f1bd7e701e6

Request headers

:path: /wp-content/themes/frontier/responsive.css?ver=1.3.2
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Jul 2018 10:36:25 GMT
server: cloudflare
etag: "cac016c-ce8-5711b66beac0d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891efabf02-FRA
content-length: 805
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 jquery.js Show response
onexamsalert.com/wp-includes/js/jquery/ 95 KB
33 KB 831ms
828ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 23 May 2016 09:00:29 GMT
server: cloudflare
etag: "cac0c27-17ba0-5337eac0d4540-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891efbbf02-FRA
content-length: 33766
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
onexamsalert.com/wp-includes/js/jquery/ 10 KB
4 KB 666ms
663ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: cloudflare
etag: "cac0c21-2748-5333ff613c400-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891efcbf02-FRA
content-length: 4014
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
S 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 333 KB
67 KB 41ms
8ms Script
application/javascript 2400:cb00:2048:1::6810:cea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e85454a8010f2dd33e8feea0a0048a57a9fb999a983e939a7152bc0faecdfc8a

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Sep 2018 23:16:21 GMT
server: cloudflare
etag: W/"5baeb645-53596"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 462143894a0a2756-FRA
expires: Tue, 02 Oct 2018 20:40:15 GMT

GET
S 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 73 KB
27 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: onexamsalert.com
URL: https://onexamsalert.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4c98ba9fcd2e7c8a9417933865a2ac9d733af6d14c848e1a83fda13fa461445d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27479
x-xss-protection: 1; mode=block
server: cafe
etag: 9435517286743240179
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Sep 2018 20:40:15 GMT

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 77 KB
27 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122331840-1

Requested by

Host: onexamsalert.com
URL: https://onexamsalert.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

798b05869a75ca4d4adb333e3be03be88a2cd0f0401c8e5b6358664729a1692a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:15 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28031
x-xss-protection: 1; mode=block
expires: Sat, 29 Sep 2018 20:40:15 GMT

GET
H2 200 email-decode.min.js Show response
onexamsalert.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
854 B 9ms
7ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://onexamsalert.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: onexamsalert.com
URL: https://onexamsalert.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:15 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 27 Sep 2018 15:10:11 GMT
server: cloudflare-nginx
etag: W/"5bacf2d3-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800 public
cf-ray: 462143891efdbf02-FRA
expires: Mon, 01 Oct 2018 20:40:15 GMT

GET
H2 200 scripts.js Show response
onexamsalert.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 678ms
677ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 07 Sep 2018 07:19:25 GMT
server: cloudflare
etag: "cac1393-3976-57542d3c90935-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891efebf02-FRA
content-length: 4047
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 js.cookie.min.js Show response
onexamsalert.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 2 KB
988 B 699ms
698ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=2.1.3
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11aade4adaa06539cc52a2d6b439026b74a576f07c34f058f2ee42e9950c5917

Request headers

:path: /wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=2.1.3
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Jul 2018 11:11:40 GMT
server: cloudflare
etag: "cb212fd-6be-5711be4d7a9d1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891effbf02-FRA
content-length: 901
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 jquery.iframetracker.min.js Show response
onexamsalert.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 3 KB
1 KB 710ms
709ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=1.1.0
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 366367adeb95c7e75307d2b178fa5e874b69154949c0671b1ac5cc98b9727692

Request headers

:path: /wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=1.1.0
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Jul 2018 11:11:40 GMT
server: cloudflare
etag: "cb212f7-ad9-5711be4d7a9d1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891f01bf02-FRA
content-length: 1075
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 aicp.min.js Show response
onexamsalert.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 580 B
469 B 687ms
686ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726260c9b091c826c58bc2db819b092f1792b8afa8d126beb2d06c8ffcb80963

Request headers

:path: /wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 Jul 2018 11:11:40 GMT
server: cloudflare
etag: "cb212fa-244-5711be4d7a9d1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891f02bf02-FRA
content-length: 358
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 wp-embed.min.js Show response
onexamsalert.com/wp-includes/js/ 1 KB
863 B 706ms
705ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=4.9.8
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2016 13:38:33 GMT
server: cloudflare
etag: "cac0c07-576-541f8014be840-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143891f03bf02-FRA
content-length: 751
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
onexamsalert.com/wp-includes/js/ 12 KB
4 KB 710ms
710ms Script
application/javascript 2606:4700:30::6812:39f4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://onexamsalert.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by: Host: onexamsalert.com
URL: https://onexamsalert.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:39f4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
pragma: no-cache
cookie: __cfduid=d534e68281c946188f715cf73d1f398c41538253613
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: onexamsalert.com
referer: https://onexamsalert.com/
:scheme: https
:method: GET
Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 09 Aug 2018 14:17:11 GMT
server: cloudflare
etag: "cac0c99-2efa-57301487e4443-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 462143897f72bf02-FRA
content-length: 4382
expires: Sun, 30 Sep 2018 00:40:16 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=onexamsalert.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:811::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=onexamsalert.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9f55b181378c94e197cc7465d07ce2fcfc75b8430a3c2d97c9604c43b31518af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.8
Origin: https://onexamsalert.com

Response headers

date: Fri, 31 Aug 2018 16:10:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:04 GMT
server: sffe
age: 2521782
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10740
x-xss-protection: 1; mode=block
expires: Sat, 31 Aug 2019 16:10:34 GMT

GET
S 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a319525d284a6601f494a8c32f74f8fdc2ec75cb1d5fda04b774dac68d15dc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.8
Origin: https://onexamsalert.com

Response headers

date: Fri, 21 Sep 2018 10:17:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:19 GMT
server: sffe
age: 728575
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10688
x-xss-protection: 1; mode=block
expires: Sat, 21 Sep 2019 10:17:21 GMT

GET
S 200 P5sMzZCDf9_T_10ZxCFuj5-v.woff2
fonts.gstatic.com/s/arimo/v11/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v11/P5sMzZCDf9_T_10ZxCFuj5-v.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e217c1eec8def8665e6e8f96bb4f6d3ef8e5a2b75a046cce8b0a34515bcffe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.8
Origin: https://onexamsalert.com

Response headers

date: Fri, 31 Aug 2018 10:04:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:26:54 GMT
server: sffe
age: 2543769
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9376
x-xss-protection: 1; mode=block
expires: Sat, 31 Aug 2019 10:04:07 GMT

GET
S 200 P5sBzZCDf9_T_1Wi4TRDrZKF09E3.woff2
fonts.gstatic.com/s/arimo/v11/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v11/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

20c32db9f1d6493e57d9d9ad4d7bf923ce3eb1bf0e42d289291ff516d5d74df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=4.9.8
Origin: https://onexamsalert.com

Response headers

date: Fri, 31 Aug 2018 10:00:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:31:17 GMT
server: sffe
age: 2544013
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9336
x-xss-protection: 1; mode=block
expires: Sat, 31 Aug 2019 10:00:03 GMT

GET
S 200 ca-pub-7909527711935734.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
244 B 66ms
66ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7909527711935734.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Sep 2018 00:22:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 30 Sep 2018 08:40:16 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/ Frame B071 0
0 11ms
7ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20180924/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onexamsalert.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onexamsalert.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 24 Sep 2018 19:27:57 GMT
expires: Mon, 08 Oct 2018 19:27:57 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 436339
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 6917 196 KB
73 KB 38ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74272
x-xss-protection: 1; mode=block
server: cafe
etag: 7811001293577937216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
S 200 web Show response
onesignal.com/api/v1/sync/f35b686c-18a6-4405-9732-ceeafc3df8cb/ 3 KB
2 KB 472ms
448ms Script
text/javascript 2400:cb00:2048:1::6810:cea5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/f35b686c-18a6-4405-9732-ceeafc3df8cb/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:cea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.2

Resource Hash

29b5aafe55f658fc9c3ada0856e9281e354ce4318d053ce72b901d660f198f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Phusion Passenger 5.3.2
status: 200, 200 OK
x-xss-protection: 1; mode=block
x-request-id: e1aa9645-ebc2-430f-ba14-677c3e7e3ec2
x-runtime: 0.101937
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 4621438f5dd52756-FRA
access-control-allow-headers: SDK-Version

GET
S 200 analytics.js Show response
www.google-analytics.com/ 39 KB
16 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122331840-1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Sep 2018 23:12:19 GMT
server: Golfe2
age: 3670
date: Sat, 29 Sep 2018 19:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16173
expires: Sat, 29 Sep 2018 21:39:06 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
111 B 16ms
16ms Image
image/gif 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1339821373&t=pageview&_s=1&dl=https%3A%2F%2Fonexamsalert.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Government%20Exam%20Alert%20%7CResults%7C%20%7CAdmit%20Cards%7C%20%7CGK%20-%20No%201.Jobs%20Portal%20%7C%20Free%20Alert&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1044875335&gjid=349543342&cid=1253010945.1538253617&tid=UA-122331840-1&_gid=632689501.1538253617&_r=1&gtm=u9o&z=636938904

Requested by

Host: onexamsalert.com
URL: https://onexamsalert.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Sep 2018 20:40:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3569 0
0 163ms
162ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=130&slotname=6053173589&adk=4246843200&adf=3025194257&w=1200&lmt=1538253616&rafmt=11&guci=1.2.0.0.2.2.0&format=1200x130&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&wgl=1&adsid=NT&dt=1538253616463&bpp=24&bdt=933&fdt=24&idt=191&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&correlator=2297911734451&frm=20&pv=2&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=205261548543&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=1024648102&ifi=1&fsb=1&xpc=QQTWoWXej8&p=https%3A//onexamsalert.com&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7909527711935734&output=html&h=130&slotname=6053173589&adk=4246843200&adf=3025194257&w=1200&lmt=1538253616&rafmt=11&guci=1.2.0.0.2.2.0&format=1200x130&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&wgl=1&adsid=NT&dt=1538253616463&bpp=24&bdt=933&fdt=24&idt=191&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&correlator=2297911734451&frm=20&pv=2&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=205261548543&dssz=34&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=1024648102&ifi=1&fsb=1&xpc=QQTWoWXej8&p=https%3A//onexamsalert.com&dtd=206
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onexamsalert.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onexamsalert.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 29 Sep 2018 20:40:16 GMT
server: cafe
cache-control: private
content-length: 384
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Sep-2018 20:55:16 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ 72 KB
26 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e2f8895970c9774cbc67344d9100532f5107e5c819404c4b00ee0fa80f14b393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onexamsalert.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 25 Sep 2018 18:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26707
x-xss-protection: 1; mode=block
server: cafe
etag: 11387632783651716424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Oct 2018 18:03:53 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 0D1B 196 KB
0 38ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74272
x-xss-protection: 1; mode=block
server: cafe
etag: 7811001293577937216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1F3B 0
0 145ms
144ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=127&slotname=6053173589&adk=3749396932&adf=926742899&w=730&lmt=1538253616&rafmt=11&guci=1.2.0.0.2.2.0&format=730x127&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&wgl=1&adsid=NT&dt=1538253616518&bpp=6&bdt=987&fdt=161&idt=164&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=1132&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=865250365&ifi=2&fsb=1&xpc=BCW78Zr0CJ&p=https%3A//onexamsalert.com&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7909527711935734&output=html&h=127&slotname=6053173589&adk=3749396932&adf=926742899&w=730&lmt=1538253616&rafmt=11&guci=1.2.0.0.2.2.0&format=730x127&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&wgl=1&adsid=NT&dt=1538253616518&bpp=6&bdt=987&fdt=161&idt=164&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=1132&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=865250365&ifi=2&fsb=1&xpc=BCW78Zr0CJ&p=https%3A//onexamsalert.com&dtd=168
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onexamsalert.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onexamsalert.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 29 Sep 2018 20:40:16 GMT
server: cafe
cache-control: private
content-length: 384
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Sep-2018 20:55:16 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 330C 196 KB
0 38ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74272
x-xss-protection: 1; mode=block
server: cafe
etag: 7811001293577937216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4ED2 0
0 126ms
126ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=90&slotname=3639898702&adk=1650959961&adf=2786929269&w=730&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=730x90&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=730&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616569&bpp=6&bdt=1039&fdt=131&idt=132&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=1865&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3542294308&ifi=3&fsb=1&xpc=A9bcjktBUF&p=https%3A//onexamsalert.com&dtd=137

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7909527711935734&output=html&h=90&slotname=3639898702&adk=1650959961&adf=2786929269&w=730&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=730x90&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=730&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616569&bpp=6&bdt=1039&fdt=131&idt=132&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=1865&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3542294308&ifi=3&fsb=1&xpc=A9bcjktBUF&p=https%3A//onexamsalert.com&dtd=137
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onexamsalert.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onexamsalert.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 29 Sep 2018 20:40:16 GMT
server: cafe
cache-control: private
content-length: 386
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Sep-2018 20:55:16 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 8DC1 196 KB
0 38ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74272
x-xss-protection: 1; mode=block
server: cafe
etag: 7811001293577937216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 076F 0
0 104ms
102ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=90&slotname=3639898702&adk=1650959961&adf=3327960623&w=730&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=730x90&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=730&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616587&bpp=7&bdt=1057&fdt=154&idt=156&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=2679&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3542294308&ifi=4&fsb=1&xpc=ZjROsgFPpt&p=https%3A//onexamsalert.com&dtd=161

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7909527711935734&output=html&h=90&slotname=3639898702&adk=1650959961&adf=3327960623&w=730&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=730x90&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=730&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616587&bpp=7&bdt=1057&fdt=154&idt=156&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=428&ady=2679&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=3542294308&ifi=4&fsb=1&xpc=ZjROsgFPpt&p=https%3A//onexamsalert.com&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onexamsalert.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onexamsalert.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 29 Sep 2018 20:40:16 GMT
server: cafe
cache-control: private
content-length: 385
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Sep-2018 20:55:16 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 9270 196 KB
0 38ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74272
x-xss-protection: 1; mode=block
server: cafe
etag: 7811001293577937216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8B7B 0
0 99ms
98ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=600&slotname=3639898702&adk=3296958344&adf=4259140423&w=226&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=226x600&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=226&resp_fmts=4&wgl=1&adsid=NT&dt=1538253616594&bpp=6&bdt=1064&fdt=169&idt=171&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90%2C730x90&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1188&ady=225&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=598472353&ifi=5&fsb=1&xpc=UEjJDR2Cc1&p=https%3A//onexamsalert.com&dtd=176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7909527711935734&output=html&h=600&slotname=3639898702&adk=3296958344&adf=4259140423&w=226&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=226x600&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=226&resp_fmts=4&wgl=1&adsid=NT&dt=1538253616594&bpp=6&bdt=1064&fdt=169&idt=171&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90%2C730x90&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1188&ady=225&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=598472353&ifi=5&fsb=1&xpc=UEjJDR2Cc1&p=https%3A//onexamsalert.com&dtd=176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onexamsalert.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onexamsalert.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 29 Sep 2018 20:40:16 GMT
server: cafe
cache-control: private
content-length: 386
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Sep-2018 20:55:16 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame D4C0 196 KB
0 38ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Sat, 29 Sep 2018 20:40:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74272
x-xss-protection: 1; mode=block
server: cafe
etag: 7811001293577937216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Sep 2018 20:40:16 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 310B 0
0 93ms
92ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909527711935734&output=html&h=60&slotname=3639898702&adk=3240073448&adf=2343817851&w=583&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=583x60&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=583.047&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616621&bpp=8&bdt=1090&fdt=164&idt=165&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90%2C730x90%2C226x600&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=2862&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=638811875&ifi=6&fsb=1&xpc=xqWjvmeaCs&p=https%3A//onexamsalert.com&dtd=169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7909527711935734&output=html&h=60&slotname=3639898702&adk=3240073448&adf=2343817851&w=583&fwr_io=true&fwrn=4&fwrnh=100&lmt=1538253616&rafmt=1&guci=1.2.0.0.2.2.0&format=583x60&url=https%3A%2F%2Fonexamsalert.com%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=583.047&resp_fmts=3&wgl=1&adsid=NT&dt=1538253616621&bpp=8&bdt=1090&fdt=164&idt=165&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1200x130%2C730x127%2C730x90%2C730x90%2C226x600&correlator=2297911734451&frm=20&pv=1&ga_vid=1253010945.1538253617&ga_sid=1538253617&ga_hid=1339821373&ga_fc=0&iag=0&icsg=9001354570751&dssz=35&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=161&ady=2862&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20195143%2C21060853%2C21060104&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=638811875&ifi=6&fsb=1&xpc=xqWjvmeaCs&p=https%3A//onexamsalert.com&dtd=169
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://onexamsalert.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://onexamsalert.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 29 Sep 2018 20:40:16 GMT
server: cafe
cache-control: private
content-length: 383
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sat, 29-Sep-2018 20:55:16 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sat, 29 Sep 2018 20:40:16 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-18 19:17:34	Name: test_cookie Value: CheckForPermission
.onexamsalert.com/	1970-01-18 19:17:33	Name: _gat_gtag_UA_122331840_1 Value: 1
.onexamsalert.com/	1970-01-18 19:19:00	Name: _gid Value: GA1.2.632689501.1538253617
.onexamsalert.com/	1970-01-19 12:48:45	Name: _ga Value: GA1.2.1253010945.1538253617
.onexamsalert.com/	1970-01-19 04:03:09	Name: __cfduid Value: d534e68281c946188f715cf73d1f398c41538253613

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://onexamsalert.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
onesignal.com
onexamsalert.com
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
2400:cb00:2048:1::6810:cea5
2606:4700:30::6812:39f4
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:816::2002
2a00:1450:4001:817::2002
2a00:1450:4001:817::2008
2a00:1450:4001:817::200a
2a00:1450:4001:817::200e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e217c1eec8def8665e6e8f96bb4f6d3ef8e5a2b75a046cce8b0a34515bcffe4
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
11aade4adaa06539cc52a2d6b439026b74a576f07c34f058f2ee42e9950c5917
1aabae36ee035e2a84ff6a04748907168e13730fad56b390a6198f1bd7e701e6
20c32db9f1d6493e57d9d9ad4d7bf923ce3eb1bf0e42d289291ff516d5d74df0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29b5aafe55f658fc9c3ada0856e9281e354ce4318d053ce72b901d660f198f79
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed
366367adeb95c7e75307d2b178fa5e874b69154949c0671b1ac5cc98b9727692
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c98ba9fcd2e7c8a9417933865a2ac9d733af6d14c848e1a83fda13fa461445d
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
726260c9b091c826c58bc2db819b092f1792b8afa8d126beb2d06c8ffcb80963
798b05869a75ca4d4adb333e3be03be88a2cd0f0401c8e5b6358664729a1692a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d3942f11e6d6bc62e350790f447508f36ad3721424c85227f5b9a98531aa740
9f55b181378c94e197cc7465d07ce2fcfc75b8430a3c2d97c9604c43b31518af
9fe62e6d9252eeaf204e5bafbe121841069b2921c673ae4a52d2df5ba84ed1d0
a319525d284a6601f494a8c32f74f8fdc2ec75cb1d5fda04b774dac68d15dc5a
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
dbdefc9b5ca437f92fd07489a173b0bccb905e752a31eb01df869c876d0a59fd
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e2f8895970c9774cbc67344d9100532f5107e5c819404c4b00ee0fa80f14b393
e85454a8010f2dd33e8feea0a0048a57a9fb999a983e939a7152bc0faecdfc8a
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

onexamsalert.com Open in urlscan Pro 2606:4700:30::6812:39f4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

100 %IPv6

10 Domains

11 Subdomains

9 IPs

2 Countries

360 kBTransfer

2042 kBSize

5 Cookies

1 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onexamsalert.com Open in urlscan Pro
2606:4700:30::6812:39f4 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

11
Subdomains

9
IPs

2
Countries

360 kB
Transfer

2042 kB
Size

5
Cookies

42 HTTP transactions
0 data transactions