qidiantiku.com Open in urlscan Pro
2606:4700:3033::6815:d53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qidiantiku.com/
Effective URL:
https://qidiantiku.com/
Submission: On March 06 via manual (March 6th 2022, 5:32:12 pm UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 132 HTTP transactions. The main IP is 2606:4700:3033::6815:d53, located in United States and belongs to CLOUDFLARENET, US. The main domain is qidiantiku.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time qidiantiku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3033::6815:d53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	221.231.83.250 221.231.83.250	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2408:4001:f00... 2408:4001:f00::1fa	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	47.246.136.160 47.246.136.160	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
9	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 25	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	3.127.180.130 3.127.180.130	16509 (AMAZON-02) (AMAZON-02)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8102:d28c:83ad:1b58:a2c4	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
132	25

20 2606:4700:3033::6815:d53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qidiantiku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 221.231.83.250 (Dongtai, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

s19.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:4001:f00::1fa (Beijing, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z8.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.136.160 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.180.130 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-180-130.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8102:d28c:83ad:1b58:a2c4 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	467 KB
20	qidiantiku.com 1 redirects qidiantiku.com	570 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	136 KB
13	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	200 KB
9	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8399 va.tawk.to	130 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	132 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 571	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	115 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	671 B
3	cnzz.com s19.cnzz.com — Cisco Umbrella Rank: 113634 c.cnzz.com — Cisco Umbrella Rank: 21986 z8.cnzz.com — Cisco Umbrella Rank: 136423	5 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1530	1 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1391	592 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 289	916 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1359	486 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	925 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 492	758 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	648 B
1	mmstat.com cnzz.mmstat.com — Cisco Umbrella Rank: 20574	464 B
132	20

	Domain	Requested by
25	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com
20	qidiantiku.com	1 redirects qidiantiku.com
13	pagead2.googlesyndication.com	qidiantiku.com pagead2.googlesyndication.com googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	qidiantiku.com googleads.g.doubleclick.net
8	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	embed.tawk.to	qidiantiku.com embed.tawk.to
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
2	va.tawk.to	embed.tawk.to
2	e.dlx.addthis.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	ag.innovid.com	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	d.agkn.com	1 redirects
1	www.google.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cnzz.mmstat.com	qidiantiku.com
1	z8.cnzz.com	qidiantiku.com
1	c.cnzz.com	s19.cnzz.com
1	s19.cnzz.com	qidiantiku.com
132	31

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-11` - `2023-02-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-06-28` - `2022-07-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 13 frames:

Primary Page: https://qidiantiku.com/
Frame ID: 36082CE956AFEB38339C838133B26C80
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Frame ID: 7D315C6D5F8FCE41895AC1EA65ED2328
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&adk=1812271804&adf=3025194257&lmt=1646587927&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqidiantiku.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587927040&bpp=2&bdt=2302&idt=512&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7946280669712&frm=20&pv=2&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=531
Frame ID: 14E6E4ADBF4D29A48C278C567A7EF627
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.4022239669~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=3&bdt=3877&idt=-M&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0&nras=2&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=F7y1F5j0vL&p=https%3A//qidiantiku.com&dtd=9
Frame ID: D17DBADBF9CFD636DAE19EC57DA987AF
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=1&bdt=3877&idt=0&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yXCyNMDjgE&p=https%3A//qidiantiku.com&dtd=15
Frame ID: A7F149BC04D0CEB9E9438D00423A59D0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3BA19F6415D3DACA3731BAACE61DD056
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3975A2EF507A9305BC20E7044A7798E2
Requests: 21 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: F80B96B0FB03E62AB3AB9D5EFF971425
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BD9D84619F6C91567DED91EC1B4518D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9779E75D679CBBA2CB3C75A79E7ACBAC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 63C2163EC83EB2C67C65204B42357451
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 328A1422620F29B33E6730F0F7F8396F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: DF4E9C483EB77E33B62B7E2CF7E9EED4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Test Bank and Solutions Manual_Qidiantiku.com

Page URL History Show full URLs

http://qidiantiku.com/ HTTP 301
https://qidiantiku.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

<div id="particles-js">
/particles(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

CNZZ (Analytics) Expand

Overall confidence: 100%
Detected patterns

//[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

132
Requests

91 %
HTTPS

71 %
IPv6

20
Domains

31
Subdomains

25
IPs

4
Countries

1764 kB
Transfer

3911 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cnzz.com/stat/website.php?web_id=1272813438
Title: 站长统计

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qidiantiku.com/ HTTP 301
https://qidiantiku.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw HTTP 301
https://tpc.googlesyndication.com/simgad/14978601946328591918

Request Chain 100

https://d.agkn.com/pixel/2175/?google_gid=CAESECOItDAkaAiXQkud1TcjYd0&google_cver=1&google_push=AYg5qPJfoDty7mJaxlH5bhZysaoaajs1rh65VGhTXCgNmIICwQmCHdO27xqZrPKNFJCzOM-yM-r3jDU1gboY08UqHveQunxfpAw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJfoDty7mJaxlH5bhZysaoaajs1rh65VGhTXCgNmIICwQmCHdO27xqZrPKNFJCzOM-yM-r3jDU1gboY08UqHveQunxfpAw&google_hm=Q0FFU0VDT0l0REFrYUFpWFFrdWQxVGNqWWQw

Request Chain 102

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAas3qkUgGVD_doEZkScICI&google_cver=1&google_push=AYg5qPK3leKBEiVXIDR2kaWwO21f2ZXZglTKTmwX1Yi3q-Sd-bX2nXWA7RHhseIJEh-EWNF5rgraSK0OeXfpKGBxQwcdNZ1SXw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAas3qkUgGVD_doEZkScICI&google_cver=1&google_push=AYg5qPK3leKBEiVXIDR2kaWwO21f2ZXZglTKTmwX1Yi3q-Sd-bX2nXWA7RHhseIJEh-EWNF5rgraSK0OeXfpKGBxQwcdNZ1SXw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TavcGn1YT9GNi5FsqH5eBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK3leKBEiVXIDR2kaWwO21f2ZXZglTKTmwX1Yi3q-Sd-bX2nXWA7RHhseIJEh-EWNF5rgraSK0OeXfpKGBxQwcdNZ1SXw

Request Chain 103

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBVgerFSll_20Pl8YXRLZIU&google_cver=1&google_push=AYg5qPIHi_oZL1_1Vzhqx8OpS4d4WoFz3yFbGHxRWTs0pnsK7MwKkpDd1D7SoHBakYiLLlGSmLq56BCp0ygbqwJ79A9pbBGhzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVQlUtTS0yQUFI&google_push=AYg5qPIHi_oZL1_1Vzhqx8OpS4d4WoFz3yFbGHxRWTs0pnsK7MwKkpDd1D7SoHBakYiLLlGSmLq56BCp0ygbqwJ79A9pbBGhzw

Request Chain 104

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1

Request Chain 113

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL3_lRHxJQD6OmIX7DeBPMwAkEBrbuY7COrMjkFPbYF7WQoosGza-93Bmpbl3u_3zf9SFv7EOlMQG2dZgZ9av6fsKFL992j&google_gid=CAESEDplyB4CkQExy8By5pj3C1Q&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL3_lRHxJQD6OmIX7DeBPMwAkEBrbuY7COrMjkFPbYF7WQoosGza-93Bmpbl3u_3zf9SFv7EOlMQG2dZgZ9av6fsKFL992j&google_gid=CAESEDplyB4CkQExy8By5pj3C1Q&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMDYxNzMyMTAwMDAxMzkyMDMxODI1MQ%3D%3D&google_push=AYg5qPL3_lRHxJQD6OmIX7DeBPMwAkEBrbuY7COrMjkFPbYF7WQoosGza-93Bmpbl3u_3zf9SFv7EOlMQG2dZgZ9av6fsKFL992j

Request Chain 115

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIo-4ltatei63qxJpumN1to&google_cver=1&google_push=AYg5qPJ3X8QyTqG9ZDUGbJEvqXB5cg0kOZ-bGxeGg0j9fz68fXq7wp7wEXYcX9sEWCeFwiVu5HweKJsjrkHh0gViVb7EgWzZWetB HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIo-4ltatei63qxJpumN1to&google_cver=1&google_push=AYg5qPJ3X8QyTqG9ZDUGbJEvqXB5cg0kOZ-bGxeGg0j9fz68fXq7wp7wEXYcX9sEWCeFwiVu5HweKJsjrkHh0gViVb7EgWzZWetB&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L83rzBAxQk6-Tn33qRXqMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3X8QyTqG9ZDUGbJEvqXB5cg0kOZ-bGxeGg0j9fz68fXq7wp7wEXYcX9sEWCeFwiVu5HweKJsjrkHh0gViVb7EgWzZWetB

Request Chain 116

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENn6Hb17yJuxt74IlemAG4E&google_cver=1&google_push=AYg5qPKX3Va0OebHCwwjzND-WErAJARt-H0_APgw83RkwyIKYaZvKtqCjHGYdYFDfL2gkQZ6a6ytzbAmEzJ7QFLWhNcplXJbOmbT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVRk0tMVAtQUFQSQ==&google_push=AYg5qPKX3Va0OebHCwwjzND-WErAJARt-H0_APgw83RkwyIKYaZvKtqCjHGYdYFDfL2gkQZ6a6ytzbAmEzJ7QFLWhNcplXJbOmbT

Request Chain 117

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_cver=1&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA

132 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qidiantiku.com/
Redirect Chain

http://qidiantiku.com/
https://qidiantiku.com/

32 KB
7 KB

1186ms
941ms

Document
text/html

2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e548bc0ae90b17ab3558fef372b2d4ed0d7a2e0a197515f156f9e34c28414670

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 06 Mar 2022 17:32:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vtlFEg9UU23DQNsZ0UQRHevlunJ53z2EqZMmVgoIi94C91swXTobt3eD3UJkDWnTrk%2FoKHjszQiAzQ68iX97%2Fd%2FUGMnMPvnMoFzt%2BAMOCDsj3D5j0TOqrVe8ppfpmfuE9PbCU8CKPUlLWenDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e7cd41c7e61900d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 06 Mar 2022 17:32:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://qidiantiku.com/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlR4hqS3hm8mMX3GYeK1VRY1BEImyPsH1Je8KUYkYC%2BsNs7CkRktH2xRiG9kDjUwvMIwGFnggwVs9sWut%2FAAlxt4owMSZqYO42o18b2OzCogPtonjXOW4e76rNlX1sbu0HGAfnhwHAT52yPUDg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e7cd4189ff88fdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wpa.css
qidiantiku.com/wp-content/plugins/wp-attachments/styles/0/ 1 KB
687 B 220ms
219ms Stylesheet
text/css 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/plugins/wp-attachments/styles/0/wpa.css?ver=4.9.1
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6172406dca523961c0f7504de5848b47a70404e1540866f0e5b0b4c04649471b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 20 Jan 2018 13:12:35 GMT
server: cloudflare
etag: W/"5a634043-489"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9qhW8qx9QxWuotozSQZ2Ur8Gthvh9b%2FoU%2FEhzRwJ9E3kbWr1MCBC35ykWIEnvJruIGrzPs0nKVXNJDjMw2wiONm0dw11Oq1zhuNsQHgrRDhBg9VTQE0HugsCNHyBZTp4wKrpda0Mj2HfBQssw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd4226dc9900d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Mar 2022 05:32:04 GMT

GET
H2 200 gglcptch.css
qidiantiku.com/wp-content/plugins/google-captcha/css/ 570 B
601 B 564ms
563ms Stylesheet
text/css 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.39
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66bbde50f5b496cac67b3abd8f6b4bedde581687669189d57e54f51b6e0c0a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 21 Dec 2018 01:58:49 GMT
server: cloudflare
etag: W/"5c1c48d9-23a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vI7iJAGjkMYRtf7zVp6Ym%2Bd0EJlwwSdi%2FK3WWn2YWXIOYxg%2B5iGPlHP8z2aRC%2BvlPRWVFe1DnPx40ik7hbEhyNEpX95bU4zNCzz9KUVeTS3P8xOXeY2%2F76jVRw5pvWwALvMsSycYVNidbzai1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd4226dcb900d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Mar 2022 05:32:04 GMT

GET
H2 200 main.css
qidiantiku.com/wp-content/themes/qidiantiku/static/css/ 169 KB
27 KB 255ms
255ms Stylesheet
text/css 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/css/main.css?ver=Version
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97981f691c3b706c021171ec8e183f0abe1eb37295e29252b3b1428fd685b278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 May 2019 12:23:05 GMT
server: cloudflare
etag: W/"5ce933a9-2a3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JXT%2B4w6%2BoC4uJotXhhh%2BAi2m%2BDiulbG09J5uKLNnD%2FJKfFE1TtOnOcC4Z2x74ee7rrS%2BHlExGZCDdQT8ralm%2FjQWNnxLqKjPH1%2B2ugtcpz5yaly3Tl6doZnRdvmEsKzBO7LjOEwtYAPUnCJvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd4226dcc900d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Mar 2022 05:32:04 GMT

GET
H2 200 jquery.min.js Show response
qidiantiku.com/wp-content/themes/qidiantiku/static/js/ 82 KB
30 KB 263ms
263ms Script
application/javascript 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/js/jquery.min.js
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38f2fc5ff0b6ee5fca5de8ad685f8621f64caa297c190d53dacc8338a7839b25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 12 Oct 2018 07:56:38 GMT
server: cloudflare
etag: W/"5bc053b6-14695"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YjKOmB9VzpGVB6WGy4w52OtbekyQwsHnSdEHjSPyvCrApXxe1SA7iEe4v1FIAL39YZNSsyRGr8xNH%2BkL7IznCGKJoQnT%2BVeO2tiiIADu37cEvQ8%2BnqmABb5BzNSlV36OnMRqSZjq1VXt8oGJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd4226dce900d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Mar 2022 05:32:04 GMT

GET
H3 200 invisible.js Show response
qidiantiku.com/cdn-cgi/challenge-platform/h/g/scripts/ 45 KB
17 KB 148ms
147ms Script
text/javascript 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63468363c812fac1f94582c8b04bf4f29b44fa0a3223bca7f7cbfab8a4e619ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RK2PaAdmsDXQCNoSFOPsi20AdqgHHG%2BxJ5Mgs69m4HKAE%2Fco%2FVau2o9IEXhs4%2BMEgGpozOTGlmV9HSs7y103HHv0Ss7c42t9MBG8kppTQlTeyjflMswCoo%2F7fgK8vBiZ%2FDN4Ta3XnfGXnikBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6e7cd426092c6943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo.png
qidiantiku.com/wp-content/themes/qidiantiku/static/img/ 12 KB
12 KB 523ms
521ms Image
image/png 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/img/logo.png
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529885014e00897da95e9394245c0ab82e6161097444ed1a6a5a375dfe15b2fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11922
last-modified: Sun, 24 Jan 2021 13:54:26 GMT
server: cloudflare
etag: "600d7c12-2e92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSo%2FIamfsRhlRB3SKTSk%2BY7Nd89ygITEpyLOgDiLm%2FFPHS68upVz2l%2F18jhA8yJg%2FGoat4F8jgnqJDZLfD4Uf%2B3oDZFQuhNRc75y4PuoQZywO%2BNAIGch8NCg5Un3x%2FJ5QVNk5RQzhn9FH5YGZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e7cd42609306943-FRA
expires: Tue, 05 Apr 2022 17:32:05 GMT

GET
H3 200 particles.min.js Show response
qidiantiku.com/wp-content/themes/qidiantiku/static/js/ 23 KB
7 KB 352ms
351ms Script
application/javascript 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/js/particles.min.js
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 12 Oct 2018 07:56:40 GMT
server: cloudflare
etag: W/"5bc053b8-5b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNhXArkiStHKBIgZLAzR%2FaKk8w1lrxPvJH%2BMu1pBJHMLoHGOj9RxGTSNvyu8XQUgzH4%2F0aSh8%2FTbEuO34rl5TIn4MpqemaA%2B%2BS6yanUwH4F4Z4bm6cmQL1Pbp25WyA8JezWAIydgJCVdyFqc1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd4242ca66943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Mar 2022 05:32:05 GMT

GET
H3 200 loading.gif
qidiantiku.com/wp-content/themes/qidiantiku/static/img/ 2 KB
3 KB 790ms
789ms Image
image/gif 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/img/loading.gif
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3806bd062a4f4774c8ecc2a61e2dd79d82b0bd66a3d24812180273aadbf5f51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2418
last-modified: Sat, 25 May 2019 03:47:38 GMT
server: cloudflare
etag: "5ce8bada-972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPgLP1uilthL4KOybGBTFIzaZbp2Mvwe8z7U6jZ1jX8xiWQlBBZZOtTwa35iPO4BsQGmKYTTRsz7e1VNCcGtDU9X7aDTlPDeQDtnaGGCCkmhpjlTOlU%2BpHgSgICPVVFZaV%2B8ND99XjF08D4Gxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e7cd42609376943-FRA
expires: Tue, 05 Apr 2022 17:32:05 GMT

GET
H2 200 z_stat.php Show response
s19.cnzz.com/ 11 KB
4 KB 1255ms
376ms Script
application/javascript 221.231.83.250
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://s19.cnzz.com/z_stat.php?id=1272813438&web_id=1272813438
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 221.231.83.250 Dongtai, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: 6d84caa1975868c33289ddb048963400d536f1ae3798e938a52ffd0f88ba2fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 14:48:07 GMT
content-encoding: gzip
age: 9839
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_HIT dirn:0:554770069
x-swift-cachetime: 3325
x-swift-savetime: Sun, 06 Mar 2022 16:52:42 GMT
content-length: 4051
last-modified: Sun, 06 Mar 2022 14:48:07 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1646578087
content-type: application/javascript
via: cache25.l2cn2628[0,0,200-0,H], cache8.l2cn2628[1,0], cache10.cn2570[0,0,200-0,H], cache6.cn2570[1,0]
cache-control: max-age=5400,s-maxage=10800
timing-allow-origin: *
eagleid: dde7531a16465879264057658e

GET
H3 200 captcha.png
qidiantiku.com/wp-content/themes/qidiantiku/static/img/ 4 KB
5 KB 396ms
395ms Image
image/png 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/img/captcha.png
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb5adcb74224af39d068795449e597620c77fe6c562cf349c8102a474a1da36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4537
last-modified: Thu, 23 May 2019 23:41:54 GMT
server: cloudflare
etag: "5ce72fc2-11b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olCeXjaBEtJv2LNwEhSJvlltwSwGUF%2BIahsqEkfS6zx5a8KFAmJeuwjQlJ%2Blv2R0oyu2AQqlRuEjJuEENHyNYbP13HX3LyWEeiekhXw3lh7quP8lO1CfmYa%2B88kCy%2BSnuzcgrUNGICjjw%2BS7LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e7cd426093b6943-FRA
expires: Tue, 05 Apr 2022 17:32:05 GMT

GET
H3 200 lib.js Show response
qidiantiku.com/wp-content/themes/qidiantiku/static/js/ 95 KB
30 KB 659ms
658ms Script
application/javascript 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/js/lib.js?ver=Version
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a260aed0d72aabdb4818e88d3248b323823a16841abf984c05f182b7a84f117

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 12 Oct 2018 07:56:38 GMT
server: cloudflare
etag: W/"5bc053b6-17c35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNcDmAYCevctknY4mS98WEw5NoT7I44gtkMw8CzI2xyq1PBF1pMWo%2BPjPKq5k3L1N%2FpbXLgToowUay5jQpC13ho3Zxnypp%2BtOp6CZhB%2BUp%2F9%2F%2BhQMdbM0R0mxXtTOrfej8ylATfhJTOjsj9FSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd42609256943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Mar 2022 05:32:05 GMT

GET
H3 200 main.js Show response
qidiantiku.com/wp-content/themes/qidiantiku/static/js/ 26 KB
7 KB 732ms
731ms Script
application/javascript 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/js/main.js?ver=Version
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d98ce37fea0b8150850e84f76db91325588cf9d19631f00f179d9682f09cf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2019 00:15:54 GMT
server: cloudflare
etag: W/"5ce737ba-68f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8goN3lq6ftMWCpbmaaBfyst2tyhf%2BLxP07m6OIt4BhMSWniBzW7m9QCTf3aXHYJd50F1%2FoUf%2BGhNGfLh%2FbjSeY52IGIRzyGAeUifZJmwpTiknBZtlWjBym%2F1pSCVVveH%2Fs26zu5A%2Be5rN0tfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd426092a6943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Mar 2022 05:32:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 416ms
152ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fc200cbbc5ad5c8f7b68fff9c1998c4b2472a1ec0db3970b6a1e1cf8a1db2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54037
x-xss-protection: 0
server: cafe
etag: 6118744989365655001
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Mar 2022 17:32:06 GMT

GET
H3 200 banner.png
qidiantiku.com/wp-content/themes/qidiantiku/static/img/ 42 KB
42 KB 776ms
776ms Image
image/png 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/img/banner.png
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/css/main.css?ver=Version
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cf13b624d59fcbb6b96dc8240f712bee87550fbca94b6d179f0c3a8a59bb45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/wp-content/themes/qidiantiku/static/css/main.css?ver=Version
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42886
last-modified: Fri, 07 Sep 2018 00:52:14 GMT
server: cloudflare
etag: "5b91cbbe-a786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNrefGx5Zk%2F15B9XjQSWAcj8NX0OEh1moeTmBpm%2FZFAVIubsC%2FbK%2FqsEOnDO0tCbLkWf38zknt0OYfYj7%2Fqw%2BryvSPYGK6pK0rT4KhjuLZDpsQfwNTQuVdh%2FDlc1MSQmJCd76K8Mym5ceFYLWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e7cd42629786943-FRA
expires: Tue, 05 Apr 2022 17:32:05 GMT

GET
H3 200 iconfont.woff
qidiantiku.com/wp-content/themes/qidiantiku/static/fonts/ 5 KB
6 KB 379ms
379ms Font
application/font-woff 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/fonts/iconfont.woff
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/css/main.css?ver=Version
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f61f8295c57b05b467516dcdec043f122df214a2e3fb5a4446ad8d5abd993f40

Request headers

Referer: https://qidiantiku.com/wp-content/themes/qidiantiku/static/css/main.css?ver=Version
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 07 Sep 2018 00:52:14 GMT
server: cloudflare
etag: W/"5b91cbbe-1464"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ccrvc8QIxx3nEGMVtOQNx2L1fDr7HDXgROlXXC32xcakPQRCsxBxKSiUJXAiiXhjsNZxfeWenJQTFPb2V7vXz%2FM0xMCbDpAWG6HhBUkvoqBXIUwiwrzXTuJRJoQI3DtmieW%2FBmYHxuZ6FTJewQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd42619426943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 particlesjs-config.json Show response
qidiantiku.com/wp-content/themes/qidiantiku/static/js/ 1 KB
1 KB 522ms
521ms XHR
application/json 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/js/particlesjs-config.json
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/js/particles.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65b94b4bd52fce42def3eb819e3c916ade5acac0aa6eefdf8e851a34851de74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 12 Oct 2018 07:56:40 GMT
server: cloudflare
etag: W/"5bc053b8-4c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvkxFyredZ8cDlkNeWWUiu3PLbs4%2FCKnT8qQ4fMLnQbO8wXRlka6j5%2B%2Fm12%2BmHLuUysf8eVV7Xd982WqbuF83uaThO2ngBgmDXOLNVB9OMy32WVYGKzNlEgKxkF1K297zu2IbaWARRl9MZal5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 6e7cd42669d96943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 3.png
qidiantiku.com/wp-content/themes/qidiantiku/static/img/ 340 KB
341 KB 416ms
415ms Image
image/png 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/img/3.png
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a9433db914b4b7ea29a58c1abd3add1bc88eac6729be2f7d0e13fc68dc8dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 348194
last-modified: Fri, 07 Sep 2018 00:52:14 GMT
server: cloudflare
etag: "5b91cbbe-55022"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V7uTmKv5aSaF3F%2BLtlnwALe2cpEhZHSdZx9QF3H8p%2FG3PSXxyLl8RzG9y%2BCcZWkrYse6ngZnfIAqoufaPg8%2FCRyTtIRobVz0kDyCuN1UJirhkj6hpgw4nQlFTWEnOJbzIIF09QxC1tblUTAoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e7cd42bdd6c6943-FRA
expires: Tue, 05 Apr 2022 17:32:06 GMT

GET
H3 200 dripicons-v2.woff
qidiantiku.com/wp-content/themes/qidiantiku/static/fonts/ 25 KB
26 KB 655ms
655ms Font
application/font-woff 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/fonts/dripicons-v2.woff
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/wp-content/themes/qidiantiku/static/css/main.css?ver=Version
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87a09cef1a17d8c6a5a1b542521889f2f409262589d8d4fb1d9112c9e144bfb

Request headers

Referer: https://qidiantiku.com/wp-content/themes/qidiantiku/static/css/main.css?ver=Version
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 07 Sep 2018 00:52:14 GMT
server: cloudflare
etag: W/"5b91cbbe-6594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe167EpLU8460GaCn1vHIXOJ0eGjZypj5u91uH2j496J7NzkrE7ydqHSLLP2K2JE9Qbdz%2FJrtwjf5YSSnNKBm%2FR9fonwKYLwvP9h9Tc79m1Ji1VSQeZ4fwAp5wT7s6%2FUkaYfsVlrFmvfz0pUzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7cd4268a2a6943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 core.php Show response
c.cnzz.com/ 969 B
915 B 422ms
422ms Script
application/javascript 221.231.83.250
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/core.php?web_id=1272813438&t=z
Requested by: Host: s19.cnzz.com
URL: https://s19.cnzz.com/z_stat.php?id=1272813438&web_id=1272813438
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 221.231.83.250 Dongtai, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: 0e07cae31487d739a52091ea9d5233edc819e1a6dd81c8ed02b9e109baf7120d

Request headers

Referer: https://qidiantiku.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 06 Mar 2022 17:32:06 GMT
content-encoding: gzip
x-swift-cachetime: 900
x-powered-by: PHP/5.5.25
x-cache: MISS TCP_REFRESH_MISS dirn:0:166359237
x-swift-savetime: Sun, 06 Mar 2022 17:32:06 GMT
content-length: 620
last-modified: Sun, 06 Mar 2022 17:32:06 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1646587926
content-type: application/javascript
via: cache16.l2cn2656[42,42,200-0,M], cache40.l2cn2656[44,0], cache16.cn2570[44,44,200-0,M], cache6.cn2570[46,0]
timing-allow-origin: *
eagleid: dde7531a16465879267918451e
expires: Sun, 06 Mar 2022 17:47:06 GMT

GET
H2 200 stat.htm
z8.cnzz.com/ 2 B
123 B 1315ms
385ms Image
text/html 2408:4001:f00::1fa
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z8.cnzz.com/stat.htm?id=1272813438&r=&lg=en-us&ntime=none&cnzz_eid=442191860-1646578087-&showp=1600x1200&p=https%3A%2F%2Fqidiantiku.com%2F&t=Test%20Bank%20and%20Solutions%20Manual_Qidiantik...&umuuid=17f6049d835cbb-0675364a0f26ea-977173c-1d4c00-17f6049d836c68&h=1&rnd=237995634
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2408:4001:f00::1fa Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:07 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 9.gif
cnzz.mmstat.com/ 43 B
464 B 781ms
219ms Image
image/gif 47.246.136.160
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnzz.mmstat.com/9.gif?abc=1&rnd=1288111902
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.136.160 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:07 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 default Show response
embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/ 2 KB
1 KB 841ms
582ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/default

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebdac1610e5bbabbf1f8705dadea2b280418a5ee9db2e0031e91c5af3f35014e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qidiantiku.com/
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"stable-v4-62244375449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6e7cd4323b809bfe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 06 Mar 2022 18:32:07 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/ 291 KB
105 KB 263ms
146ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6971087754703684&plah=qidiantiku.com&bust=31065507

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcf2151ddf4b1cd91ecce9b996ebcf5d0bee3220f0ce9dfa65046c42fe902165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107378
x-xss-protection: 0
server: cafe
etag: 644459032235837424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Mar 2022 17:32:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/ Frame 7D31 10 KB
5 KB 353ms
119ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 06 Mar 2022 04:18:02 GMT
expires: Sun, 20 Mar 2022 04:18:02 GMT
cache-control: public, max-age=1209600
age: 47645
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pica.js
qidiantiku.com/cdn-cgi/challenge-platform/h/g/scripts/ 23 KB
8 KB 128ms
127ms Other
text/javascript 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 317a342e1968bc18c1e545bb83d5ee9058d1bce328a10779245f5b7f797e08a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To2iM0v1ZI2xgCvczCQNYho%2BLSa6Dno5RBhQIBasxTx%2BbGWiQ%2FjmWQMUmzdBDGFqhNWVx6Ya6OXGkhnc07H6xnOepqtXl1n0%2BnagQYtu2ySrktFJuJeKZ%2FchF5S4fDXScYV%2B%2Bnffl45PdcIUIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6e7cd430b86b6943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 6e7cd41c7e61900d Show response
qidiantiku.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
698 B 180ms
172ms XHR
text/plain 2606:4700:3033::6815:d53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qidiantiku.com/cdn-cgi/challenge-platform/h/g/cv/result/6e7cd41c7e61900d
Requested by: Host: qidiantiku.com
URL: https://qidiantiku.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://qidiantiku.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Mar 2022 17:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e7cd4338eb16943-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNXyaJwu22tHTN84BRLNePatgQ5VMth6TYvE3gjrEDI%2FRl8v798nsItv%2BYdhaYDJxJxXlzXRvD0mIsIoicp74ppBAV3fd1vUlpOkRrPENGBW1rFjuMjCHUcV6oRC7Dwp4TsXe6bqbFIE5LcBUw%3D%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
648 B 404ms
132ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qidiantiku.com&callback=_gfp_s_&client=ca-pub-6971087754703684

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6971087754703684&plah=qidiantiku.com&bust=31065507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7ca762fe409f597c56edd52cf495d3c285729409032e9fe6bec9b798b1652f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 402ms
134ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qidiantiku.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 401ms
132ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qidiantiku.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14E6 210 KB
53 KB 897ms
759ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&adk=1812271804&adf=3025194257&lmt=1646587927&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqidiantiku.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587927040&bpp=2&bdt=2302&idt=512&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7946280669712&frm=20&pv=2&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=531

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ed1f5d17cb51ae56ac9add33f96d2ec44d1d6f67b6d880e7ec3f5b9cad98ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Mar 2022 17:32:08 GMT
server: cafe
content-length: 54704
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Mar 2022 17:32:08 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/ 151 KB
54 KB 145ms
144ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/reactive_library_fy2019.js?bust=31065507

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1b507927e8e82799e483cfb8477cdc0290e5a4eea65c260366f49671046f9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55048
x-xss-protection: 0
server: cafe
etag: 2340228309455182533
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Mar 2022 17:32:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 169ms
169ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-6971087754703684&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 158ms
158ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-6971087754703684&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220302_104054&sat=1646491641097&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=0&mdns=0&alldns=0.223&allp=22&fd=(0%2C17%2C3)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2506&su=qidiantiku.com&pvc=677299911374758&r=0.1&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 270ms
138ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qidiantiku.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 272ms
140ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qidiantiku.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D17D 110 KB
34 KB 1097ms
1096ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.4022239669~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=3&bdt=3877&idt=-M&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0&nras=2&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=F7y1F5j0vL&p=https%3A//qidiantiku.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2390cace041dd3a3ab0b3c342ae2e8351d0a038b883c1d7b280d91eda3b82e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Mar 2022 17:32:09 GMT
server: cafe
content-length: 35063
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Mar 2022 17:32:09 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7F1 95 KB
33 KB 723ms
722ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=1&bdt=3877&idt=0&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yXCyNMDjgE&p=https%3A//qidiantiku.com&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

778dec0226d034759b41d637c9d9ec7fc999a140955ca4e538ab3155d81b6d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Mar 2022 17:32:09 GMT
server: cafe
content-length: 34081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Mar 2022 17:32:09 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 162ms
162ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-6971087754703684&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame 3BA1 10 KB
4 KB 130ms
129ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 06 Mar 2022 04:07:23 GMT
expires: Sun, 20 Mar 2022 04:07:23 GMT
cache-control: public, max-age=1209600
age: 48285
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame 3975 10 KB
4 KB 130ms
130ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 06 Mar 2022 04:07:23 GMT
expires: Sun, 20 Mar 2022 04:07:23 GMT
cache-control: public, max-age=1209600
age: 48285
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 3BA1 4 KB
1 KB 418ms
154ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 16:45:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 17:32:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 17:32:09 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3BA1 205 B
742 B 413ms
150ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 16:23:22 GMT
x-content-type-options: nosniff
age: 4127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 06 Mar 2023 16:23:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3BA1 604 B
694 B 413ms
151ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 16:43:47 GMT
x-content-type-options: nosniff
age: 2902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 06 Mar 2023 16:43:47 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame 3BA1 19 KB
9 KB 415ms
147ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8378
x-xss-protection: 0
server: cafe
etag: 16647736096342315519
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:03:41 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202072236000/ Frame 3975 220 KB
60 KB 442ms
176ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61519
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "609f9f524fc23ab6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 3975 16 KB
7 KB 412ms
146ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4c9170e21c83610c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 3975 96 KB
29 KB 691ms
426ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29623
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f660f99fdfd5d6c6"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 3975 34 KB
11 KB 412ms
147ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-carousel-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf40de577bde04d406bfb24ce121b38777a8117479471108656f344a31a39566

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 517532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10645
x-xss-protection: 0
server: sffe
date: Mon, 28 Feb 2022 17:46:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e8abd6a36a0b5300"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Feb 2023 17:46:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 3975 5 KB
2 KB 434ms
169ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1844
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0f41eb8e6d0a727"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 3975 42 KB
13 KB 664ms
400ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 189867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13623
x-xss-protection: 0
server: sffe
date: Fri, 04 Mar 2022 12:47:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14164defe327400f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Mar 2023 12:47:42 GMT

GET
H3 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 3975 7 KB
3 KB 361ms
119ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db3cadaca7e7acf3697390172de08daa6953e0a33b5006b96f19cdda2f4f5af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 517532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2665
x-xss-protection: 0
server: sffe
date: Mon, 28 Feb 2022 17:46:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "beb09e7d5969d048"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Feb 2023 17:46:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3975 664 B
429 B 413ms
154ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:regular

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 17:27:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 17:32:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 17:32:09 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3975 2 KB
2 KB 317ms
187ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 81141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 06 Mar 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3975 295 B
319 B 241ms
117ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 42515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 07 Mar 2022 05:43:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3975 0
17 B 164ms
162ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIIAiF_AkYr_gNNLb3wP84ImoCdOO6ehor8Hm9a4P8_iurMMBEAEg9dLdGmCVgoCAlAegAdfl7v0CyAEJqQIUsF3gv1eyPqgDAcgDCKoEyQFP0PN3H5t-ZovqpRv9U7RNWJyF7bBizXaizrMrdZWSd4T12SoAFSALj4m49DkHAxJNEo9T4Oqmscg96qYvVKR3Ic_CdGXFGUpGf-4l_UbZrmLlRcGBu6-X40iQ_f-l3QMrzlxHfFbMtKip-59NSn9r4fAk_DNIraktq01oBBh1GL8eb9KsL4Tdn7jiHo5Wf8--dWtsZFuP8QahJ_wUYHqtcRlxatQ4oaMlM6fxlA-1czJM2cSZLQxOU3W3jynwkxPHKXUIitf9UtPABPbsvqPpA5IFBAgEGAGSBQQIBRgEoAYugAeTsLWXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP_5EtIICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi02OTcxMDg3NzU0NzAzNjg0GAA&sigh=2teSEUm2V8Y&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 06 Mar 2022 17:32:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 HG_LR_NW_728x905.png
tpc.googlesyndication.com/sadbundle/12488423331280167077/ Frame 3975 62 KB
62 KB 124ms
122ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12488423331280167077/HG_LR_NW_728x905.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e38b79bd0be337043e5aa8c9490fef388ddaf51c25066952a6152442b6d52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 10:32:49 GMT
x-content-type-options: nosniff
age: 457160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63004
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 10:32:49 GMT

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/12488423331280167077/ Frame 3975 5 KB
5 KB 170ms
169ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12488423331280167077/Logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad4bd085fc255ebd8d873d3f20e5ea8c346f3f2e7a1b6ea6c66927fb1671fac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 10:32:49 GMT
x-content-type-options: nosniff
age: 457160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5113
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 10:32:49 GMT

GET
H3 200 Text1.png
tpc.googlesyndication.com/sadbundle/12488423331280167077/ Frame 3975 4 KB
4 KB 166ms
165ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12488423331280167077/Text1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb6bfa8eea41505b08ad796cf57405796169f972111b01b3238f5f8fe37dbed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 10:32:49 GMT
x-content-type-options: nosniff
age: 457160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4024
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 10:32:49 GMT

GET
H3 200 Text2.png
tpc.googlesyndication.com/sadbundle/12488423331280167077/ Frame 3975 5 KB
5 KB 157ms
157ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12488423331280167077/Text2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245ce4175eda51880314790294ec73a86b6f8d94469db2d5a0c997532f79e0e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 09:07:43 GMT
x-content-type-options: nosniff
age: 462266
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5054
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 09:07:43 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/12488423331280167077/ Frame 3975 2 KB
3 KB 166ms
165ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12488423331280167077/cta.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c36b64024c9c6d9b845bca26eb91636d0f74e469a231cf76ee7771375887457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 09:02:23 GMT
x-content-type-options: nosniff
age: 462586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2531
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 09:02:23 GMT

GET
H3 200 rahmen.png
tpc.googlesyndication.com/sadbundle/12488423331280167077/ Frame 3975 151 B
179 B 165ms
164ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/12488423331280167077/rahmen.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e017bdbdd0ae2d9acc1e3abab9cd04e0961a6b92e5ac365f1223a27b19167ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:45:25 GMT
x-content-type-options: nosniff
age: 233204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Mar 2023 00:45:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F80B 6 KB
670 B 260ms
133ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 17:31:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 17:32:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 17:32:09 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame F80B 2 KB
904 B 367ms
238ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:29:11 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame F80B 19 KB
8 KB 278ms
149ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:30:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame F80B 2 KB
1 KB 368ms
239ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:31:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F80B 124 KB
39 KB 398ms
149ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Mar 2022 17:32:09 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame F80B 15 KB
6 KB 261ms
133ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:30:45 GMT

GET
H3 200 1983f1322954a331c3caffc9609329fe.js Show response
www.gstatic.com/mysidia/ Frame F80B 28 KB
12 KB 265ms
126ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1983f1322954a331c3caffc9609329fe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 08:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11765
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 01:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 08:22:29 GMT

GET
DATA 200
OK truncated
/ Frame 3975 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a133112416758edeea5183bec5c1fd622e8be85534e0de0871640209ac8c68ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame A7F1 8 KB
892 B 230ms
126ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=1&bdt=3877&idt=0&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yXCyNMDjgE&p=https%3A//qidiantiku.com&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 16:57:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 17:32:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 17:32:09 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame A7F1 2 KB
904 B 347ms
236ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:29:11 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame A7F1 19 KB
8 KB 228ms
118ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:30:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame A7F1 2 KB
1 KB 162ms
162ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:31:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7F1 124 KB
38 KB 533ms
301ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Mar 2022 17:32:09 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame A7F1 15 KB
6 KB 281ms
171ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:30:45 GMT

GET
H3 200 1983f1322954a331c3caffc9609329fe.js Show response
www.gstatic.com/mysidia/ Frame A7F1 28 KB
12 KB 204ms
130ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1983f1322954a331c3caffc9609329fe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 08:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11765
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 01:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 08:22:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A7F1 0
0 160ms
160ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Csnf7GPAkYqu-MIOw6wSAw7DwAZr93_dk3K7I1P0KzLWLyIQXEAEg9dLdGmCVgoCAlAegAbGsndQDyAEJqQIUsF3gv1eyPqgDAcgDywSqBMEBT9AnV5K6dQF8Mf528rZOtGDUAsQotgseL2sV6CQz4h_-2knrB4Vz5RbXtEEoMC2jw5YF6GZgkf6ggBV1DMZY9AqJmdEMV1D-K0T7mdhARsERcoqmaEtZzClQnZeaWlcVAM10UaUGyX-gsOFO_6FJQZN_IVT6EwAQIBtrGub0pmbc38GlihmEaWchuLw_2_1yKH5JteOjhN0xTGLKzkzQyE8lj71-hJGqF7_E6fEMhlklpGAvvj56c-_Pts5HKF8UW8AEk8yltp4CkgUECAQYAZIFBAgFGASgBi6AB7fT4iuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCR9gfSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTY5NzEwODc3NTQ3MDM2ODQYAA&sigh=tZd7xOd-sXE&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=1&bdt=3877&idt=0&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yXCyNMDjgE&p=https%3A//qidiantiku.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 06 Mar 2022 17:32:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5345300911354852830/ Frame A7F1 15 KB
15 KB 276ms
192ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5345300911354852830/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248c577ede6a3075f066ccdbb69fb5e95fd5d56f58939534d321807a0c8233d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 15:46:09 GMT
x-content-type-options: nosniff
age: 351960
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15214
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 14:39:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Mar 2023 15:46:09 GMT

GET
DATA 200
OK truncated
/ Frame A7F1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A7F1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012202072236000/ 23 KB
8 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202072236000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f45735c60d62a9d690f19eb78ac9d4583d9b9d68e2c89ea277a9786b36767a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 267401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7955
x-xss-protection: 0
server: sffe
date: Thu, 03 Mar 2022 15:15:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7fc09a3fdc14ea30"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Mar 2023 15:15:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1BD9 1 KB
749 B 120ms
119ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 06 Mar 2022 13:26:12 GMT
expires: Mon, 07 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 14757
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 LandRoverWide-Bold.woff
tpc.googlesyndication.com/sadbundle/12488423331280167077/ Frame 3975 41 KB
41 KB 255ms
125ms Font
font/woff 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/12488423331280167077/LandRoverWide-Bold.woff

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a44a4de24ff89f0870dc376fb51f9b448f04ce9a8573b17b6932a659d1bd44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 10:35:07 GMT
x-content-type-options: nosniff
age: 457022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41820
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 10:35:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D17D 2 KB
532 B 132ms
131ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.4022239669~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=3&bdt=3877&idt=-M&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0&nras=2&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=F7y1F5j0vL&p=https%3A//qidiantiku.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 15:34:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 17:32:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 17:32:09 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame D17D 2 KB
904 B 140ms
139ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:29:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D17D 0
0 166ms
165ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNAnjGPAkYrasMM7p6wSbv4yABLGO0O5oys_w2-sP2b2C190uEAEg9dLdGmCVgoCAlAegAYyhifECyAEJqQLC0qVxQ-dyPqgDAcgDywSqBMwBT9B1rYXzYl_LLu8KpEmrsFtPg_AMs7OExnKgDUpj2ASw9UBAGOUgqC0KU0jXK-1dpYmlpvCmeWemvXlN2O-JtoWq73aG6qf02fJmH_JYw1PuiidCycvRJ9qLZcZlqlfmCrDtJFNJDCFi-AiX43x9hKQu1fdZGGInvhw6EwEqmCWyjCj16Iv_hUC9xQ4cWj661AKlhm8bQXUq0nC5r6VWVRpzcvikOjRleGFD9_mt4oCHXIhQczw3cdU5FYOlJoqPcPboI_CWQ8OukM45wATs0MWfjwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq5ThpQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQlZIN0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTY5NzEwODc3NTQ3MDM2ODQYAA&sigh=JMeIFs_yK6s&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.4022239669~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=3&bdt=3877&idt=-M&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0&nras=2&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=F7y1F5j0vL&p=https%3A//qidiantiku.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 06 Mar 2022 17:32:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame D17D 20 KB
20 KB 401ms
129ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTX96RvsDcBhWIx_lyKuwK4Rgflx7ZKPFqljEnA2YJPRoBjMF4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f71a1f350faf1d80c306d514fa89c13626140607ba8d240c00e643b4109c15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 12:39:05 GMT
x-content-type-options: nosniff
age: 276785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20093
x-xss-protection: 0
last-modified: Sat, 08 May 2021 01:47:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 03 Mar 2023 12:39:05 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame D17D 20 KB
20 KB 420ms
129ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRErdBWl3Ss62rhs4xKKB0GsXSv5s3shUrE-9dbfK3ob8DXV3c&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4657e03d23297f749bdde25473f4278ea29a1eaca26330d0352e1f894ebb72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 06:23:14 GMT
x-content-type-options: nosniff
age: 558536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 11:40:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 28 Feb 2023 06:23:14 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D17D 17 KB
17 KB 417ms
128ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQK6w5sAiBJDUIugI430QhEmHTmn3r0E0l3CP3CqiJ8Kg3G4Lq9a65pp6qEhA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc87a819674eb6e40aa0f4fea4dacff57dc60478fa9362fad42d6dca4a3a6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:51:46 GMT
x-content-type-options: nosniff
age: 247224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17074
x-xss-protection: 0
last-modified: Sat, 22 Sep 2018 11:48:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 03 Mar 2023 20:51:46 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D17D 18 KB
19 KB 419ms
129ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTi-VyA9GeIYMCOYnnzWiq-DuZ-sBqYUw5SsFrF1ygW9Q3PQw9Mqa-9NR1pyA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edfd740dadf4d0ca5d9eabbe50460c97d50ad054c6cb61c8e37c592c25d062d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 13:59:10 GMT
x-content-type-options: nosniff
age: 99180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18391
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 02:25:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 Mar 2023 13:59:10 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D17D 25 KB
25 KB 456ms
167ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQeQ5dpYKzS1bkkk2tRQXgOfkZaBy57LLGUcuZAj7fFdCa7flM2o724ivfPCVs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

345976bb7955719641fbba6f3abbc1c5c64623415491c8ebfa8b6ebe3d69009d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 07:56:11 GMT
x-content-type-options: nosniff
age: 120959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25406
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 06:28:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 Mar 2023 07:56:11 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame D17D 15 KB
15 KB 527ms
259ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTOHnJISCooDRcrQSjqdq7ngcmPVlQtPPDQRmjDvhV_-tMf1ZzxS3qWfGZ3A3k&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92cc6477830253cc305beccd8d17e78e16211f2289f84a99544d0ff74893277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 19:15:49 GMT
x-content-type-options: nosniff
age: 166581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14907
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 10:35:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 04 Mar 2023 19:15:49 GMT

GET
H3

200

14978601946328591918
tpc.googlesyndication.com/simgad/ Frame D17D
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw
https://tpc.googlesyndication.com/simgad/14978601946328591918

9 KB
9 KB

130ms
129ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14978601946328591918

Requested by

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 00:33:05 GMT
x-content-type-options: nosniff
age: 406745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9527
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 14:36:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Mar 2023 00:33:05 GMT

Redirect headers

date: Sat, 05 Mar 2022 23:06:56 GMT
x-content-type-options: nosniff
server: cafe
age: 66313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/14978601946328591918
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 23:06:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame D17D 19 KB
8 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:30:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame D17D 2 KB
1 KB 136ms
136ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:31:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D17D 124 KB
38 KB 292ms
157ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Mar 2022 17:32:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame D17D 15 KB
6 KB 136ms
135ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:30:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D17D 0
0 426ms
142ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZSZqDg4JJehjC79Bxc1L3_qgLsnbNLEPFft8jESWfkP-YHD0RL_RjZnm21FUyWKCgfOX6O72i1Dp_UyISwEJpls4ZIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.4022239669~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=3&bdt=3877&idt=-M&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0&nras=2&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=F7y1F5j0vL&p=https%3A//qidiantiku.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 1983f1322954a331c3caffc9609329fe.js Show response
www.gstatic.com/mysidia/ Frame D17D 28 KB
12 KB 139ms
138ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1983f1322954a331c3caffc9609329fe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 08:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11765
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 01:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 08:22:29 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1BD9 35 B
463 B 396ms
130ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAE-NGHKkD3t4T0Zhbc0H0Q&google_cver=1&google_push=AYg5qPIH40hB4xCOQAObhLHzZlU_3iCJQsJFJ8tKlLczTI3S-gZZh8yusujFm7-cy-Y6p_sq6eJDw32nlBPfZyX1Xw8LHzV24yA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BD9
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECOItDAkaAiXQkud1TcjYd0&google_cver=1&google_push=AYg5qPJfoDty7mJaxlH5bhZysaoaajs1rh65VGhTXCgNmIICwQmCHdO27xqZrPKNFJCzOM-yM-r3jDU1gboY08UqHveQunxfpAw
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJfoDty7mJaxlH5bhZysaoaajs1rh65VGhTXCgNmIICwQmCHdO27xqZrPKNFJCzOM-yM-r3jDU1gboY08UqHveQunxfpAw&google_hm=Q0FFU0VDT0l0REFrYUFpWF...

170 B
188 B

310ms
166ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJfoDty7mJaxlH5bhZysaoaajs1rh65VGhTXCgNmIICwQmCHdO27xqZrPKNFJCzOM-yM-r3jDU1gboY08UqHveQunxfpAw&google_hm=Q0FFU0VDT0l0REFrYUFpWFFrdWQxVGNqWWQw

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 17:32:10 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJfoDty7mJaxlH5bhZysaoaajs1rh65VGhTXCgNmIICwQmCHdO27xqZrPKNFJCzOM-yM-r3jDU1gboY08UqHveQunxfpAw&google_hm=Q0FFU0VDT0l0REFrYUFpWFFrdWQxVGNqWWQw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1BD9 43 B
351 B 392ms
137ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPVh8QDYbVL0dCzZSeruiMU&google_cver=1&google_push=AYg5qPLzYZxa45zoxKoiI_MXqvCGjjQDXVEQL4sNFXxjIR2oCZsXIiDn8qZDya3hnm2bD3oeza_-sP_rm46Gj0qRvJ7ni-BAWA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=1&bdt=3877&idt=0&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yXCyNMDjgE&p=https%3A//qidiantiku.com&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: aindqifofsga9nq7hdpkcdvu6vlc12i3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BD9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TavcGn1YT9GNi5FsqH5eBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

261ms
163ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TavcGn1YT9GNi5FsqH5eBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK3leKBEiVXIDR2kaWwO21f2ZXZglTKTmwX1Yi3q-Sd-bX2nXWA7RHhseIJEh-EWNF5rgraSK0OeXfpKGBxQwcdNZ1SXw

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TavcGn1YT9GNi5FsqH5eBQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK3leKBEiVXIDR2kaWwO21f2ZXZglTKTmwX1Yi3q-Sd-bX2nXWA7RHhseIJEh-EWNF5rgraSK0OeXfpKGBxQwcdNZ1SXw
date: Sun, 06 Mar 2022 17:32:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BD9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBVgerFSll_20Pl8YXRLZIU&google_cver=1&google_push=AYg5qPIHi_oZL1_1Vzhqx8OpS4d4WoFz3yFbGHxRWTs0pnsK7MwKkpDd1D7SoHBakYiLLlGSmLq...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVQlUtTS0yQUFI&google_push=AYg5qPIHi_oZL1_1Vzhqx8OpS4d4WoFz3yFbGHxRWTs0pnsK7MwKkpDd1D7SoHBakYiLLlGSmLq56BCp0ygbqwJ79A9pbBGhzw

170 B
188 B

308ms
164ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVQlUtTS0yQUFI&google_push=AYg5qPIHi_oZL1_1Vzhqx8OpS4d4WoFz3yFbGHxRWTs0pnsK7MwKkpDd1D7SoHBakYiLLlGSmLq56BCp0ygbqwJ79A9pbBGhzw

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVQlUtTS0yQUFI&google_push=AYg5qPIHi_oZL1_1Vzhqx8OpS4d4WoFz3yFbGHxRWTs0pnsK7MwKkpDd1D7SoHBakYiLLlGSmLq56BCp0ygbqwJ79A9pbBGhzw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1BD9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IR...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 1BD9 43 B
295 B 431ms
146ms Image
image/gif 2a05:d01c:1d8:8102:d28c:83ad:1b58:a2c4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEC5_grei--sC5TOVIxMGbSs&google_cver=1&google_push=AYg5qPIUwYc7Y79PUBYs_7LprnYPw_QjBuKYVyH9qO7gYmWhWcpYXZ1VW2_XqwBGjCyFMgUpD3XzSlZAjkzNKKNhP6b3CpjSzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=1&bdt=3877&idt=0&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yXCyNMDjgE&p=https%3A//qidiantiku.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:d28c:83ad:1b58:a2c4 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1BD9 0
232 B 399ms
136ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGfSSfL7SX9kw624mGQReS_HNERTmmmq_nRqOLcXMUX7foGhzZt1ejkmCbpnHtVjKTuTbT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9779 1 KB
749 B 127ms
126ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 06 Mar 2022 13:26:12 GMT
expires: Mon, 07 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 14758
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 63C2 35 KB
13 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 15:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 15:08:28 GMT

GET
DATA 200
OK truncated
/ Frame A7F1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baad69d12174f41a038ea5675d5e8e43f153141f5fb39f10ebced531e7b29658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame A7F1 28 KB
28 KB 408ms
136ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 413128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 22:46:42 GMT

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 328A 35 KB
13 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 15:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 15:08:28 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9779 35 B
462 B 129ms
129ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB8Stxj1Mz_6CHyng4w55mc&google_cver=1&google_push=AYg5qPK7T9jJz47erXNSe42OkOOi_pjxPqolQEKinKs8qdb28fOMevXrSuEgsnn_ZEEXS-2FfjPIIUnj1djrbUBZcuUfC3q4_rBd

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9779
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL3_lRH...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL3_lRH...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMDYxNzMyMTAwMDAxMzkyMDMxODI1MQ%3D%3D&google_push=AYg5qPL3_lRHxJQD6OmIX7DeBPMwAkEBrbuY7COrMjkFPbYF7WQoosGza-93Bmpbl3u_3z...

170 B
188 B

146ms
146ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMDYxNzMyMTAwMDAxMzkyMDMxODI1MQ%3D%3D&google_push=AYg5qPL3_lRHxJQD6OmIX7DeBPMwAkEBrbuY7COrMjkFPbYF7WQoosGza-93Bmpbl3u_3zf9SFv7EOlMQG2dZgZ9av6fsKFL992j

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMDYxNzMyMTAwMDAxMzkyMDMxODI1MQ%3D%3D&google_push=AYg5qPL3_lRHxJQD6OmIX7DeBPMwAkEBrbuY7COrMjkFPbYF7WQoosGza-93Bmpbl3u_3zf9SFv7EOlMQG2dZgZ9av6fsKFL992j
pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 06 Mar 2022 17:32:10 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9779 43 B
135 B 175ms
174ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGf2QE2WaNqjwae9YPeK3Xo&google_cver=1&google_push=AYg5qPI_m_JK3nfJaWMtsM8EEjbLJU-cJvByO6B-_Stlq_JyudwUif-XcRcqe-LDBjVeEu3PLZIm5uKJXPAsFKxV2Me2oyBGaTQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.4022239669~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=3&bdt=3877&idt=-M&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0&nras=2&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=F7y1F5j0vL&p=https%3A//qidiantiku.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 49fe2tk76fk6gje05pvbkcu1e82cofbp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9779
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L83rzBAxQk6-Tn33qRXqMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

262ms
164ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L83rzBAxQk6-Tn33qRXqMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3X8QyTqG9ZDUGbJEvqXB5cg0kOZ-bGxeGg0j9fz68fXq7wp7wEXYcX9sEWCeFwiVu5HweKJsjrkHh0gViVb7EgWzZWetB

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=L83rzBAxQk6-Tn33qRXqMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ3X8QyTqG9ZDUGbJEvqXB5cg0kOZ-bGxeGg0j9fz68fXq7wp7wEXYcX9sEWCeFwiVu5HweKJsjrkHh0gViVb7EgWzZWetB
date: Sun, 06 Mar 2022 17:32:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9779
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENn6Hb17yJuxt74IlemAG4E&google_cver=1&google_push=AYg5qPKX3Va0OebHCwwjzND-WErAJARt-H0_APgw83RkwyIKYaZvKtqCjHGYdYFDfL2gkQZ6a6y...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVRk0tMVAtQUFQSQ==&google_push=AYg5qPKX3Va0OebHCwwjzND-WErAJARt-H0_APgw83RkwyIKYaZvKtqCjHGYdYFDfL2gkQZ6a6ytzbAmEzJ7QFLWhNcplXJbOmbT

170 B
188 B

175ms
166ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVRk0tMVAtQUFQSQ==&google_push=AYg5qPKX3Va0OebHCwwjzND-WErAJARt-H0_APgw83RkwyIKYaZvKtqCjHGYdYFDfL2gkQZ6a6ytzbAmEzJ7QFLWhNcplXJbOmbT

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBGSlhVRk0tMVAtQUFQSQ==&google_push=AYg5qPKX3Va0OebHCwwjzND-WErAJARt-H0_APgw83RkwyIKYaZvKtqCjHGYdYFDfL2gkQZ6a6ytzbAmEzJ7QFLWhNcplXJbOmbT
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 9779
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 9779 43 B
297 B 161ms
145ms Image
image/gif 2a05:d01c:1d8:8102:d28c:83ad:1b58:a2c4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEG8TibHMFhPj78nNHcqoNzQ&google_cver=1&google_push=AYg5qPL84mS1STrEKjzSAY-vGBDG9pggBm7U4cV6JFDBLBlzFSVqsD8if11_wCNzwGHB0kjerWm3HGk1MtjhyqNARxeJjgQ9rcve
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6971087754703684&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.4022239669~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1646587928&rafmt=1&to=qs&pwprc=8492352242&psa=0&format=1200x280&url=https%3A%2F%2Fqidiantiku.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587928615&bpp=3&bdt=3877&idt=-M&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfaf03e76e49dfccd-22eb15fe55cd00fa%3AT%3D1646587927%3ART%3D1646587927%3AS%3DALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ&prev_fmts=0x0&nras=2&correlator=7946280669712&frm=20&pv=1&ga_vid=441339731.1646587928&ga_sid=1646587928&ga_hid=968708517&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31065507%2C44756431%2C44758229&oid=2&pvsid=677299911374758&pem=805&tmod=375650806&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=F7y1F5j0vL&p=https%3A//qidiantiku.com&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:d28c:83ad:1b58:a2c4 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9779 0
49 B 137ms
136ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4gnC-mEcxW8E0D-7vvQumpTMD0-FJcskKX3B4HwozSVams5HcKkG3-MzRttTSyv12psmm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame D17D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 741aeaac64caaf3f9786605ad17c9202c126443744d5582b2b193f106652c1f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame D17D 20 KB
20 KB 284ms
138ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:31:14 GMT
x-content-type-options: nosniff
age: 338456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:31:14 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3975 42 B
64 B 166ms
165ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrPSKeW1QKF5v16K4eqP6KkGBQo0zSyqozygDbT9wir3A3jXWJaosqLxwUh17hh_FSf6lIWHdl7hwlm5_Qq90GIUAmemIKNHA9JYSfxZ6Y-A6nkqK9Eg&sai=AMfl-YT27Fakd7Kap8KYIBsYr3JpOYwjwN2yIu2MVfVSbiNWY7uBbe5gC0Kxgeayeta8rOER_QNGkMYxpS0d&sig=Cg0ArKJSzIu6di9bWpFaEAE&id=ampim&o=0,125&d=1005,124&ss=1600,1200&bs=1005,124&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=934&tls=1934&g=91.93548560142517&h=100&tt=1934&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1812271801

Requested by

Host: qidiantiku.com
URL: https://qidiantiku.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:32:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 267ms
134ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220302&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

755989652ed8d074e869415dbe77597200205ab3f75eb6ec2392ccb5ff03e1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10510
x-xss-protection: 0

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/62244375449/js/ 121 B
448 B 380ms
249ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62244375449/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qidiantiku.com/
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 05:16:10 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e7cd44929359bbe-FRA
expires: Tue, 05 Apr 2022 17:32:11 GMT

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/62244375449/js/ 76 KB
27 KB 486ms
355ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62244375449/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qidiantiku.com/
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 05:16:10 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e7cd44929299bbe-FRA
expires: Tue, 05 Apr 2022 17:32:11 GMT

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/62244375449/js/ 206 KB
61 KB 608ms
478ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62244375449/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2060b969f277041f8ac99199e026231ddd1da5b969a5f7d18746ff864161fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qidiantiku.com/
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 05:16:10 GMT
server: cloudflare
etag: W/"acd9a4e94762d82f523ab1e623af8c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e7cd44929389bbe-FRA
expires: Tue, 05 Apr 2022 17:32:11 GMT

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/62244375449/js/ 154 KB
37 KB 607ms
476ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62244375449/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61de8a99bc8f6ffc5bcc68d34f915f2d8d341e2099a70426cf2767fd4360da14

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qidiantiku.com/
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 05:16:10 GMT
server: cloudflare
etag: W/"1b13d1786d4bfcea40d85f8384794149"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e7cd449293d9bbe-FRA
expires: Tue, 05 Apr 2022 17:32:11 GMT

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/62244375449/js/ 2 KB
1 KB 368ms
238ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62244375449/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25336cebdcac0824de141bd6e11e7784b1fa4f6894b170077390cbca82d5608a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qidiantiku.com/
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 05:16:10 GMT
server: cloudflare
etag: W/"619ea6d9a37b1ac1876538ab91d44356"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e7cd44929459bbe-FRA
expires: Tue, 05 Apr 2022 17:32:11 GMT

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/62244375449/js/ 151 B
472 B 369ms
239ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62244375449/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5c597ec96cb1ff3c14cb2e4a/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://qidiantiku.com/
Origin: https://qidiantiku.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 05:16:10 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 6e7cd449293f9bbe-FRA
expires: Tue, 05 Apr 2022 17:32:11 GMT

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame DF4E 35 KB
13 KB 124ms
124ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 15:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 15:08:28 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 303ms
293ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5c597ec96cb1ff3c14cb2e4a&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62244375449/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1527ff59f9f610224e23a391d4b1ce8e912fb19513de40c29f7251737a956610

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://qidiantiku.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:32:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-chq4
server: cloudflare
etag: W/"2-21-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 6e7cd44e2dcc9bfe-FRA
access-control-allow-headers: content-type,x-tawk-token

POST start
va.tawk.to/v1/session/ 0
0

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 252ms
252ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://qidiantiku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 06 Mar 2022 17:32:12 GMT
x-served-by: visitor-application-preemptive-gbd3
access-control-allow-origin: https://qidiantiku.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e7cd44e8ef49bfe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET en.js
embed.tawk.to/_s/v4/app/62244375449/languages/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGqfWAl12iymbjoUYRAAABH0AAAAB&google_push=AYg5qPK6UkQOsp9sHz-b3n0E7WKsOicoLwGPmxsDDJaV8Kki4Yllygp3I0_yoBP-emJ6Sa8xqrNYIMHKJIlgwQa7IRMnSuV6Lk0&google_gid=CAESEIosSHrWiPs4IE-iBVhQqnU&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YiTwGtRDQNilr8ZhMUVmwAAABJsAAAAB&google_cver=1&google_gid=CAESEKrEghjaDLSpGuclYqPKC_4&google_push=AYg5qPKFOzJlRhG4lOlpifVlMgt0trXniz98g7F1VTSnw5mbOvWre78UCMTb9itEDuKsU5UyiWrdatvgzM8-cTtFXP5-IZmrxtVA

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: va.tawk.to
URL: https://va.tawk.to/v1/session/start

Domain: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62244375449/languages/en.js

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qidiantiku.com/	1978-01-11 21:31:40	Name: X_CACHE_KEY Value: 77a4b4c3339cb647f0a9c824dc8c34cb
qidiantiku.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jc84g2k429e05q40il3un1f65s
.qidiantiku.com/	1970-01-20 05:45:12	Name: UM_distinctid Value: 17f6049d835cbb-0675364a0f26ea-977173c-1d4c00-17f6049d836c68
qidiantiku.com/	1970-01-20 05:45:12	Name: CNZZDATA1272813438 Value: 442191860-1646578087-%7C1646578087
.qidiantiku.com/	1970-01-20 01:23:09	Name: __cf_bm Value: MGTJXqN.oI26yVq6PkxsJTCj96Tm_CPhqej0fPzEOz8-1646587927-0-AWczwbFG2YFSg7CGxlaBj26aDYEw/kYPVU+3+4TMYmbsjCyXXiQi99QF9MEY47QkKCq+hAkZlhs4auXPt0xkO1qW3Wu3SNAjXQa7U+uTR5Rz9YC3rfF+Cj5i6e/81Nxtdw==
.mmstat.com/	1970-01-20 10:08:43	Name: cna Value: F96rGocMKCsCAVQTr6UfywJZ
.cnzz.mmstat.com/	1969-12-31 23:59:59	Name: sca Value: 3825dff8
.cnzz.mmstat.com/	1969-12-31 23:59:59	Name: atpsida Value: 2b4bf6838e3b8a736ff950e9_1646587927_1
.qidiantiku.com/	1970-01-20 10:44:43	Name: __gads Value: ID=faf03e76e49dfccd-22eb15fe55cd00fa:T=1646587927:RT=1646587927:S=ALNI_MZcnquArgBJbV5ezCkzyMOl6Fe-sQ
.doubleclick.net/	1970-01-20 10:44:43	Name: IDE Value: AHWqTUl2WtJhgdMu5kKp6JBd4FkIMgzxhDCt85NXKCC44CwJK8ULN2X2HiynPDTLvCs
.quantserve.com/	1970-01-20 03:32:43	Name: d Value: EHEBCQHMJYEA
.quantserve.com/	1970-01-20 10:53:22	Name: mc Value: 6224f01a-31d92-fc5b3-29c70
.pubmatic.com/	1970-01-20 01:24:34	Name: KTPCACOOKIE Value: YES
.innovid.com/	1970-01-20 03:32:43	Name: uuid Value: 213b4ba6-0aaf-4c9c-afeb-ae9a96f42cf8-20220306 12:32:10
.agkn.com/	1970-01-20 10:08:43	Name: ab Value: 0001%3AoFbQHW6443XyOzvQUp3fZSk2cDgo4gLB
.agkn.com/	1970-01-20 10:08:43	Name: u Value: C\|0CEApt6yaKbesmgAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-20 03:32:43	Name: KADUSERCOOKIE Value: 2FCDEBCC-1031-424E-BE4E-7DF7A915EA33
.casalemedia.com/	1970-01-20 03:32:43	Name: CMPS Value: 3186
.e.dlx.addthis.com/	1970-01-20 10:53:22	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 01:24:34	Name: CMST Value: YiTwGmIk8BoA
.casalemedia.com/	1970-01-20 10:08:43	Name: CMID Value: YiTwGtRDQNilr8ZhMUVmwAAA
.casalemedia.com/	1970-01-20 03:32:43	Name: CMPRO Value: 1179
.addthis.com/	1970-01-20 10:53:22	Name: na_id Value: 2022030617321000013920318251
.addthis.com/	1970-01-20 10:53:22	Name: na_tc Value: Y
.addthis.com/	1970-01-20 10:53:22	Name: uid Value: 6224f01ac8cf8d03
.addthis.com/	1970-01-20 10:53:22	Name: ouid Value: 6224f01a000173e827952ab02d439c2fe6faa6a9da3ca10a8052
.dlx.addthis.com/	1970-01-20 02:06:19	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 02:06:19	Name: na_sr Value: 20220306
.dlx.addthis.com/	1970-01-20 01:23:07	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 02:06:19	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://s19.cnzz.com/z_stat.php?id=1272813438&web_id=1272813438 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1272813438&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s19.cnzz.com/z_stat.php?id=1272813438&web_id=1272813438 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1272813438&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
c.cnzz.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
cnzz.mmstat.com
d.agkn.com
e.dlx.addthis.com
embed.tawk.to
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
qidiantiku.com
rtb.openx.net
s19.cnzz.com
tpc.googlesyndication.com
va.tawk.to
www.google.com
www.googletagservices.com
www.gstatic.com
z8.cnzz.com
cm.g.doubleclick.net
embed.tawk.to
tpc.googlesyndication.com
va.tawk.to
104.111.215.191
142.250.186.162
198.47.127.19
221.231.83.250
2408:4001:f00::1fa
2606:4700:10::ac43:2642
2606:4700:3033::6815:d53
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a05:d01c:1d8:8102:d28c:83ad:1b58:a2c4
3.127.180.130
35.186.253.211
47.246.136.160
69.173.144.138
00d98ce37fea0b8150850e84f76db91325588cf9d19631f00f179d9682f09cf3
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
0a44a4de24ff89f0870dc376fb51f9b448f04ce9a8573b17b6932a659d1bd44c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0db3cadaca7e7acf3697390172de08daa6953e0a33b5006b96f19cdda2f4f5af
0e07cae31487d739a52091ea9d5233edc819e1a6dd81c8ed02b9e109baf7120d
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1527ff59f9f610224e23a391d4b1ce8e912fb19513de40c29f7251737a956610
1c36b64024c9c6d9b845bca26eb91636d0f74e469a231cf76ee7771375887457
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1ed1f5d17cb51ae56ac9add33f96d2ec44d1d6f67b6d880e7ec3f5b9cad98ada
22e38b79bd0be337043e5aa8c9490fef388ddaf51c25066952a6152442b6d52b
2390cace041dd3a3ab0b3c342ae2e8351d0a038b883c1d7b280d91eda3b82e57
245ce4175eda51880314790294ec73a86b6f8d94469db2d5a0c997532f79e0e6
248c577ede6a3075f066ccdbb69fb5e95fd5d56f58939534d321807a0c8233d0
25336cebdcac0824de141bd6e11e7784b1fa4f6894b170077390cbca82d5608a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
317a342e1968bc18c1e545bb83d5ee9058d1bce328a10779245f5b7f797e08a4
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
345976bb7955719641fbba6f3abbc1c5c64623415491c8ebfa8b6ebe3d69009d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
38f2fc5ff0b6ee5fca5de8ad685f8621f64caa297c190d53dacc8338a7839b25
41cf13b624d59fcbb6b96dc8240f712bee87550fbca94b6d179f0c3a8a59bb45
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc200cbbc5ad5c8f7b68fff9c1998c4b2472a1ec0db3970b6a1e1cf8a1db2b8
529885014e00897da95e9394245c0ab82e6161097444ed1a6a5a375dfe15b2fe
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5a260aed0d72aabdb4818e88d3248b323823a16841abf984c05f182b7a84f117
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6172406dca523961c0f7504de5848b47a70404e1540866f0e5b0b4c04649471b
61de8a99bc8f6ffc5bcc68d34f915f2d8d341e2099a70426cf2767fd4360da14
63468363c812fac1f94582c8b04bf4f29b44fa0a3223bca7f7cbfab8a4e619ce
66bbde50f5b496cac67b3abd8f6b4bedde581687669189d57e54f51b6e0c0a2b
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6d84caa1975868c33289ddb048963400d536f1ae3798e938a52ffd0f88ba2fde
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
6f71a1f350faf1d80c306d514fa89c13626140607ba8d240c00e643b4109c15b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
741aeaac64caaf3f9786605ad17c9202c126443744d5582b2b193f106652c1f5
755989652ed8d074e869415dbe77597200205ab3f75eb6ec2392ccb5ff03e1cd
778dec0226d034759b41d637c9d9ec7fc999a140955ca4e538ab3155d81b6d52
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ca762fe409f597c56edd52cf495d3c285729409032e9fe6bec9b798b1652f8c
7cc87a819674eb6e40aa0f4fea4dacff57dc60478fa9362fad42d6dca4a3a6ed
7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4
7f45735c60d62a9d690f19eb78ac9d4583d9b9d68e2c89ea277a9786b36767a9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
93a9433db914b4b7ea29a58c1abd3add1bc88eac6729be2f7d0e13fc68dc8dda
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
97981f691c3b706c021171ec8e183f0abe1eb37295e29252b3b1428fd685b278
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a133112416758edeea5183bec5c1fd622e8be85534e0de0871640209ac8c68ff
a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65b94b4bd52fce42def3eb819e3c916ade5acac0aa6eefdf8e851a34851de74
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad4bd085fc255ebd8d873d3f20e5ea8c346f3f2e7a1b6ea6c66927fb1671fac9
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
baad69d12174f41a038ea5675d5e8e43f153141f5fb39f10ebced531e7b29658
bcf2151ddf4b1cd91ecce9b996ebcf5d0bee3220f0ce9dfa65046c42fe902165
bf40de577bde04d406bfb24ce121b38777a8117479471108656f344a31a39566
c1b507927e8e82799e483cfb8477cdc0290e5a4eea65c260366f49671046f9d6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e017bdbdd0ae2d9acc1e3abab9cd04e0961a6b92e5ac365f1223a27b19167ae9
e3806bd062a4f4774c8ecc2a61e2dd79d82b0bd66a3d24812180273aadbf5f51
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548bc0ae90b17ab3558fef372b2d4ed0d7a2e0a197515f156f9e34c28414670
e87a09cef1a17d8c6a5a1b542521889f2f409262589d8d4fb1d9112c9e144bfb
e92cc6477830253cc305beccd8d17e78e16211f2289f84a99544d0ff74893277
eb6bfa8eea41505b08ad796cf57405796169f972111b01b3238f5f8fe37dbed8
ebdac1610e5bbabbf1f8705dadea2b280418a5ee9db2e0031e91c5af3f35014e
edfd740dadf4d0ca5d9eabbe50460c97d50ad054c6cb61c8e37c592c25d062d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2060b969f277041f8ac99199e026231ddd1da5b969a5f7d18746ff864161fcc
f4657e03d23297f749bdde25473f4278ea29a1eaca26330d0352e1f894ebb72f
f61f8295c57b05b467516dcdec043f122df214a2e3fb5a4446ad8d5abd993f40
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
fcb5adcb74224af39d068795449e597620c77fe6c562cf349c8102a474a1da36

qidiantiku.com Open in urlscan Pro 2606:4700:3033::6815:d53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

91 %HTTPS

71 %IPv6

20 Domains

31 Subdomains

25 IPs

4 Countries

1764 kBTransfer

3911 kBSize

30 Cookies

1 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qidiantiku.com Open in urlscan Pro
2606:4700:3033::6815:d53 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

91 %
HTTPS

71 %
IPv6

20
Domains

31
Subdomains

25
IPs

4
Countries

1764 kB
Transfer

3911 kB
Size

30
Cookies

132 HTTP transactions
5 data transactions