urlscan.io logo urlscan.io
SecurityTrails logo

weqyoua.pro Open in urlscan Pro
213.174.158.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Effective URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Submission: On March 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 9 countries across 29 domains to perform 70 HTTP transactions. The main IP is 213.174.158.40, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is weqyoua.pro.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 23rd 2020. Valid for: 2 years.
This is the only time weqyoua.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 213.174.158.40 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 213.174.135.2 39572 (ADVANCEDH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.234.175.175 30081 (CACHENETW...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
5 23.97.225.52 8075 (MICROSOFT...)
5 172.217.16.194 15169 (GOOGLE)
5 143.204.202.27 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 216.52.2.30 29791 (VOXEL-DOT...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2 185.33.223.216 29990 (ASN-APPNEX)
1 178.250.2.152 44788 (ASN-CRITE...)
1 38.140.99.21 174 (COGENT-174)
1 23.58.216.132 16625 (AKAMAI-AS)
1 52.7.135.178 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
3 151.139.128.10 20446 (HIGHWINDS3)
7 52.30.187.156 16509 (AMAZON-02)
2 2600:1901:0:f... 15169 (GOOGLE)
2 2 64.202.112.127 22075 (AS-OUTBRAIN)
3 3 35.157.107.235 16509 (AMAZON-02)
1 1 87.98.228.78 16276 (OVH)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 3.121.238.160 16509 (AMAZON-02)
5 130.211.115.4 15169 (GOOGLE)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 52.216.138.237 16509 (AMAZON-02)
1 95.101.184.244 20940 (AKAMAI-ASN1)
1 151.101.13.108 54113 (FASTLY)
70 32
3    213.174.158.40 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
weqyoua.pro
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
1    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.weqyoua.pro
3    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.adpushup.com
2    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
5    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
securepubads.g.doubleclick.net
5    143.204.202.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-27.fra53.r.cloudfront.net
tagan.adlightning.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    185.33.223.216 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    38.140.99.21 (Wellsville, United States)

ASN174 (COGENT-174, US)
lockerdome.com
1    23.58.216.132 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-216-132.deploy.static.akamaitechnologies.com
prebid.media.net
1    52.7.135.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-135-178.compute-1.amazonaws.com
ads.servenobid.com
4    2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
cdn.revcontent.com
img.revcontent.com
7    52.30.187.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
trends.revcontent.com
2    2600:1901:0:fcac:: (United States)

ASN15169 (GOOGLE, US)
js.ad-score.com
2    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    35.157.107.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-235.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu
green.erne.co
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    3.121.238.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-238-160.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
5    130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    52.216.138.237 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    95.101.184.244 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-184-244.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
Domain Requested by
7 trends.revcontent.com assets.revcontent.com
5 data.ad-score.com js.ad-score.com
5 tagan.adlightning.com weqyoua.pro
tagan.adlightning.com
5 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
weqyoua.pro
5 e3.adpushup.com cdn.adpushup.com
weqyoua.pro
4 tpc.googlesyndication.com tagan.adlightning.com
3 x.bidswitch.net 3 redirects
3 cdnjs.cloudflare.com weqyoua.pro
tagan.adlightning.com
3 pagead2.googlesyndication.com weqyoua.pro
securepubads.g.doubleclick.net
3 weqyoua.pro 1 redirects weqyoua.pro
2 rtb.mfadsrvr.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 js.ad-score.com tagan.adlightning.com
2 www.googletagservices.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 ib.adnxs.com 1 redirects cdn.adpushup.com
2 ap.lijit.com cdn.adpushup.com
2 connect.facebook.net weqyoua.pro
connect.facebook.net
2 www.google-analytics.com 1 redirects weqyoua.pro
1 acdn.adnxs.com cdn.adpushup.com
1 ads.pubmatic.com cdn.adpushup.com
1 s3.amazonaws.com cdn.adpushup.com
1 static.criteo.net cdn.adpushup.com
1 img.revcontent.com
1 cdn.revcontent.com
1 bttrack.com
1 green.erne.co 1 redirects
1 assets.revcontent.com tagan.adlightning.com
1 ads.servenobid.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 lockerdome.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 hbopenbid.pubmatic.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 stats.g.doubleclick.net weqyoua.pro
1 cdn.adpushup.com weqyoua.pro
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 cdn.weqyoua.pro weqyoua.pro
1 ajax.googleapis.com weqyoua.pro
70 39

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.facebook.com
www.law.cornell.edu
Subject Issuer Validity Valid
weqyoua.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-23 -
2022-03-24		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
cdn.weqyoua.pro
Let's Encrypt Authority X3		 2020-03-23 -
2020-06-21		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2020-02-06 -
2021-10-29		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.adpushup.com
COMODO RSA Domain Validation Secure Server CA		 2017-03-30 -
2020-05-28		 3 years crt.sh
*.adlightning.com
Amazon		 2019-08-19 -
2020-09-19		 a year crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-22 -
2020-08-30		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2019-03-11 -
2020-05-10		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-12-05 -
2021-04-08		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2019-09-27 -
2020-11-26		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2020-02-25 -
2021-05-26		 a year crt.sh
*.servenobid.com
Amazon		 2019-05-04 -
2020-06-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
assets.revcontent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-09 -
2020-05-09		 3 months crt.sh
revcontent.com
Amazon		 2019-09-19 -
2020-10-19		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2019-09-02 -
2020-11-01		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
cdn.revcontent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-09 -
2020-05-09		 3 months crt.sh
img.revcontent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-09 -
2020-05-09		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-12-03 -
2021-04-06		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh

This page contains 9 frames:

Primary Page: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Frame ID: 87732BB4FA53BEE6834774D6B632A80B
Requests: 41 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 0CA542FA68C094C4AA4352E68856617F
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/adpushup-weqyoua/bl-88d2de2-77966aca.js
Frame ID: 7D4B906E4B8E70D12B112830B349FE36
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: E0E3DC722E2285D907E88F1DF2AAEBD0
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: A1E9D099DE5202EBBC18FBA794B57CB0
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13414817&gdpr_consent=
Frame ID: EB6135C2F3A4772576E3D5889DD7875D
Requests: 1 HTTP requests in this frame

Frame: https://s3.amazonaws.com/nobid-public/sync.html
Frame ID: C47793D40BA3C759ECEA655EEADF2478
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 218B45D324646427A1FE6A9C62D513DD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8B8F76CD075DEB9F93FE7385DF531A05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDP... HTTP 301
    https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDP... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

70
Requests

99 %
HTTPS

31 %
IPv6

29
Domains

39
Subdomains

32
IPs

9
Countries

971 kB
Transfer

2770 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o HTTP 301
    https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=86825447&t=pageview&_s=1&dl=https%3A%2F%2Fweqyoua.pro%2Fquizzes%2F36630%2F7%3Ffbclid%3DIwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o&ul=en-us&de=UTF-8&dt=I%20just%20scored%207%20out%20of%2010&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=2035538015&gjid=27313660&cid=880851281.1585410175&tid=UA-72163398-2&_gid=1107349068.1585410175&_r=1&z=717555748 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72163398-2&cid=880851281.1585410175&jid=2035538015&_gid=1107349068.1585410175&gjid=27313660&_v=j81&z=717555748
Request Chain 51
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DNjk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1585410176&rev_dt=1585410176505 HTTP 302
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DNjk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&puid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&rev_dt=1585410176&rev_dt=1585410176505&s=2 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&bidder=3&bidder_uid=cCyc_i3YpNVdXz9hG8JZ
Request Chain 52
  • https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DNjk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%253D&geo=35&rev_dt=1585410176&rev_dt=1585410176505 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6571552773008791037&exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&geo=35&rev_dt=1585410176&rev_dt=1585410176505
Request Chain 53
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1585410176&rev_dt=1585410176505 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1585410176&rev_dt=1585410176505 HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=revcontent&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=uq3hjTz3Yoaka4sL58PfUiuO&ssp=revcontent HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e9c02f85-8529-43ed-aa5b-65be4b5f4978
Request Chain 55
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&rev_dt=1585410176&rev_dt=1585410176505 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&rev_dt=1585410176&rev_dt=1585410176505 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM=&bidder=154&bidder_uid=57a6312b-b1f8-49e5-b7e4-63ef394f87f6

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 7
weqyoua.pro/quizzes/36630/
Redirect Chain
  • http://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
  • https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
47 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.174.158.40 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
d7ddd18380e05e7fd226d8a134081beaf875efd341b7abcaf209bcff9816399f

Request headers

Host
weqyoua.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.8.1
Date
Sat, 28 Mar 2020 15:42:54 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
8669
Connection
keep-alive
Set-Cookie
CAKEPHP=eb33b6d1eae287e143e1944f48e08ae9; expires=Thu, 28-Mar-2080 04:28:54 GMT; Max-Age=1893415560; path=/; HttpOnly
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.8.1
Date
Sat, 28 Mar 2020 15:42:53 GMT
Content-Type
text/html
Content-Length
184
Connection
keep-alive
Location
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 18 Jan 2020 01:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6100156
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33593
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Jan 2021 01:13:38 GMT
min-css
weqyoua.pro/ 		55 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weqyoua.pro/min-css?f=css/style.css
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.174.158.40 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
87b3ba2a014eeb540a47f51cfde3a4fd5c9295489b2c05f6b15a6b8981d2ad2d

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sat, 28 Mar 2020 15:42:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Mar 2020 13:29:55 GMT
Server
nginx/1.8.1
ETag
"pub1584970195;gz"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
6707
Expires
Sat, 28 Mar 2020 16:12:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5770296964d94c22c5e1910d596ad954432f78031b3a2911e9e4fea39a9e839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39155
x-xss-protection
0
server
cafe
etag
18020887556007674622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 28 Mar 2020 15:42:54 GMT
weqyoua_logo.png
cdn.weqyoua.pro/img/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.weqyoua.pro/img/weqyoua_logo.png
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9fe7c86c32b9ed22d3e36ec3fdb55405b5ccbd6c04deb18d1e3d4991e076a532

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
last-modified
Sun, 04 Feb 2018 13:50:03 GMT
server
nginx/1.14.2
etag
"597d14-4559-5646338eab8c0"
content-type
image/png
status
200
cache-control
max-age=7200
x-proxy-cache
HIT
accept-ranges
bytes
content-length
17753
expires
Sat, 28 Mar 2020 17:42:54 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
br
cf-cache-status
HIT
age
27436919
cf-ray
57b276b74e01bef6-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-1207"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 18 Mar 2021 15:42:54 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=weqyoua.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=weqyoua.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
adpushup.js
cdn.adpushup.com/40941/ 		617 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/40941/adpushup.js
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5f7a9f033d51468f22b7bd70fa2ebaeff2616fb0b7aeb59df4ab89ce9eabd628

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
31536000.000
x-cf1
28371:fA.ams1:cf:cacheN.ams1-01:H
status
200
content-length
207314
x-cf-tsc
1585211737
x-cf2
H
last-modified
Thu, 26 Mar 2020 08:28:57 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
application/x-javascript
x-cfhash
"2f3632fdc6a9ab8f953610910d5cff6a"
cf4age
1
accept-ranges
bytes
x-cf-rand
26.509
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3859
date
Sat, 28 Mar 2020 14:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sat, 28 Mar 2020 16:38:35 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee846d32e3e48637482d19328049f518f9aff1ba70e41711f1567db7c5855ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ssyKhkx8YCHW5SHoYzJ/Iw==
status
200
date
Sat, 28 Mar 2020 15:42:54 GMT, Sat, 28 Mar 2020 15:42:54 GMT
expires
Sat, 28 Mar 2020 15:47:03 GMT
alt-svc
h3-27=":443"; ma=3600
content-length
1782
x-fb-debug
fvXXytXmP1x0S3Bhn54tfmfY2umbNkI+m4p456N8VLtMNkQAU3fOVdmZONEjY8mzaNPo2IiXG8L3xyI5AAqv4Q==
x-fb-trip-id
2047048586
x-fb-content-md5
1d9710d857be9fa5ea99003818f27fe6
etag
"9fb9ad0f985ee8ddf8f38b4e474ab91e"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=86825447&t=pageview&_s=1&dl=https%3A%2F%2Fweqyoua.pro%2Fquizzes%2F36630%2F7%3Ffbclid%3DIwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72163398-2&cid=880851281.1585410175&jid=2035538015&_gid=1107349068.1585410175&gjid=27313660&_v=j81&z=717555748
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72163398-2&cid=880851281.1585410175&jid=2035538015&_gid=1107349068.1585410175&gjid=27313660&_v=j81&z=717555748
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sat, 28 Mar 2020 15:42:54 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:54 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72163398-2&cid=880851281.1585410175&jid=2035538015&_gid=1107349068.1585410175&gjid=27313660&_v=j81&z=717555748
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		387 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2a4993d40144084860897a197bff0801&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d11e725bf34ada8355b90590f4e0f05b9161639bf2a3ba134f3a26ba3129c15e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/b8KXsK+h7X8BC1MvXuVNw==
status
200
date
Sat, 28 Mar 2020 15:42:54 GMT, Sat, 28 Mar 2020 15:42:54 GMT
expires
Sun, 28 Mar 2021 15:27:03 GMT
alt-svc
h3-27=":443"; ma=3600
content-length
115442
x-fb-debug
mMYvrxsjJn6MDZ0AjgVgd1nF+pF0RPrXO1QU9El1DGZYJMpN9ZjVtBxvMoY91JpN0UiFgRE4d0Wan6M9DreODQ==
x-fb-trip-id
1850256238
x-fb-content-md5
dddce44834fb9751b7217cfd92b84275
etag
"b43f9520a9505fb4b8d0128f9f788347"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
357 B 		Other
General
Check archive.org
Download Go to
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:54 GMT
access-control-allow-origin
https://weqyoua.pro
access-control-allow-methods
GET, POST
content-type
image/png
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
53601e93ac86f26d280bd2ee701f82bffb0b46bc6b913f686675936b945a319b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"469 / 137 of 1000 / last-modified: 1585081375"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14789
x-xss-protection
0
expires
Sat, 28 Mar 2020 15:42:54 GMT
op.js
tagan.adlightning.com/adpushup-weqyoua/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/adpushup-weqyoua/op.js
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-27.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
946252e51b507dbb717b7ef6d9bae1846b0011f99c3567be6d9934f4f396623d

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:37:53 GMT
content-encoding
gzip
age
303
x-cache
Hit from cloudfront
status
200
content-length
14370
x-amz-meta-git_commit
5b1e2be
last-modified
Fri, 27 Mar 2020 17:15:28 GMT
server
AmazonS3
etag
"584f1cf39eba1833004c2f4bdbc7e862"
x-amz-version-id
9kmal7Rugli5LV627SFotSbGpJi9a_Wc
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
SPwX57ZkU5XhSPxl37O5GmlgqN5Url8D6b7v-W4zkALjJDHVPRdKDg==
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1ODU0MTAxNzQ4NjIsInBhY2tldElkIjoiMDAwMDlGRUQtNzI3ZmIyY2EtZTA1NS00ZWQ0LTkwNDQtMzM2NGZjMDA2OTNmIiwic2l0ZUlkIjo0MDk0MSwic2l0ZURvbWFpbiI6Imh0dHA6Ly93ZXF5b3VhLnByby8iLCJ1cmwiOiJodHRwczovL3dlcXlvdWEucHJvL3F1aXp6ZXMvMzY2MzAvNz9mYmNsaWQ9SXdBUjE2SHNOVlNlWWxrQWlwOEp5TEk2WmJibUtablVPY2loNUxLU0tmUTlRVE81TTR5RFBoMXZTbzhfbyIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJQT1NUIiwicGFnZVZhcmlhdGlvbklkIjoiODc4N2FkZGQtMjcxMC00MzRiLTk1MDAtNjFmODhkYWMzYjM5IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZHggMzAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMDMxNDg4ZjMtNDMwZC00ZjAxLThlNDgtMmJjYzJlOWUzOGYyIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfUE9TVF85NzBYMjUwXzI0NThmIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80MDk0MV85NzBYMjUwXzAzMTQ4OGYzLTQzMGQtNGYwMS04ZTQ4LTJiY2MyZTllMzhmMiIsInNlcnZpY2VzIjpbMSwzXX1dfQ==
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:54 GMT
access-control-allow-origin
https://weqyoua.pro
access-control-allow-methods
GET, POST
content-type
image/png
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1ODU0MTAxNzQ4NjQsInBhY2tldElkIjoiMDAwMDlGRUQtNzI3ZmIyY2EtZTA1NS00ZWQ0LTkwNDQtMzM2NGZjMDA2OTNmIiwic2l0ZUlkIjo0MDk0MSwic2l0ZURvbWFpbiI6Imh0dHA6Ly93ZXF5b3VhLnByby8iLCJ1cmwiOiJodHRwczovL3dlcXlvdWEucHJvL3F1aXp6ZXMvMzY2MzAvNz9mYmNsaWQ9SXdBUjE2SHNOVlNlWWxrQWlwOEp5TEk2WmJibUtablVPY2loNUxLU0tmUTlRVE81TTR5RFBoMXZTbzhfbyIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJQT1NUIiwicGFnZVZhcmlhdGlvbklkIjoiODc4N2FkZGQtMjcxMC00MzRiLTk1MDAtNjFmODhkYWMzYjM5IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZHggMzAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzY5ZGE1YWYtOTNlOC00OTA3LWFkYTItYzEzYTcxZmM1NjI5Iiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfUE9TVF85NzBYMjUwXzBkYWNlIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80MDk0MV85NzBYMjUwXzc2OWRhNWFmLTkzZTgtNDkwNy1hZGEyLWMxM2E3MWZjNTYyOSIsInNlcnZpY2VzIjpbMSwzXX1dfQ==
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:54 GMT
access-control-allow-origin
https://weqyoua.pro
access-control-allow-methods
GET, POST
content-type
image/png
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1ODU0MTAxNzQ4NjUsInBhY2tldElkIjoiMDAwMDlGRUQtNzI3ZmIyY2EtZTA1NS00ZWQ0LTkwNDQtMzM2NGZjMDA2OTNmIiwic2l0ZUlkIjo0MDk0MSwic2l0ZURvbWFpbiI6Imh0dHA6Ly93ZXF5b3VhLnByby8iLCJ1cmwiOiJodHRwczovL3dlcXlvdWEucHJvL3F1aXp6ZXMvMzY2MzAvNz9mYmNsaWQ9SXdBUjE2SHNOVlNlWWxrQWlwOEp5TEk2WmJibUtablVPY2loNUxLU0tmUTlRVE81TTR5RFBoMXZTbzhfbyIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJQT1NUIiwicGFnZVZhcmlhdGlvbklkIjoiODc4N2FkZGQtMjcxMC00MzRiLTk1MDAtNjFmODhkYWMzYjM5IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZHggMzAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiYzI5M2Q5M2YtZjY2OC00NjYxLWIxYWMtYTUyZmVjZTNlNDBmIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfUE9TVF85NzBYMjUwXzE1ZGRiIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80MDk0MV85NzBYMjUwX2MyOTNkOTNmLWY2NjgtNDY2MS1iMWFjLWE1MmZlY2UzZTQwZiIsInNlcnZpY2VzIjpbMSwzXX1dfQ==
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:54 GMT
access-control-allow-origin
https://weqyoua.pro
access-control-allow-methods
GET, POST
content-type
image/png
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE1ODU0MTAxNzQ4NjcsInBhY2tldElkIjoiMDAwMDlGRUQtNzI3ZmIyY2EtZTA1NS00ZWQ0LTkwNDQtMzM2NGZjMDA2OTNmIiwic2l0ZUlkIjo0MDk0MSwic2l0ZURvbWFpbiI6Imh0dHA6Ly93ZXF5b3VhLnByby8iLCJ1cmwiOiJodHRwczovL3dlcXlvdWEucHJvL3F1aXp6ZXMvMzY2MzAvNz9mYmNsaWQ9SXdBUjE2SHNOVlNlWWxrQWlwOEp5TEk2WmJibUtablVPY2loNUxLU0tmUTlRVE81TTR5RFBoMXZTbzhfbyIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJQT1NUIiwicGFnZVZhcmlhdGlvbklkIjoiODc4N2FkZGQtMjcxMC00MzRiLTk1MDAtNjFmODhkYWMzYjM5IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZHggMzAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODgwNWI1ZmMtZjA4NC00NWU3LThhNzgtY2E5NzJhY2ViNDUxIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfUE9TVF83MjhYOTBfODgwNWIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80MDk0MV83MjhYOTBfODgwNWI1ZmMtZjA4NC00NWU3LThhNzgtY2E5NzJhY2ViNDUxIiwic2VydmljZXMiOls1LDNdfV19
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:54 GMT
access-control-allow-origin
https://weqyoua.pro
access-control-allow-methods
GET, POST
content-type
image/png
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		1 KB
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200328
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804d81b32a3ff972725f2853ca76111cbcb60daa252e3203336a83680f7ed1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-fra19126-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"542-bsMbCwaUCWpUC6Obdrl3N7eMsvQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
57b276b93e44c26d-FRA
bid
ap.lijit.com/rtb/ 		47 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.43.0-pre
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
2f2df719e979ca19537ecc3250c79af916041c0d8f7e8632edacf1276bdcde0c

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 28 Mar 2020 15:42:55 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://weqyoua.pro
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sat, 28 Mar 2020 15:42:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://weqyoua.pro
prebid
ib.adnxs.com/ut/v3/ 		496 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
f654f714d817c60fa288fb632d9c7c228d54f517d845e6261a1fd0cdb86dac09
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 28 Mar 2020 15:42:57 GMT
X-Proxy-Origin
95.174.67.180; 95.174.67.180; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.24:80
AN-X-Request-Uuid
5b2fab5e-f697-456f-85da-2dbe597e5bde
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://weqyoua.pro
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
496
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.43.0-pre&cb=517900108
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sat, 28 Mar 2020 15:42:54 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://weqyoua.pro
timing-allow-origin
*
vary
Origin
prebid
lockerdome.com/ladbid/ 		11 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
38.140.99.21 Wellsville, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 28 Mar 2020 15:42:55 GMT
Content-Encoding
gzip
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin
https://weqyoua.pro
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
31
prebid
prebid.media.net/rtb/ 		77 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.216.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-216-132.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0a24ffb16c983e41546e21c18896aa2cbbcf7cc49543a50c186e49ab7eaf95fb

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:55 GMT
server
nginx
status
200
content-type
application/json;charset=ISO-8859-1
access-control-allow-origin
https://weqyoua.pro
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
77
expires
Sat, 28 Mar 2020 15:42:55 GMT
adreq
ads.servenobid.com/ 		220 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5786
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.135.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-135-178.compute-1.amazonaws.com
Software
/
Resource Hash
5c70403eb8a83084f453f5e0fa4fe519a3df7f4def1912f93261f3863c85ede0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 28 Mar 2020 15:42:55 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
status
200
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://weqyoua.pro
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials
true
pubads_impl_2020032401.js
securepubads.g.doubleclick.net/gpt/ 		168 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 13:43:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62966
x-xss-protection
0
expires
Sat, 28 Mar 2020 15:42:54 GMT
b-5b1e2be.js
tagan.adlightning.com/adpushup-weqyoua/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/adpushup-weqyoua/b-5b1e2be.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-27.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
437523457f1ab819b22881824ed14270fee77cd4b261cf311e67d5334dba7898

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 06:31:04 GMT
content-encoding
gzip
age
983512
x-cache
Hit from cloudfront
status
200
content-length
14673
x-amz-meta-git_commit
5b1e2be
last-modified
Mon, 16 Mar 2020 18:06:46 GMT
server
AmazonS3
etag
"8d40b8381c41c3b801a8859beccc5158"
x-amz-version-id
8D5zcjLOlTlSvBzsHrknHIBoYblDjmN4
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
xr4X4lA0MZSxibb3KL09DiXf14vpmPuIf1XQCHqcG_JBOHkgvpgoNQ==
bl-88d2de2-77966aca.js
tagan.adlightning.com/adpushup-weqyoua/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/adpushup-weqyoua/bl-88d2de2-77966aca.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-27.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ffbd21b6e308431613aafe9ebf56e407efb755db613454080644441e9d3dcc7

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 17:16:18 GMT
content-encoding
gzip
age
80798
x-cache
Hit from cloudfront
status
200
content-length
31471
x-amz-meta-git_commit
88d2de2
last-modified
Fri, 27 Mar 2020 17:15:16 GMT
server
AmazonS3
etag
"3ba44ab7f59649456a5b5f1927c67de0"
x-amz-version-id
qhnpDNji0dnPQy5WRtIRs1j.aFClWXzI
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
vaR2ptXvn47Badku4i_YiXzlpAejQtIOgtovju0pbVF-Jza-nmkjbg==
light-top.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ 		3 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-top.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ff7524d7ef2f45f3fcc0bdf018552bf2140b0131235db6104231d6d902ca364
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 28 Mar 2020 15:42:55 GMT
content-encoding
br
cf-cache-status
HIT
age
3768042
cf-ray
57b276ba6898bef6-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-b86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 18 Mar 2021 15:42:55 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/light-top.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 15:42:55 GMT
cf-cache-status
HIT
age
12904402
cf-ray
57b276ba88c2bef6-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
3083
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
"5afd48e8-c0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Thu, 18 Mar 2021 15:42:55 GMT
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
served-in-seconds
0.000
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3360022931325379&correlator=1493102483201455&output=ldjh&impl=fifs&adsid=NT&eid=21065770&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200328&iu_parts=103512698%2C21926881408%2C21926881036%2C21926881411%2C21926707755&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%7C970x90%7C900x90%7C728x250%7C728x90%7C300x250%2C970x250%7C970x90%7C900x90%7C728x250%7C728x90%7C300x250%2C970x250%7C970x90%7C900x90%7C728x250%7C728x90%7C300x250%2C728x90%7C600x90%7C630x90%7C650x90%7C670x90%7C675x90%7C690x90&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D40941%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D40941%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D40941%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D40941%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&cust_params=da%3Dadx&cookie_enabled=1&bc=31&abxe=1&lmt=1585410175&dt=1585410175714&dlt=1585410174579&idt=441&frm=20&biw=1585&bih=1200&oid=3&adxs=233%2C233%2C233%2C429&adys=343%2C3711%2C2060%2C1110&adks=3370405574%2C3609115159%2C2877511053%2C828060500&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fweqyoua.pro%2Fquizzes%2F36630%2F7%3Ffbclid%3DIwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o&dssz=31&icsg=43144&std=27&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1120x250%7C1120x250%7C1120x250%7C728x-1&msz=1120x250%7C1120x250%7C1120x250%7C728x-1&ga_vid=880851281.1585410175&ga_sid=1585410176&ga_hid=86825447&fws=0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
99d748848bceb819e8f8638ee774e72521e4af487aa14de2a79468c4163375cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
150768,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
8543
x-xss-protection
0
google-lineitem-id
-1,5330418871,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138306641394,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://weqyoua.pro
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020032401.js
securepubads.g.doubleclick.net/gpt/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
0290a012deb1b25451f5211d8cb8b40d8fa6f3942d23ecc12d96670e4c0ed7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 13:43:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24573
x-xss-protection
0
expires
Sat, 28 Mar 2020 15:42:55 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0CA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Sat, 28 Mar 2020 15:02:44 GMT
expires
Sun, 28 Mar 2021 15:02:44 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2412
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585308637081045"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27959
x-xss-protection
0
expires
Sat, 28 Mar 2020 15:42:56 GMT
bl-88d2de2-77966aca.js
tagan.adlightning.com/adpushup-weqyoua/ Frame 7D4B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/adpushup-weqyoua/bl-88d2de2-77966aca.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-27.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ffbd21b6e308431613aafe9ebf56e407efb755db613454080644441e9d3dcc7

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 17:16:18 GMT
content-encoding
gzip
age
80799
x-cache
Hit from cloudfront
status
200
content-length
31471
x-amz-meta-git_commit
88d2de2
last-modified
Fri, 27 Mar 2020 17:15:16 GMT
server
AmazonS3
etag
"3ba44ab7f59649456a5b5f1927c67de0"
x-amz-version-id
qhnpDNji0dnPQy5WRtIRs1j.aFClWXzI
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
kJz4386PYULtUKpFJ-ZlkqmTwsUORWsAdsdW4plwQlZVD0EWITdM5w==
b-5b1e2be.js
tagan.adlightning.com/adpushup-weqyoua/ Frame 7D4B 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/adpushup-weqyoua/b-5b1e2be.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-27.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
437523457f1ab819b22881824ed14270fee77cd4b261cf311e67d5334dba7898

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 17 Mar 2020 06:31:04 GMT
content-encoding
gzip
age
983513
x-cache
Hit from cloudfront
status
200
content-length
14673
x-amz-meta-git_commit
5b1e2be
last-modified
Mon, 16 Mar 2020 18:06:46 GMT
server
AmazonS3
etag
"8d40b8381c41c3b801a8859beccc5158"
x-amz-version-id
8D5zcjLOlTlSvBzsHrknHIBoYblDjmN4
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
LVBdWL36jHfbBD15YLoOaZ41hEea3uuqukdBgywgBQWSg1wA3ENbZg==
delivery.js
assets.revcontent.com/master/ Frame 7D4B 		208 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
947394c92e5675e974e9285f54dc6db7b240ead27cd0a5d7646b884e2ff6b1ec

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
gzip
last-modified
Fri, 27 Mar 2020 14:59:52 GMT
server
AmazonS3
x-amz-request-id
9826A06923F1B8E2
etag
"dfbb115b609a9e4e48d42fda981bc0ea"
x-hw
1585410176.cds111.am5.hn,1585410176.cds109.am5.c
content-type
application/x-javascript
status
200
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
71702
x-amz-id-2
ezaIrffufoIFa377maGKpKqxjjSnrqt7212RsJN73+y1HNnH52P5Gp3JyuURQbNY
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 7D4B 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e576f25f810ffe36e011b2bcaac420631d9e51515cc6c610adf360af39aa72f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585308637081045"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28226
x-xss-protection
0
expires
Sat, 28 Mar 2020 15:42:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82c99c89b611e6af6421a45cd654be9809c995fea01136be9f8c66152e2ed6ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5179
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Sat, 28 Mar 2020 15:42:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukJaKCca5S4SbFBNkIaIp4msqvCx-69LSsOQks7UGP3T1x2Apv4u0neC_Ibx4FO8QjYZFYh_cQRVPKc2Nue9kaN-SrPNffJKwUuzOcaktE5dqv9aHnCk8egj8FmaeZadsdELoZp1F6YknRTMZJ3xMSNEbVWRAd5DhCXp4U5gBx5WBcTUNqRT78zDB2t2poeQKdhvopoqeOYZqMzHAH8h3Edpqlm8-mZYbf-FtEsECq3G7S9sDMZsrF1Otxkey3vq93&sai=AMfl-YR7ubqYZYdNet711NWBMxiYZH1C1XZVJMEYR2Go6vVfntzNAShh0z29V9WfJB29IAM1QkQxXZNnKu0Nk0cjkiDBMz24UbuGuDqecPn7&sig=Cg0ArKJSzDboMbOtLPyxEAE&urlfix=1&adurl=
Requested by
Host: weqyoua.pro
URL: https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

timing-allow-origin
*
date
Sat, 28 Mar 2020 15:42:56 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 28 Mar 2020 15:42:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame E0E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sat, 28 Mar 2020 15:02:39 GMT
expires
Sun, 28 Mar 2021 15:02:39 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2417
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
/
trends.revcontent.com/api/demand/ Frame 7D4B 		1003 B
815 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=120978
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
b7564cd6af20e0039501aaac6962632894b3a4eb495fc27cf5498e05a422ea4b
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://weqyoua.pro
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
truncated
/ Frame 7D4B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c041399f0fb4e2c31ef0f51e2ef6492dd5b851de095182b9efea898f7ec159b0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
trends.revcontent.com/api/delivery/ Frame 7D4B 		5 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?w=120978&width=300&site_url=https%3A%2F%2Fweqyoua.pro%2Fquizzes%2F36630%2F7%3Ffbclid%3DIwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o&time=1585410176505
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
11811d07d96f78c9d9bc833f441b952b4bae159bad2b3bf28c7086118a5c491c
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 15:42:56 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://weqyoua.pro
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032401&jk=3360022931325379&bg=!ZWalZn5Y5y9iI5a0VFsCAAAAf1IAAAASmQFXL7NC7PoOtI8PtkSx0Jezu7T-SyRPQNuAvZ1KepbV6cVSWhEDX6KFDEkt8-Z9JIgLSmq4dKPL7yIgfvK4w1wXDNk9rFi4erb6ej8Sc9lxbsUPRezLkTFEK1cEe3STO6NY2Q4fCvtFsavBl4WWvZ8BmTsAZ482Fx5JN9zpuVMdWBZ7VmGc9CMzPP8-f9R2DsQtbANSIr5Fn271NZKcChzmhqgOQba33tMKpEVAMGETBIsDSEpcX7dajRcDwiQ9z5uc67us2VJ0HGBKbXiRpHtEN7Tm-WArVKkr4LGknO9lW5qbrY4lN6VHC2_VhwLznctJIqzdoD8HaVdHDSMJnOrdc6n64NXSTj7ARMayu77PIs0SYn8P5-b5x38qtOnS0j72aFsAP1Y5ibjzdm-WZD_gDAUmBDfOW8CWk4Zf9-FO1HoWcqs3fT_LXx7qqjEuwi6T4t92bzmnNw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 28 Mar 2020 15:42:56 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression
trends.revcontent.com/event/ Frame 7D4B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

status
204
date
Sat, 28 Mar 2020 15:42:56 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.0
access-control-allow-origin
https://weqyoua.pro
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
score.min.js
js.ad-score.com/ Frame 7D4B 		281 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000177
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/b-5b1e2be.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:fcac:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
458c06f00426d6b906b94d58ee319e131f2274b933b509706ecbbb82c53f29e4

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 15:52:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Mar 2020 15:52:17 GMT
age
85839
access-control-allow-methods
GET
content-type
application/javascript
status
200
alt-svc
clear
cache-control
public, max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
access-control-allow-origin
*
content-length
97812
via
1.1 google
expires
Sat, 28 Mar 2020 15:52:17 GMT
pixel_sync
trends.revcontent.com/cm/ Frame 7D4B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DNjk1ZGUyYjNkMTYyY2ZiODN...
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DNjk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%253D%26bidder%3D3%26bidder_uid%...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&bidder=3&bidder_uid=cCyc_i3YpNVdXz9hG8JZ
35 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&bidder=3&bidder_uid=cCyc_i3YpNVdXz9hG8JZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 28 Mar 2020 15:42:57 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 28 Mar 2020 15:42:57 GMT
P3p
CP="We do not support P3P header."
Location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&bidder=3&bidder_uid=cCyc_i3YpNVdXz9hG8JZ
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
175
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel_sync
trends.revcontent.com/cm/ Frame 7D4B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fbidder%3D115%26bidder_uid%3D%24UID%26exchange_uid%3DNjk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%253D&geo=35&rev_d...
  • https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6571552773008791037&exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&geo=35&rev_dt=1585410176&rev_dt=1585410176505
35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6571552773008791037&exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&geo=35&rev_dt=1585410176&rev_dt=1585410176505
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 28 Mar 2020 15:42:56 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 28 Mar 2020 15:42:58 GMT
AN-X-Request-Uuid
00921e80-471b-4965-83e4-03d9fb52acea
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://trends.revcontent.com/cm/pixel_sync?bidder=115&bidder_uid=6571552773008791037&exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&geo=35&rev_dt=1585410176&rev_dt=1585410176505
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
95.174.67.180; 95.174.67.180; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel_sync
trends.revcontent.com/cm/ Frame 7D4B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1585410176&rev_dt=1585410176505
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1585410176&rev_dt=1585410176505
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=revcontent&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=uq3hjTz3Yoaka4sL58PfUiuO&ssp=revcontent
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e9c02f85-8529-43ed-aa5b-65be4b5f4978
35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e9c02f85-8529-43ed-aa5b-65be4b5f4978
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 28 Mar 2020 15:42:57 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

status
302
date
Sat, 28 Mar 2020 15:42:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=e9c02f85-8529-43ed-aa5b-65be4b5f4978
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookiesync
bttrack.com/pixel/ Frame 7D4B 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=0b0edea9-c9fe-4b9c-9bcd-a51022f2873f&publisherid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%253D&pushdata=109&secure=1&rev_dt=1585410176&rev_dt=1585410176505
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sat, 28 Mar 2020 15:42:56 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
pixel_sync
trends.revcontent.com/cm/ Frame 7D4B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&rev_dt=1585410176&rev_dt=1585410176505
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM%3D&rev_dt=1585410176&rev_dt=1585410176505
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM=&bidder=154&bidder_uid=57a6312b-b1f8-49e5-b7e4-63ef394f87f6
35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM=&bidder=154&bidder_uid=57a6312b-b1f8-49e5-b7e4-63ef394f87f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.187.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-187-156.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 28 Mar 2020 15:42:57 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=Njk1ZGUyYjNkMTYyY2ZiODNjMzQ0NDVlN2RhMjE3NzM=&bidder=154&bidder_uid=57a6312b-b1f8-49e5-b7e4-63ef394f87f6
Date
Sat, 28 Mar 2020 15:42:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
rc-logo.png
cdn.revcontent.com/assets/img/ Frame 7D4B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 15:42:57 GMT
last-modified
Wed, 25 Mar 2020 23:41:16 GMT
access-control-allow-origin
*
etag
"1585179676"
x-hw
1585410176.cds015.pa1.hn,1585410177.cds009.pa1.c
content-type
image/png
status
200
cache-control
max-age=76657
accept-ranges
bytes
content-length
4298
cors
data.ad-score.com/data/ Frame 7D4B 		42 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=fwDNElKaZvjzYKamoWEjwNfmEmQnNpuW-EU/fPs5vdVPlNiMY3n/AFknJNcU=-E0/JOc5lb1HhMQ==&pm_ct=21bb0be16f420d4e4c225195&pm_pl=1585410177008&pm_td=12&pid=1000177&en=1&callback=__pm_glbl_eJU68OiUesB8qA9Vd5cCy3tI._gc1&v=764caaa
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
fc469f06b88e752e79b12ac9f2412f25eb00a6cb716cd25a7f55dae77e6b2eb1

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 28 Mar 2020 15:42:57 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://weqyoua.pro
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
42
6a935e80-5925-40e4-83dc-192810380f9a
https://weqyoua.pro/ Frame 7D4B 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://weqyoua.pro/6a935e80-5925-40e4-83dc-192810380f9a
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
worker

Response headers

Content-Length
720
Content-Type
application/javascript
x.html
js.ad-score.com/ Frame A1E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/adpushup-weqyoua/b-5b1e2be.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:fcac:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
js.ad-score.com
:scheme
https
:path
/x.html?pid=1000177
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o

Response headers

status
200
date
Fri, 27 Mar 2020 18:20:26 GMT
content-type
text/html; charset=utf-8
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
last-modified
Fri, 27 Mar 2020 15:23:29 GMT
via
1.1 google
cache-control
public, max-age=86400
content-length
5981
age
76951
alt-svc
clear
truncated
/ Frame 7D4B 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
cors
data.ad-score.com/data/ Frame 7D4B 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=fwDNElKaZvjzYKamoWEjwNfmEmQnNpuW-EU/fPs5vdVPlNiMY3n/AFknJNcU=-E0/JOc5lb1HhMQ==&pm_ct=21bb0be16f420d4e4c225195&pm_pl=1585410177008&pm_td=198&pid=1000177&en=1&callback=__pm_glbl_eJU68OiUesB8qA9Vd5cCy3tI._gc2&v=764caaa
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://weqyoua.pro
Date
Sat, 28 Mar 2020 15:42:57 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 7D4B 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
cors
data.ad-score.com/data/ Frame 7D4B 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=fwDNElKaZvjzYKamoWEjwNfmEmQnNpuW-EU/fPs5vdVPlNiMY3n/AFknJNcU=-E0/JOc5lb1HhMQ==&pm_ct=21bb0be16f420d4e4c225195&pm_pl=1585410177008&pm_td=271&pid=1000177&en=1&callback=__pm_glbl_eJU68OiUesB8qA9Vd5cCy3tI._gc3&v=764caaa
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://weqyoua.pro
Date
Sat, 28 Mar 2020 15:42:57 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
img.revcontent.com/ Frame 7D4B 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://revcontent-p0.s3.amazonaws.com/content/images/5e78b081b9eef8-29885186.jpg&static=true&pos=face&h=315&w=420&static=true&fmt=jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
cf8d2c82f7c9e6370f2c10d4c4ba9edf4884a2a1ce7dea519155c70ffee31aa2

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 15:42:57 GMT
last-modified
Mon, 23 Mar 2020 12:50:10 GMT
etag
"1584967810"
x-hw
1585410177.cds020.pa1.hn,1585410177.cds008.pa1.c
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39047
cors
data.ad-score.com/data/ Frame 7D4B 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=fwDNElKaZvjzYKamoWEjwNfmEmQnNpuW-EU/fPs5vdVPlNiMY3n/AFknJNcU=-E0/JOc5lb1HhMQ==&pm_ct=21bb0be16f420d4e4c225195&pm_pl=1585410177008&pm_td=364&pid=1000177&en=1&callback=__pm_glbl_eJU68OiUesB8qA9Vd5cCy3tI._gc4&v=764caaa
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://weqyoua.pro
Date
Sat, 28 Mar 2020 15:42:57 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/ Frame 7D4B 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=fwDNElKaZvjzYKamoWEjwNfmEmQnNpuW-EU/fPs5vdVPlNiMY3n/AFknJNcU=-E0/JOc5lb1HhMQ==&pm_ct=21bb0be16f420d4e4c225195&pm_pl=1585410177008&pm_td=463&pid=1000177&en=1&callback=__pm_glbl_eJU68OiUesB8qA9Vd5cCy3tI._gc5&v=764caaa
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Origin
https://weqyoua.pro
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://weqyoua.pro
Date
Sat, 28 Mar 2020 15:42:57 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b688a376067d22eca0c258817d091ea11a0e7a8d0fdd10fbf781b6a1a2f4aeb9

Request headers

Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 15:42:57 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 08:43:02 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5e708d96-107de"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 29 Mar 2020 15:42:57 GMT
Cookie set beacon
ap.lijit.com/ Frame EB61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13414817&gdpr_consent=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=6a9374bda4ea15b1d9c7fbe4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o

Response headers

Server
nginx
Date
Sat, 28 Mar 2020 15:42:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Application-Context
application:prod:9080
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxlkDkOgDAMBP%2BSmiJOfPI1xN%2BRoPJQjqNZr3MNGadYuktF5DFWR%2FfOu2PAtjkxkQkDgYKFVRW%2FScJBRmJHIjPROhVsYOQv%2BOt7Ny23l9F4w1f0UeRp4RfhG%2B%2BfvdH9AIxgWsU%3D;Path=/;Domain=.lijit.com;Expires=Sun, 28-Mar-2021 15:42:58 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=6a9374bda4ea15b1d9c7fbe4;Path=/;Domain=.lijit.com;Expires=Sun, 28-Mar-2021 15:42:58 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sun, 28-Mar-2021 15:42:58 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap6ams1
sync.html
s3.amazonaws.com/nobid-public/ Frame C477 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/nobid-public/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.138.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Host
s3.amazonaws.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o

Response headers

x-amz-id-2
k004g0f7c/FQYftBNiyva6BER07qEnYs/IueEWOKlv1OPPfhfWxtFzk3vqgnv4Iz0ly8cWfO4WQ=
x-amz-request-id
5F59FC9F39CEF2BF
Date
Sat, 28 Mar 2020 15:43:00 GMT
Last-Modified
Wed, 05 Feb 2020 04:43:31 GMT
ETag
"b6a3577c8173652d03faf98111a4c16a"
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
2238
Server
AmazonS3
showad.js
ads.pubmatic.com/AdServer/js/ Frame 218B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.184.244 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-101-184-244.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o

Response headers

Last-Modified
Tue, 04 Feb 2020 05:12:07 GMT
ETag
"13006b6-9f85-59db914d12ccf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14955
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=151863
Expires
Mon, 30 Mar 2020 09:54:01 GMT
Date
Sat, 28 Mar 2020 15:42:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8B8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/40941/adpushup.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIiMpKEAoYASABKAEwgeH98wU4AUABSAEQgeH98wUYAA..; uuid2=6571552773008791037
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://weqyoua.pro/quizzes/36630/7?fbclid=IwAR16HsNVSeYlkAip8JyLI6ZbbmKZnUOcih5LKSKfQ9QTO5M4yDPh1vSo8_o

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Content-Length
506
Accept-Ranges
bytes
Date
Sat, 28 Mar 2020 15:42:58 GMT
Age
20325663
Connection
keep-alive
X-Served-By
cache-jfk8138-JFK, cache-fra19177-FRA
X-Cache
HIT, HIT
X-Cache-Hits
391291, 822853
X-Timer
S1585410179.806066,VS0,VE0
Vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| _mNHandle string| medianet_versionId number| questions object| ExtraMsgArray string| totaltextTemplate object| adpushup function| fbshare2 number| total function| showResultSD function| getCookie function| sprintf number| initCookie number| expirationDays string| cookieName undefined| getCookieVar object| resultArr string| GoogleAnalyticsObject function| ga object| cookieconsent_options function| fbAsyncInit boolean| hasCookieConsent object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB function| setImmediate function| clearImmediate object| googletag object| _apPbJs function| _apPbJsChunk object| _pbjsGlobals object| __core-js_shared__ function| JSEncrypt string| nobidVersion object| nobid object| adpTags object| Criteo object| closure_memoize_cache_ object| N1_0x5857 function| N1_0x42ed object| xop boolean| vjk7ey1xlog object| 69h0d6c17uo object| hx_0xfb85 function| hx_0x3447 function| xblocker object| MJ_0xf31a function| MJ_0x1f99 function| xblacklist function| update_cookieconsent_options number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| DFPSFMessageEnabled object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests object| criteo_pubtag

4 Cookies

Domain/Path Name / Value
.weqyoua.pro/ Name: _gat_americantrivia
Value: 1
.weqyoua.pro/ Name: _gid
Value: GA1.2.1107349068.1585410175
.weqyoua.pro/ Name: _ga
Value: GA1.2.880851281.1585410175
weqyoua.pro/ Name: CAKEPHP
Value: eb33b6d1eae287e143e1944f48e08ae9

2 Console Messages

Source Level URL
Text
console-api log URL: https://js.ad-score.com/score.min.js?pid=1000177(Line 181)
Message:
[object Text]
console-api debug URL: https://js.ad-score.com/score.min.js?pid=1000177(Line 156)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
assets.revcontent.com
b1sync.zemanta.com
bidder.criteo.com
bttrack.com
cdn.adpushup.com
cdn.jsdelivr.net
cdn.revcontent.com
cdn.weqyoua.pro
cdnjs.cloudflare.com
connect.facebook.net
data.ad-score.com
e3.adpushup.com
green.erne.co
hbopenbid.pubmatic.com
ib.adnxs.com
img.revcontent.com
js.ad-score.com
lockerdome.com
pagead2.googlesyndication.com
prebid.media.net
rtb.mfadsrvr.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tpc.googlesyndication.com
trends.revcontent.com
weqyoua.pro
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
130.211.115.4
143.204.202.27
151.101.13.108
151.139.128.10
172.217.16.194
178.250.2.152
185.33.223.216
185.64.189.112
192.132.33.46
205.234.175.175
213.174.135.2
213.174.158.40
216.52.2.30
23.58.216.132
23.97.225.52
2600:1901:0:fcac::
2606:4700::6810:5514
2606:4700::6811:4004
2a00:1450:4001:808::2002
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::200a
2a00:1450:4001:824::2001
2a00:1450:400c:c0c::9d
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
3.121.238.160
35.157.107.235
38.140.99.21
52.216.138.237
52.30.187.156
52.7.135.178
64.202.112.127
87.98.228.78
95.101.184.244
0290a012deb1b25451f5211d8cb8b40d8fa6f3942d23ecc12d96670e4c0ed7a5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a24ffb16c983e41546e21c18896aa2cbbcf7cc49543a50c186e49ab7eaf95fb
11811d07d96f78c9d9bc833f441b952b4bae159bad2b3bf28c7086118a5c491c
123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
2e576f25f810ffe36e011b2bcaac420631d9e51515cc6c610adf360af39aa72f
2f2df719e979ca19537ecc3250c79af916041c0d8f7e8632edacf1276bdcde0c
437523457f1ab819b22881824ed14270fee77cd4b261cf311e67d5334dba7898
458c06f00426d6b906b94d58ee319e131f2274b933b509706ecbbb82c53f29e4
53601e93ac86f26d280bd2ee701f82bffb0b46bc6b913f686675936b945a319b
5c70403eb8a83084f453f5e0fa4fe519a3df7f4def1912f93261f3863c85ede0
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f7a9f033d51468f22b7bd70fa2ebaeff2616fb0b7aeb59df4ab89ce9eabd628
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ff7524d7ef2f45f3fcc0bdf018552bf2140b0131235db6104231d6d902ca364
804d81b32a3ff972725f2853ca76111cbcb60daa252e3203336a83680f7ed1b6
82c99c89b611e6af6421a45cd654be9809c995fea01136be9f8c66152e2ed6ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87b3ba2a014eeb540a47f51cfde3a4fd5c9295489b2c05f6b15a6b8981d2ad2d
946252e51b507dbb717b7ef6d9bae1846b0011f99c3567be6d9934f4f396623d
947394c92e5675e974e9285f54dc6db7b240ead27cd0a5d7646b884e2ff6b1ec
99d748848bceb819e8f8638ee774e72521e4af487aa14de2a79468c4163375cf
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
9fe7c86c32b9ed22d3e36ec3fdb55405b5ccbd6c04deb18d1e3d4991e076a532
9ffbd21b6e308431613aafe9ebf56e407efb755db613454080644441e9d3dcc7
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b5770296964d94c22c5e1910d596ad954432f78031b3a2911e9e4fea39a9e839
b688a376067d22eca0c258817d091ea11a0e7a8d0fdd10fbf781b6a1a2f4aeb9
b7564cd6af20e0039501aaac6962632894b3a4eb495fc27cf5498e05a422ea4b
c041399f0fb4e2c31ef0f51e2ef6492dd5b851de095182b9efea898f7ec159b0
cf8d2c82f7c9e6370f2c10d4c4ba9edf4884a2a1ce7dea519155c70ffee31aa2
d11e725bf34ada8355b90590f4e0f05b9161639bf2a3ba134f3a26ba3129c15e
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d7ddd18380e05e7fd226d8a134081beaf875efd341b7abcaf209bcff9816399f
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee846d32e3e48637482d19328049f518f9aff1ba70e41711f1567db7c5855ef0
f654f714d817c60fa288fb632d9c7c228d54f517d845e6261a1fd0cdb86dac09
fc469f06b88e752e79b12ac9f2412f25eb00a6cb716cd25a7f55dae77e6b2eb1