club.kdslife.com Open in urlscan Pro
106.14.236.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://club.kdslife.com/
Effective URL:
https://club.kdslife.com/f_15.html
Submission: On February 12 via api (February 12th 2021, 3:08:46 pm UTC) from US

Summary HTTP 171 Redirects Links 140 Behaviour Indicators

Summary

This website contacted 34 IPs in 10 countries across 30 domains to perform 171 HTTP transactions. The main IP is 106.14.236.64, located in Hangzhou, China and belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is club.kdslife.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 7th 2021. Valid for: a year.

This is the only time club.kdslife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	106.14.236.64 106.14.236.64	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
4	218.59.209.10 218.59.209.10	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	218.59.209.6 218.59.209.6	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
3	171.107.86.35 171.107.86.35	137693 (CHINATELE...) (CHINATELECOM-GUANGXI-NANNING-IDC CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province)
1	104.192.110.245 104.192.110.245	55992 (QIHOO Bei...) (QIHOO Beijing Qihu Technology Company Limited)
4	42.81.8.130 42.81.8.130	58542 (CHINATELE...) (CHINATELECOM-TIANJIN Tianjij)
14	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	115.231.228.249 115.231.228.249	58461 (CT-HANGZH...) (CT-HANGZHOU-IDC No.288)
3	47.246.43.148 47.246.43.148	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
4	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
3	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
8	94.130.16.67 94.130.16.67	24940 (HETZNER-AS) (HETZNER-AS)
4 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1 3	5.148.168.135 5.148.168.135	29691 (NINE) (NINE)
1 2	2a00:17c8:0:1... 2a00:17c8:0:103::20a	12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG)
2	2a01:ab20:0:2... 2a01:ab20:0:203::1:245	47302 (CYON) (CYON)
1	182.61.200.109 182.61.200.109	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1	63.32.128.23 63.32.128.23	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.148.152 193.232.148.152	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	52.57.46.37 52.57.46.37	16509 (AMAZON-02) (AMAZON-02)
1	54.250.196.226 54.250.196.226	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:710... 2a02:26f0:7100:481::2638	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
171	34

25 106.14.236.64 (Hangzhou, China) 1 redirects

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

club.kdslife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 218.59.209.10 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

images.kdslife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 218.59.209.6 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

static.kdslife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 171.107.86.35 (China)

ASN137693 (CHINATELECOM-GUANGXI-NANNING-IDC CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China., CN)

club-img.kdslife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.192.110.245 (United States)

ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN)

static.mediav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 42.81.8.130 (China)

ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN)

88.166sh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 115.231.228.249 (Shanghai, China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)

img-cms.pchome.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 47.246.43.148 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

images.pchome.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 94.130.16.67 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: veramedia1.timmeserver.de

assets.bly.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

cct.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cct.shop.post.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.148.168.135 (Switzerland) 1 redirects

ASN29691 (NINE, CH)
PTR: adresult08.nine.ch

www.adtracker.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.adtracker.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:17c8:0:103::20a (Rickenbach, Germany) 1 redirects

ASN12511 (CH-POSTNETZ Post CH AG, CH)

www.post.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:ab20:0:203::1:245 (Switzerland)

ASN47302 (CYON, CH)

campaigns.cembra.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.200.109 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.128.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-128-23.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.152 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.46.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-46-37.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.250.196.226 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-196-226.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:7100:481::2638 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

assets.lyreco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	kdslife.com 1 redirects club.kdslife.com images.kdslife.com static.kdslife.com club-img.kdslife.com	401 KB
31	googlesyndication.com pagead2.googlesyndication.com ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com tpc.googlesyndication.com	405 KB
21	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	194 KB
10	ampproject.org cdn.ampproject.org	195 KB
8	bly.ch assets.bly.ch	30 KB
7	adform.net track.adform.net s1.adform.net	40 KB
7	google.com 3 redirects adservice.google.com www.google.com	919 B
6	lyreco.com assets.lyreco.com	30 KB
5	pchome.net img-cms.pchome.net images.pchome.net	37 KB
4	166sh.com 88.166sh.com	40 KB
3	post.ch 2 redirects cct.shop.post.ch www.post.ch	959 B
3	adtracker.ch 1 redirects www.adtracker.ch tracking.adtracker.ch	474 B
3	connects.ch 3 redirects cct.connects.ch	1 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
3	googletagservices.com www.googletagservices.com	94 KB
2	360yield.com 2 redirects match.360yield.com	788 B
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	adhigh.net 2 redirects px.adhigh.net	1 KB
2	cembra.ch campaigns.cembra.ch	2 KB
1	adingo.jp cc.adingo.jp	44 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	460 B
1	adsrvr.org match.adsrvr.org	265 B
1	linkedin.com 1 redirects px.ads.linkedin.com	452 B
1	baidu.com pos.baidu.com wn.pos.baidu.com Failed	14 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	640 B
1	mediav.com static.mediav.com	52 KB
0	cnzz.com Failed s9.cnzz.com Failed
0	baidustatic.com Failed cpro.baidustatic.com Failed
171	30

	Domain	Requested by
25	club.kdslife.com	1 redirects club.kdslife.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net club.kdslife.com tpc.googlesyndication.com ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	2 redirects ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
8	assets.bly.ch	s1.adform.net assets.bly.ch club.kdslife.com
7	securepubads.g.doubleclick.net	club.kdslife.com securepubads.g.doubleclick.net
6	assets.lyreco.com	club.kdslife.com
6	www.google.com	3 redirects club.kdslife.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com club.kdslife.com ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	club.kdslife.com pagead2.googlesyndication.com ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
4	track.adform.net	ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com s1.adform.net assets.bly.ch
4	88.166sh.com	club.kdslife.com 88.166sh.com pos.baidu.com
4	images.kdslife.com	club.kdslife.com
3	cct.connects.ch	3 redirects
3	s1.adform.net	track.adform.net s1.adform.net assets.bly.ch
3	images.pchome.net	club.kdslife.com
3	ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com club.kdslife.com ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
3	club-img.kdslife.com	club.kdslife.com
3	static.kdslife.com	club.kdslife.com
2	match.360yield.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	px.adhigh.net	2 redirects
2	campaigns.cembra.ch	assets.bly.ch
2	www.post.ch	1 redirects assets.bly.ch
2	www.adtracker.ch	ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com club.kdslife.com
2	img-cms.pchome.net	club.kdslife.com
2	fonts.googleapis.com	tpc.googlesyndication.com assets.bly.ch
1	ajax.googleapis.com	assets.bly.ch
1	cc.adingo.jp	ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	match.adsrvr.org	ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
1	px.ads.linkedin.com	1 redirects
1	pos.baidu.com	88.166sh.com
1	tracking.adtracker.ch	1 redirects
1	cct.shop.post.ch	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.mediav.com	club.kdslife.com
0	wn.pos.baidu.com Failed	pos.baidu.com
0	s9.cnzz.com Failed	club.kdslife.com
0	cpro.baidustatic.com Failed	club.kdslife.com 88.166sh.com pos.baidu.com
171	44

This site contains links to these domains. Also see Links.

Domain
www.kdslife.com
article.kdslife.com
trip.kdslife.com
car.kdslife.com
cate.kdslife.com
finance.kdslife.com
app.kdslife.com
clubitems.kdslife.com
dcclub.kdslife.com
fls.kdslife.com
h5.art-m.cn
daipai.kdslife.com
www.12377.cn
passport.kdslife.com
im.kdslife.com
i.kdslife.com
my.kdslife.com
pc768.com
www.toprv.com.cn
beian.miit.gov.cn
www.beian.gov.cn
sh.gsxt.gov.cn
www.zx110.org
www.shjbzx.cn
report.12377.cn

Subject Issuer	Validity	Valid
*.kdslife.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-07` - `2022-02-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.mediav.com WoTrus OV SSL CA	`2020-02-13` - `2022-05-13`	2 years	crt.sh
88.166sh.com TrustAsia TLS RSA CA	`2020-12-10` - `2021-12-09`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.pchome.net AlphaSSL CA - SHA256 - G2	`2021-01-05` - `2022-02-06`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
assets.bly.ch R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
adtracker.ch R3	`2021-01-25` - `2021-04-25`	3 months	crt.sh
www.post.ch SwissSign Server Gold CA 2014 - G22	`2019-07-31` - `2021-07-31`	2 years	crt.sh
campaigns.cembra.ch R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.adingo.jp DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-04-15`	a year	crt.sh
secure5.scene7.com DigiCert SHA2 High Assurance Server CA	`2020-08-25` - `2022-11-07`	2 years	crt.sh

This page contains 16 frames:

Primary Page: https://club.kdslife.com/f_15.html
Frame ID: 131E128BA5357C51C6930DF5D057545A
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html
Frame ID: 3899CFC4CC8A148D247954B0438E12DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2322073735065674&output=html&h=90&slotname=7638767970&adk=1937175584&adf=1562872396&pi=t.ma~as.7638767970&w=960&lmt=1613142504&psa=0&format=960x90&url=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&flash=0&wgl=1&dt=1613142504399&bpp=15&bdt=7350&idt=95&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5884319987363&frm=20&pv=2&ga_vid=774414956.1613142505&ga_sid=1613142505&ga_hid=2000765424&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=434&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=2198989340686001&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vIdii2gmx2&p=https%3A//club.kdslife.com&dtd=114
Frame ID: 3EA626FE8D1BACD2A5B5A4D452555CCB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 531408931E7C0F866F19A57C6AA24CFC
Requests: 13 HTTP requests in this frame

Frame: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 774B95316070347CE9FC59AC2CF4CB65
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: B49A69F8260AE56829E2407BA892F92E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html
Frame ID: 2AA3798FA9A74C34FC47EA893C2F7248
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm4OL6JkmYNi3OYSE3gOlhqnwD433halho82oxsoMsKGy74MCEAEgsI3vemD1lc6B4ASgAbiQmfECyAEJ4AIAqAMByAMIqgTpAU_QuskWS4-nLSzPuH4H0KySSqeitCTdUGwC_uuk0Tdu_S5TQ3PNv5z5HRwbn-zm9E1o6qGT-l5_mJ2I10InsVO93cBHL2H7Fkq4im5h_j6H5xaDWAOFStAyFS3fQh4nzX2GSTMgV13enMnO6OX-JmvReutc4qKb2riGAWIzwrotZthj3itzF6WBrnvPDYa2wyjdwplVoF2hvMCBmbisbaYrozuNSe2yEo3YwWrMMH4jjRlqeB2QnLMyG8zEDtfPkeXc6Gfg21zLWL2cNJkCuQd6mtMyt3yN8fkBaPXfNYUDUDMtNUZoJMOZwASJnMqeoQLgBAGSBQQIBBgBkgUECAUYBKAGLoAHsO_mjgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQr6kC0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MYAKA8gLAdgTCrIXGgoYCAASFHB1Yi04MzcxNzQ5MjY3MTkxNzI5&sigh=2hnJNIvt_1U&template_id=419&tpd=AGWhJmsn38aExK2YnHvmZFY4Ziez-rLveNS7Ebqrjo37zTKl7Q
Frame ID: B2CD10BFD4FA629A42D1360BEAE5F820
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9A6BCA1BCF1AD81D745384C1A8AC920C
Requests: 2 HTTP requests in this frame

Frame: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F6F9568125EBD611FA88AE110F3788CA
Requests: 17 HTTP requests in this frame

Frame: https://www.post.ch/de?lea_source=2021021216082744878222769X116404V1571145373M
Frame ID: 493C8F6849ED266A13F2ABD08AB860FC
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Frame ID: 135C7AB0F323F162590DC3507B9622AF
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Frame ID: C3DEF480A0C95F9349A6E8C2B603A134
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7AA3CAA60C8A5EC5BFD568B38E8ADFE
Requests: 9 HTTP requests in this frame

Frame: https://pos.baidu.com/s?wid=300&hei=250&di=u6431392&ltu=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&psi=9959a03241d2a03e34ad6bfe0d4e1631&dc=3&ti=%E5%AE%BD%E5%B8%A6%E5%B1%B1-%E5%AE%BD%E5%B8%A6%E5%B1%B1KDS-%E5%AE%BD%E5%B8%A6%E5%B1%B1%E7%A4%BE%E5%8C%BA-%E5%9F%8E%E5%B8%82%E6%B6%88%E8%B4%B9%E9%97%A8%E6%88%B7&ps=805x1079&drs=1&pcs=1600x1200&pss=1600x3708&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1613142507&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1613142507&dtm=HTML_POST&tpr=1613142507248&ari=2&ant=0&exps=110257,110009,111000,110011,110739&prot=2&dis=0&dai=1&dri=0
Frame ID: A1D0DB84E0DD6E711EE72617CB44574F
Requests: 5 HTTP requests in this frame

Frame: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
Frame ID: 83C4DE395A6EE103B24E9417A30CF97C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://club.kdslife.com/ HTTP 302
https://club.kdslife.com/f_15.html Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

171
Requests

85 %
HTTPS

41 %
IPv6

30
Domains

44
Subdomains

34
IPs

10
Countries

1575 kB
Transfer

3891 kB
Size

0
Cookies

140 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kdslife.com/
Title: KDS首页

Search URL Search Domain Scan URL

URL: http://article.kdslife.com/list.html
Title: 宽带山资讯

Search URL Search Domain Scan URL

URL: http://trip.kdslife.com/
Title: 宽带山旅游

Search URL Search Domain Scan URL

URL: http://car.kdslife.com/
Title: 宽带山汽车

Search URL Search Domain Scan URL

URL: http://cate.kdslife.com/
Title: 宽带山美食

Search URL Search Domain Scan URL

URL: http://finance.kdslife.com/
Title: 宽带山理财

Search URL Search Domain Scan URL

URL: http://app.kdslife.com/
Title: 移动版

Search URL Search Domain Scan URL

URL: http://clubitems.kdslife.com/index.php?c=jingcai/index
Title: PP竞猜

Search URL Search Domain Scan URL

URL: https://dcclub.kdslife.com/f_3.html
Title: 数码影像俱乐部

Search URL Search Domain Scan URL

URL: https://fls.kdslife.com/
Title: 福利山

Search URL Search Domain Scan URL

URL: https://h5.art-m.cn/pages/home/pinpaijie?id=49
Title: KDS宽带山官方专卖店

Search URL Search Domain Scan URL

URL: https://daipai.kdslife.com/
Title: 宽带山代拍

Search URL Search Domain Scan URL

URL: https://www.12377.cn/
Title: 举报

Search URL Search Domain Scan URL

URL: https://passport.kdslife.com/login.php?action=login&back=1
Title: 快速登录

Search URL Search Domain Scan URL

URL: https://passport.kdslife.com/index.php
Title: 宽带山登录

Search URL Search Domain Scan URL

URL: https://passport.kdslife.com/index.php?c=register
Title: 注册

Search URL Search Domain Scan URL

URL: http://im.kdslife.com/
Title: 1

Search URL Search Domain Scan URL

URL: https://i.kdslife.com/
Title: 账号

Search URL Search Domain Scan URL

URL: https://passport.kdslife.com/index.php?c=login&m=loginout
Title: 注销

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547114391.html
Title: 达*秀

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547369216.html
Title: 飞古好切切

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549798860.html
Title: 油条猴

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_137567.html
Title: 海洋

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549798877.html
Title: 豆浆猴

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600030056.html
Title: NNGX2017

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_243160.html
Title: zchange

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_216876.html
Title: 蒜你狠

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_5376307.html
Title: 职业电灯泡

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600139922.html
Title: Karster

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_4423748.html
Title: gpning

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600150797.html
Title: HHHMMM

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600098943.html
Title: huangjiaqu

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_308732.html
Title: likerainn

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600227342.html
Title: alex112233

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_172436.html
Title: conanxl

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600063319.html
Title: 网红

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548059427.html
Title: waltz

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600113049.html
Title: 湖摇山水

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_420551.html
Title: 海飞兹

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549761366.html
Title: 棉花店西老板

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_1530999.html
Title: 捏脸侠

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547298562.html
Title: 好人多啊

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600028594.html
Title: bgsxy63289

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_342901.html
Title: 奔5

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_5469336.html
Title: 醉八仙

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_438787.html
Title: 梦想

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600051767.html
Title: 泡饭猴

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_1209076.html
Title: 彷徨

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549069824.html
Title: 面対現実

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600084015.html
Title: wumg

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600214576.html
Title: 沪小龙人

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549781259.html
Title: xjh002561

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549444631.html
Title: nirewo

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_801767.html
Title: Raptor65

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600092773.html
Title: 往事随风666

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600160064.html
Title: 屌丝别说话

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_171199.html
Title: RX-09

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600224460.html
Title: 上海烤鸭

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549130584.html
Title: Carat

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600045098.html
Title: monkey_in_

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549079403.html
Title: montesquie

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600041578.html
Title: dywj

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548977687.html
Title: 小我无伤

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548175945.html
Title: 胖大海

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_8779.html
Title: 出来混的

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_546645351.html
Title: 浪游

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548809876.html
Title: 搓心搓肺

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_32755.html
Title: melmission

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549392762.html
Title: 南昌大楼

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600030453.html
Title: Rintheimer

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600133298.html
Title: 北京市民

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600122632.html
Title: 嘎生饭

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600091591.html
Title: 上海本地狂男

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547477178.html
Title: 大卫

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548816018.html
Title: shanks5566

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600114072.html
Title: 南山敬老院

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_2764041.html
Title: AndRoid

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600067870.html
Title: 空虚的奴家

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600228494.html
Title: wuliapa

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_488188.html
Title: 空中之色

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600228690.html
Title: QLU

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600069797.html
Title: 共富熊猫

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_4942272.html
Title: yub

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547145011.html
Title: 牛B哄哄

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_546845197.html
Title: maruco

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600210937.html
Title: michaelbay

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547064830.html
Title: cysco

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_74898.html
Title: 不假装

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_4292391.html
Title: inso

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548479813.html
Title: 毛仁性

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547416266.html
Title: 倖田來未

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548757399.html
Title: 山本彩

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_62815.html
Title: 老土匪

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_120246.html
Title: 子曰

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549374136.html
Title: 钞票哈多呀

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600151873.html
Title: 老天也知道

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600086851.html
Title: AaronKwok0

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600072270.html
Title: 铁壁阿童木

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_546821002.html
Title: 小豚奔驰

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_97657.html
Title: 鬼雨

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600093082.html
Title: Fatieji001

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_5551922.html
Title: 近日头条

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600161666.html
Title: 小多牛肉面

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547068778.html
Title: 幸福无价

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_198550.html
Title: 怒吼天尊

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_548496630.html
Title: 美音

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_368437.html
Title: 莉雅

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_547304485.html
Title: 拉姆士

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600212713.html
Title: minxingqu

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_549309564.html
Title: erbaozi

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600099486.html
Title: wxd1avqkf1

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600110661.html
Title: 鸟山明笔下第一百高手

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600027719.html
Title: 北外滩沈冲

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600079397.html
Title: 小電車低調

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_546907815.html
Title: 鱼与熊掌

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600124551.html
Title: Shanghai20

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600106435.html
Title: pamgu

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_546680063.html
Title: 吃吃困困

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600209610.html
Title: Hyabusa

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600228593.html
Title: wbl5laj5p7

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600109800.html
Title: sanada2018

Search URL Search Domain Scan URL

URL: http://my.kdslife.com/home_600210228.html
Title: 够朋友

Search URL Search Domain Scan URL

URL: http://pc768.com/
Title: 常用软件下载

Search URL Search Domain Scan URL

URL: http://www.toprv.com.cn/
Title: 房车头条

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus
Title: 关于我们

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/contact
Title: 联系我们

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/joinus
Title: 加入我们

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus/business1.html
Title: 营销服务

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus/legal.html
Title: 法律声明

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus/state.html
Title: 投诉声明

Search URL Search Domain Scan URL

URL: http://beian.miit.gov.cn/
Title: 沪ICP备20005056号-2

Search URL Search Domain Scan URL

URL: http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=31011502014470
Title: 沪公网安备 31011502014470号

Search URL Search Domain Scan URL

URL: https://sh.gsxt.gov.cn/notice/notice/view?uuid=VgYaGdm2x7mqOPOHIKU_HQ5P1IgqBGta&tab=01

Search URL Search Domain Scan URL

URL: https://www.zx110.org/

Search URL Search Domain Scan URL

URL: https://www.shjbzx.cn/

Search URL Search Domain Scan URL

URL: https://report.12377.cn:13225/toreportinputNormal_anis.do

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus/aboutus1.html
Title: 关于我们

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus/contact.html
Title: 联系我们

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus/joinus.html
Title: 加入我们

Search URL Search Domain Scan URL

URL: https://www.kdslife.com/aboutus/link
Title: 友情链接

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://club.kdslife.com/ HTTP 302
https://club.kdslife.com/f_15.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 137

https://cct.connects.ch/tpv.php?t=116404V1455142245M&rnd=33161 HTTP 302
https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878222599X116404V1455142245M&utm_source=Affiliate

Request Chain 139

https://cct.connects.ch/tpv.php?t=116404V1571145373M HTTP 302
https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1 HTTP 302
https://tracking.adtracker.ch/link/red/l/Mzg2?lea_source=2021021216082744878222769X116404V1571145373M&utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects HTTP 302
https://www.post.ch/?lea_source=2021021216082744878222769X116404V1571145373M HTTP 301
https://www.post.ch/de?lea_source=2021021216082744878222769X116404V1571145373M

Request Chain 144

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBb8uJvhwRYLL_PjtkFQigU&google_cver=1&google_push=AQvitUI1oXQ7BxIiS-_I9rjtaQvjbbOHVQC3VZ7arWw_UPCJIZdoi-JdtIslIcBY0Ytx9SHiRBbJGTiVD4Eebbboxfs-RVQwdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUI1oXQ7BxIiS-_I9rjtaQvjbbOHVQC3VZ7arWw_UPCJIZdoi-JdtIslIcBY0Ytx9SHiRBbJGTiVD4Eebbboxfs-RVQwdg

Request Chain 146

https://px.adhigh.net/p/gm/rub?google_gid=CAESEG3eSQ-Ud_nWm1SeyIkdOe8&google_cver=1&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA HTTP 302
https://px.adhigh.net/p/gm/rub?google_gid=CAESEG3eSQ-Ud_nWm1SeyIkdOe8&google_cver=1&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA&bounced=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA&google_hm=ueALrhzNf_oAAikABlF3lslI6g%3D%3D

Request Chain 147

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEO-eFStAw346z-FPAZhYRaQ&google_cver=1&google_push=AQvitUIgP3L52e9D-7Q2GZz2BYhB8ah7Hxeug1go2IN0hxanJQZEYiahO9AjGxCSs0Ww4Lb3D_OJxQsGr59TD14UVoAVtJbBAms HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEO-eFStAw346z-FPAZhYRaQ&google_cver=1&google_push=AQvitUIgP3L52e9D-7Q2GZz2BYhB8ah7Hxeug1go2IN0hxanJQZEYiahO9AjGxCSs0Ww4Lb3D_OJxQsGr59TD14UVoAVtJbBAms&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mYNrod49RAe2yO3E1wsawA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIgP3L52e9D-7Q2GZz2BYhB8ah7Hxeug1go2IN0hxanJQZEYiahO9AjGxCSs0Ww4Lb3D_OJxQsGr59TD14UVoAVtJbBAms

Request Chain 148

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAY6HmvUVtKjACC7ZUSMLp8&google_cver=1&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsXiUCCKj98wCVhU6hAu-Zgl2GQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0wyRkVDVUktMTctTTMzVg==&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsXiUCCKj98wCVhU6hAu-Zgl2GQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0wyRkVDVUktMTctTTMzVg==&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsXiUCCKj98wCVhU6hAu-Zgl2GQ&google_tc=

Request Chain 149

https://match.360yield.com/match/ebda?google_gid=CAESEGGD5uKjLP8Yb6ztbpvLEaU&google_cver=1&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZuvH9vxd2jyjc HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGGD5uKjLP8Yb6ztbpvLEaU&google_cver=1&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZuvH9vxd2jyjc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vNZ16fm4Tt-AD4i0cY-lzQ&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZuvH9vxd2jyjc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vNZ16fm4Tt-AD4i0cY-lzQ&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZuvH9vxd2jyjc&google_tc=

Request Chain 154

https://cct.connects.ch/tpv.php?t=116404V1455142245M HTTP 302
https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878223265X116404V1455142245M&utm_source=Affiliate

171 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set f_15.html Show response
club.kdslife.com/
Redirect Chain

https://club.kdslife.com/
https://club.kdslife.com/f_15.html

138 KB
21 KB

2038ms
1324ms

Document
text/html

106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache / PHP/7.0.14
Resource Hash: f93f1634d92995df3f47225262dbc0f67cd541ed815242acd0a60a64dc39b1be

Request headers

Host: club.kdslife.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:16 GMT
Server: Apache
X-Powered-By: PHP/7.0.14
Set-Cookie: tag_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21251
Keep-Alive: timeout=0, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 12 Feb 2021 15:08:14 GMT
Server: Apache
X-Powered-By: PHP/7.0.14
location: https://club.kdslife.com/f_15.html
Content-Length: 0
Keep-Alive: timeout=0, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK global.css
images.kdslife.com/global/common/style/ 2 KB
2 KB 2944ms
367ms Stylesheet
text/css 218.59.209.10
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://images.kdslife.com/global/common/style/global.css
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.59.209.10 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Apache /
Resource Hash: b8b885b0eb023ca197a7618d5d3964572ddc10a28562b775f1b73feb8c16f69d

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 01:45:56 GMT
Server: Apache
ETag: "9df-58dd6a77c1d00-gzip"
Vary: Accept-Encoding
X-Cache: HIT from BC8_lt-shandong-binzhou-4-cache-1(baishan)
Content-Type: text/css
Expires: Wed, 03 Mar 2021 18:00:51 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1210
X-Ser: BC169_dx-lt-yd-jiangsu-zhenjiang-3-cache-2, BC8_lt-shandong-binzhou-4-cache-1

GET
H/1.1 200
OK common.css
club.kdslife.com/ui/css/ 55 KB
11 KB 3717ms
238ms Stylesheet
text/css 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: dfb58554b9ae72904754724b542fcd53d0dbd01a77dac7e02c8712dd0efa84ff

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 06:12:07 GMT
Server: Apache
ETag: "db19-5b0091467e810-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 10815
Expires: Sun, 14 Mar 2021 15:08:20 GMT

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
club.kdslife.com/ui/js/ 93 KB
33 KB 5722ms
243ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/jquery-1.7.2.min.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "1727b-55493f5460739-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 33863
Expires: Sun, 14 Mar 2021 15:08:22 GMT

GET
H/1.1 200
OK jquery.SuperSlide.2.1.3.js Show response
club.kdslife.com/ui/js/ 12 KB
4 KB 4726ms
233ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/jquery.SuperSlide.2.1.3.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 1d6f3374e6585f541d143d936c0b264b2104d53a9108bcf81d66e895d03287e0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Apr 2020 03:19:07 GMT
Server: Apache
ETag: "2ead-5a465693d30ab-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 4039
Expires: Sun, 14 Mar 2021 15:08:21 GMT

GET
H/1.1 200
OK banner.js Show response
club.kdslife.com/ui/js/ 432 B
562 B 5033ms
526ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/banner.js?v1122
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: e2daa224b6c152e3a1b51334bf64aa8c5ce0447b9769ad2d50bad84b4ac7118f

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Apr 2020 03:45:07 GMT
Server: Apache
ETag: "1b0-5a479e404255e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 156
Expires: Sun, 14 Mar 2021 15:08:21 GMT

GET
H/1.1 200
OK newIndex.css
club.kdslife.com/ui/css/ 7 KB
3 KB 3719ms
239ms Stylesheet
text/css 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/css/newIndex.css?v=111222
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: da314a5f7b1d7954ed7c5af7330f87124690b72e1c0f7065b0833dfe89d7f9b1

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Aug 2020 03:57:34 GMT
Server: Apache
ETag: "1cdd-5ac419ad8e06a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 2229
Expires: Sun, 14 Mar 2021 15:08:20 GMT

GET cm.js
cpro.baidustatic.com/cpro/ui/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 55ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48410
x-xss-protection: 0
server: cafe
etag: 10670273244432943938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 15:08:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 139ms
65ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

16acf03a08b0bcf3700a99aac7128c00cdebabd2c3c1edfa4f1e1e1f24619715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "781 / 638 of 1000 / last-modified: 1613132208"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19521
x-xss-protection: 0
expires: Fri, 12 Feb 2021 15:08:24 GMT

GET
H/1.1 200
OK swiper.min.css
club.kdslife.com/ui/css/ 19 KB
3 KB 5278ms
1568ms Stylesheet
text/css 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/css/swiper.min.css
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Sep 2020 08:42:34 GMT
Server: Apache
ETag: "4d42-5afced4f17774-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 3099
Expires: Sun, 14 Mar 2021 15:08:22 GMT

GET
H/1.1 200
OK swiper.min.js Show response
club.kdslife.com/ui/js/ 125 KB
33 KB 5535ms
239ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/swiper.min.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Sep 2020 08:42:34 GMT
Server: Apache
ETag: "1f3be-5afced4f18714-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 33641
Expires: Sun, 14 Mar 2021 15:08:22 GMT

GET
H/1.1 200
OK index.css
static.kdslife.com/kds/channel/forum/festival/ 124 B
632 B 3982ms
374ms Stylesheet
text/css 218.59.209.6
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kdslife.com/kds/channel/forum/festival/index.css?v=20210212-23
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.59.209.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Apache /
Resource Hash: 876e3791e775996e7af115334c0023825ff4335006456da445708cdab4dd2ba9

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Aug 2018 06:07:33 GMT
Server: Apache
ETag: "7c-5726da08179af-gzip"
Vary: Accept-Encoding
X-Cache: HIT from BC11_lt-shandong-binzhou-4-cache-1(baishan)
Content-Type: text/css
Expires: Sun, 14 Mar 2021 15:00:03 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127
X-Ser: BC37_dx-lt-yd-shandong-jinan-5-cache-7, BC11_lt-shandong-binzhou-4-cache-1

GET
H/1.1 200
OK floor.css
club.kdslife.com/ui/css/ 2 KB
1 KB 4626ms
237ms Stylesheet
text/css 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/css/floor.css?v=2018050902
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 5e86a08da43af3bbcc6d4c750c0834244799cad8cda56969fc00ac53ab8093ae

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 May 2018 02:06:13 GMT
Server: Apache
ETag: "92e-56bbc58e5d589-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 787
Expires: Sun, 14 Mar 2021 15:08:21 GMT

GET
H2 200 qho60y-esr.png
club-img.kdslife.com/attach/1k4/y0/4l/ 18 KB
18 KB 3183ms
1382ms Image
image/png 171.107.86.35
CHINATELECOM-GUAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club-img.kdslife.com/attach/1k4/y0/4l/qho60y-esr.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 171.107.86.35 , China, ASN137693 (CHINATELECOM-GUANGXI-NANNING-IDC CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d7a2e2b476e08b736e57e6a4c27bbc224b43a7680b34cbc87cf097cb01e3f112

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ohc-file-size: 18153
date: Fri, 12 Feb 2021 15:08:26 GMT
x-oss-request-id: 600CDF9A60A911373073D20C
content-md5: dWVY+WgH43QIgAxEgSpxRw==
age: 1586299
content-length: 18153
x-oss-object-type: Normal
ohc-cache-hit: nn4ct52 [4], jnctcache52 [4], czix230 [4]
last-modified: Thu, 24 Dec 2020 08:53:22 GMT
server: JSP3/2.0.14
etag: "756558F96807E37408800C44812A7147"
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 10248059629023895202
x-oss-server-time: 40

GET
H/1.1 200
OK kds_header.png
club.kdslife.com/ui/img/ 1 KB
2 KB 5083ms
316ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/kds_header.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 89cc8c548f7d32502717d0ff8fd8aaa8690360eb5029cd87017bd449c65391b8

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:41 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "5bc-55493f540e6b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 1468
Expires: Sun, 14 Mar 2021 15:08:41 GMT

GET
H/1.1 200
OK base.js Show response
club.kdslife.com/ui/js/ 5 KB
2 KB 308ms
307ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/base.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: f080853c0b8766979ce689976df39537673e0aeab33e426ccddce232cbc19a09

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 02:41:56 GMT
Server: Apache
ETag: "151b-5a2d28f67a62f-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 2092
Expires: Sun, 14 Mar 2021 15:08:22 GMT

GET
H2 200 feed_ts.js Show response
static.mediav.com/js/ 147 KB
52 KB 1226ms
325ms Script
application/x-javascript 104.192.110.245
QIHOO Beijing Qih...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mediav.com/js/feed_ts.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.110.245 , United States, ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN),
Reverse DNS
Software: /
Resource Hash: 7f67d7d259e6084e5915f4d8c2ae0d185a207b22c4940a3c69fc5608793d1789

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:47 GMT
content-encoding: gzip
kcs-via: HIT from w-fc01.lato;HIT from w-sc02.lato
last-modified: Fri, 25 Dec 2020 07:20:54 GMT
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=18000
content-type: application/x-javascript; charset=utf-8
expires: Fri, 12 Feb 2021 20:08:47 GMT

GET
H/1.1 200
OK gif1.gif
club.kdslife.com/ui/img/ 364 B
705 B 4162ms
1601ms Image
image/gif 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/gif1.gif
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 8aa16a5299f3fbaf2d4c621da90cb0fcce7a1ddbe2af504376329a991acdbdd0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:28 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "16c-55493f540f659"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 364
Expires: Sun, 14 Mar 2021 15:08:28 GMT

GET
H/1.1 200
OK zan_index.png
club.kdslife.com/ui/img/ 2 KB
2 KB 2738ms
255ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/zan_index.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: f723111a32933003bd81e290506ca9faa70700901c1ac6effee7178d119bc3cd

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:26 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "7d4-55493f54069b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 2004
Expires: Sun, 14 Mar 2021 15:08:26 GMT

GET
H/1.1 200
OK bg_h.png
club.kdslife.com/ui/img/ 1 KB
1 KB 6166ms
324ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/bg_h.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 3c7a4c9f54d1f5647a8347cb8185ab16ccab1f0a598a76a4baaa0b2e9fb44f11

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:30 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "44c-55493f540e6b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 1100
Expires: Sun, 14 Mar 2021 15:08:30 GMT

GET gif5.gif
club.kdslife.com/ui/img/ 0
0

GET gif0.gif
club.kdslife.com/ui/img/ 0
0

GET lv_index.png
club.kdslife.com/ui/img/ 0
0

GET mod_icon2.png
club.kdslife.com/ui/img/ 0
0

GET mod_icon1.png
club.kdslife.com/ui/img/ 0
0

GET mod_icon3.png
club.kdslife.com/ui/img/ 0
0

GET mod_icon4.png
club.kdslife.com/ui/img/ 0
0

GET
H2 200 j_q.js Show response
88.166sh.com/production/gba_xtkt/ 5 KB
2 KB 3414ms
964ms Script
text/javascript 42.81.8.130
CHINATELECOM-TIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://88.166sh.com/production/gba_xtkt/j_q.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.81.8.130 , China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: b562ca0bf5ab40eed8c2c20c9d108a130b20fe666602b9fa71fb5930c9b3b141

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:26 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 10:14:17 GMT
server: yunjiasu
yjs-cachestatus: HIT
yjs-id: 9cd85c272e552cee-115
p3p: CP=" OTI DSP COR IVA OUR IND COM "
cache-control: public, max-age=14400
content-type: text/javascript; charset=utf-8
content-length: 2122
expires: Fri, 12 Feb 2021 19:08:26 GMT

GET mod_icon5.png
club.kdslife.com/ui/img/ 0
0

GET
H/1.1 200
OK commonFootCopy.js Show response
static.kdslife.com/public/static/ 4 KB
2 KB 1303ms
1297ms Script
application/javascript 218.59.209.6
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kdslife.com/public/static/commonFootCopy.js?v=6
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.59.209.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Apache /
Resource Hash: e47a40691884898512c872347ef41d98ceeb51cd354a52181fecca7cca745db7

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2020 03:49:18 GMT
Server: Apache
ETag: "1005-5b7ba821d389e-gzip"
Vary: Accept-Encoding
X-Cache: HIT from BC11_lt-shandong-binzhou-4-cache-1(baishan)
Content-Type: application/javascript
Expires: Mon, 01 Mar 2021 03:56:27 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1676
X-Ser: BC167_dx-lt-yd-jiangsu-zhenjiang-3-cache-2, BC11_lt-shandong-binzhou-4-cache-1

GET
H/1.1 200
OK jquery.cookie.js Show response
club.kdslife.com/ui/js/ 3 KB
2 KB 10090ms
940ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/jquery.cookie.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 07:32:10 GMT
Server: Apache
ETag: "c31-56307f63bc6e1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 1365
Expires: Sun, 14 Mar 2021 15:08:32 GMT

GET kds.js
club.kdslife.com/ui/js/ 0
0

GET
H/1.1 200
OK kds-loginbar.js Show response
club.kdslife.com/ui/js/ 4 KB
2 KB 14757ms
564ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/kds-loginbar.js?v=20200525
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: bc77530262771e38e524df411970b9e2ec75d66900bd780ab938a88e54b2b319

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 06:12:07 GMT
Server: Apache
ETag: "114c-5b00914680751-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 1619
Expires: Sun, 14 Mar 2021 15:08:37 GMT

GET
H/1.1 200
OK pcPush.js Show response
club.kdslife.com/ui/js/ 2 KB
1 KB 13086ms
568ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/pcPush.js?v=2
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: ee1a2bce502b6a8942b4e5f3189099252272922c9c90564eb59209e8d56fc44d

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jul 2020 08:45:00 GMT
Server: Apache
ETag: "922-5ab17df2fbcf1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 792
Expires: Sun, 14 Mar 2021 15:08:35 GMT

GET index.php
club.kdslife.com/ 0
0

GET floor.js
club.kdslife.com/ui/js/ 0
0

GET z_stat.php
s9.cnzz.com/ 0
0

GET
H/1.1 200
OK popupImages_v1.js Show response
club.kdslife.com/ui/js/ 5 KB
2 KB 4204ms
727ms Script
application/javascript 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://club.kdslife.com/ui/js/popupImages_v1.js
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 678c05c34756854253747e40e317c4bbbfae1239eeb42cca106cdb6c3eb116f5

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "1409-55493f5460739-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 1768
Expires: Sun, 14 Mar 2021 15:08:37 GMT

GET totop.gif
club.kdslife.com/ui/img/ 0
0

GET chartMess.gif
club.kdslife.com/ui/img/ 0
0

GET night.png
club.kdslife.com/ui/img/ 0
0

GET
H2 200 qk12p1-24d7.png
club-img.kdslife.com/attach/1k5/5s/3n/ 141 KB
141 KB 3385ms
1585ms Image
image/png 171.107.86.35
CHINATELECOM-GUAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club-img.kdslife.com/attach/1k5/5s/3n/qk12p1-24d7.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 171.107.86.35 , China, ASN137693 (CHINATELECOM-GUANGXI-NANNING-IDC CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: b5096dc75bbb55a6e5c7fc39efce284cdff9c8e828d37a007d4960d25cdd0c6f

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ohc-file-size: 143983
date: Fri, 12 Feb 2021 15:08:26 GMT
x-oss-request-id: 6020C97653CCCC3236F8FF4E
content-md5: Qp7Dc70aPeHRfdSpJpevQg==
age: 380801
content-length: 143983
x-oss-object-type: Normal
ohc-cache-hit: nn4ct78 [4], jnctcache78 [4], czix78 [1]
last-modified: Mon, 08 Feb 2021 05:17:25 GMT
server: JSP3/2.0.14
etag: "429EC373BD1A3DE1D17DD4A92697AF42"
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 4827013827290236619
x-oss-server-time: 3

GET
H/1.1 200
OK nav-bg.png
images.kdslife.com/global/kds/kds_index/kds-index-2013/ 1 KB
1 KB 1259ms
1258ms Image
image/png 218.59.209.10
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kdslife.com/global/kds/kds_index/kds-index-2013/nav-bg.png?v001
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.59.209.10 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Apache /
Resource Hash: 5fe79846f39763e4f7a9aa820cad309f417ad165b1829272a30ccb9cbe819fe9

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:24 GMT
Last-Modified: Tue, 25 Jun 2013 10:22:56 GMT
Server: Apache
ETag: "435-4dff7e99ae000"
X-Cache: HIT from BC9_lt-shandong-binzhou-4-cache-1(baishan)
Content-Type: image/png
Expires: Sat, 27 Feb 2021 16:48:55 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1077
X-Ser: BC20_dx-lt-yd-fujian-xiamen-8-cache-2, BC9_lt-shandong-binzhou-4-cache-1

GET
H/1.1 200
OK repeat.png
images.kdslife.com/global/kds/kds_index/kds-index-2013/ 2 KB
2 KB 1092ms
361ms Image
image/png 218.59.209.10
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kdslife.com/global/kds/kds_index/kds-index-2013/repeat.png?v001
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.59.209.10 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Apache /
Resource Hash: 0fe052735f5a9c0750917d5411caf50df03ac5be065fc686f6e8dbbb209ad268

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:24 GMT
Last-Modified: Tue, 25 Jun 2013 10:32:54 GMT
Server: Apache
ETag: "721-4dff80d3fa180"
X-Cache: HIT from BC8_lt-shandong-binzhou-4-cache-1(baishan)
Content-Type: image/png
Expires: Thu, 18 Feb 2021 21:32:05 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1825
X-Ser: BC16_dx-lt-yd-shandong-jinan-5-cache-6, BC8_lt-shandong-binzhou-4-cache-1

GET
H/1.1 200
OK titles.png
images.kdslife.com/global/kds/kds_index/kds-index-2013/ 60 KB
60 KB 1124ms
385ms Image
image/png 218.59.209.10
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kdslife.com/global/kds/kds_index/kds-index-2013/titles.png?v001
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.59.209.10 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Apache /
Resource Hash: 8c32ddc8f8165cfb8b05216ff7284055996c2253b8fd0d87a171cbff117da733

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:24 GMT
Last-Modified: Wed, 31 Jul 2013 08:29:44 GMT
Server: Apache
ETag: "ef74-4e2ca870eae00"
X-Cache: HIT from BC3_lt-shandong-binzhou-4-cache-1(baishan)
Content-Type: image/png
Expires: Sat, 27 Feb 2021 16:48:54 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61300
X-Ser: BC19_dx-lt-yd-fujian-xiamen-8-cache-2, BC3_lt-shandong-binzhou-4-cache-1

GET
H2 200 qczga0-19rx.png
club-img.kdslife.com/attach/1k4/po/3y/ 1 KB
1 KB 3146ms
1345ms Image
image/png 171.107.86.35
CHINATELECOM-GUAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club-img.kdslife.com/attach/1k4/po/3y/qczga0-19rx.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 171.107.86.35 , China, ASN137693 (CHINATELECOM-GUANGXI-NANNING-IDC CHINATELECOM Guangxi Nanning IDC networkdescr: NanningGuangxi Province, P.R.China., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a765588a97931a762a96e3a65ef8816c4f5122cad124b0115125eab5fe32178a

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ohc-file-size: 1077
date: Fri, 12 Feb 2021 15:08:26 GMT
x-oss-request-id: 600541381672CD3932824979
content-md5: CdA1xtRxUU4tHJpSY232VA==
age: 2185394
content-length: 1077
x-oss-object-type: Normal
ohc-cache-hit: nn4ct58 [4], jnctcache58 [1], czix151 [1]
last-modified: Thu, 24 Sep 2020 06:20:24 GMT
server: JSP3/2.0.14
etag: "09D035C6D471514E2D1C9A52636DF654"
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 11655525470790280679
x-oss-server-time: 55

GET
H/1.1 200
OK kds_logo.png
club.kdslife.com/ui/img/ 6 KB
6 KB 3149ms
1686ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/kds_logo.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: ab4483961660a7deda7c6606e5621c492a8372802879f070899905f5d021d8ad

Request headers

Referer: https://club.kdslife.com/ui/css/common.css?v=2019090301
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:26 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "1608-55493f540e6b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 5640
Expires: Sun, 14 Mar 2021 15:08:26 GMT

GET
H/1.1 200
OK ad_tip_2016.png
static.kdslife.com/public/image/ad/ 3 KB
3 KB 1107ms
366ms Image
image/png 218.59.209.6
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kdslife.com/public/image/ad/ad_tip_2016.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 218.59.209.6 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: Apache /
Resource Hash: f61ed1014915942c5eff743083923dc5b3ba5e2477821decc6273c02a46e2c3b

Request headers

Referer: https://club.kdslife.com/ui/css/common.css?v=2019090301
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:23 GMT
Last-Modified: Tue, 14 Mar 2017 12:42:15 GMT
Server: Apache
ETag: "b51-54ab0285657c0"
X-Cache: HIT from BC6_lt-shandong-binzhou-4-cache-1(baishan)
Content-Type: image/png
Expires: Sat, 20 Feb 2021 14:08:36 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2897
X-Ser: BC154_dx-lt-shandong-qingdao-2-cache-2, BC6_lt-shandong-binzhou-4-cache-1

GET kds_navi_l.png
club.kdslife.com/ui/img/ 0
0

GET
H/1.1 200
OK kds_navi_r.png
club.kdslife.com/ui/img/ 1 KB
1 KB 675ms
231ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/kds_navi_r.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: e0ec060a7251758202644159bb3c9ca30b915106d8601d3fa2d8edb7110b9834

Request headers

Referer: https://club.kdslife.com/ui/css/common.css?v=2019090301
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:23 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "448-55493f540e6b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 1096
Expires: Sun, 14 Mar 2021 15:08:23 GMT

GET
H/1.1 200
OK jiaoB.png
club.kdslife.com/ui/img/ 970 B
1 KB 826ms
293ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/jiaoB.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 680b119ca98f373b687ceade9cbd4a319c45a38687ba96c76eea1cd16d9583fe

Request headers

Referer: https://club.kdslife.com/ui/css/common.css?v=2019090301
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:23 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "3ca-55493f540e6b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 970
Expires: Sun, 14 Mar 2021 15:08:23 GMT

GET moderator.gif
club.kdslife.com/ui/img/ 0
0

GET gif2.gif
club.kdslife.com/ui/img/ 0
0

GET gif4.gif
club.kdslife.com/ui/img/ 0
0

GET gif3.gif
club.kdslife.com/ui/img/ 0
0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/ 226 KB
85 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86814
x-xss-protection: 0
server: cafe
etag: 8889400180175641948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 15:08:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/ Frame 3899 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210208/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://club.kdslife.com/f_15.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://club.kdslife.com/f_15.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 12 Feb 2021 06:00:57 GMT
expires: Fri, 26 Feb 2021 06:00:57 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 32847
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 121ms
60ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=club.kdslife.com&callback=_gfp_s_&client=ca-pub-2322073735065674

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1bc45f2a5e105b35afc942730d898d60c7d588dcb8ba3b4c40da1e9b05e8858c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=club.kdslife.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 52ms
32ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=club.kdslife.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3EA6 405 B
332 B 99ms
99ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2322073735065674&output=html&h=90&slotname=7638767970&adk=1937175584&adf=1562872396&pi=t.ma~as.7638767970&w=960&lmt=1613142504&psa=0&format=960x90&url=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&flash=0&wgl=1&dt=1613142504399&bpp=15&bdt=7350&idt=95&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5884319987363&frm=20&pv=2&ga_vid=774414956.1613142505&ga_sid=1613142505&ga_hid=2000765424&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=434&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=2198989340686001&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vIdii2gmx2&p=https%3A//club.kdslife.com&dtd=114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

847f4a9e22fda152adc2a0658bc70cef9004b103cc9761324e48fd6f4bd281c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2322073735065674&output=html&h=90&slotname=7638767970&adk=1937175584&adf=1562872396&pi=t.ma~as.7638767970&w=960&lmt=1613142504&psa=0&format=960x90&url=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&flash=0&wgl=1&dt=1613142504399&bpp=15&bdt=7350&idt=95&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5884319987363&frm=20&pv=2&ga_vid=774414956.1613142505&ga_sid=1613142505&ga_hid=2000765424&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=434&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=2198989340686001&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vIdii2gmx2&p=https%3A//club.kdslife.com&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://club.kdslife.com/f_15.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://club.kdslife.com/f_15.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 15:08:24 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 15:23:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 15:08:24 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Fri, 12 Feb 2021 15:08:24 GMT

GET
H3-Q050 200 pubads_impl_2021020901.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 154ms
120ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:41:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103372
x-xss-protection: 0
expires: Fri, 12 Feb 2021 15:08:24 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 352 KB
66 KB 645ms
644ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2198989340686001&correlator=2567921143286409&output=ldjh&impl=fifs&adsid=NT&eid=21068773%2C21068891%2C31060131&vrg=2021020901&ptt=17&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210212&iu_parts=95346945%2Ckdslife_300x250_M0%2Ckdslife_home_300x250_1%2Ckdslife_inner_300x250_1%2Ckdslife_inner_300x250_2%2Ckdslife_inner_300x250_3%2Ckdslife_inner_838x108_1%2Ckdslife_inner_838x108_2%2Ckdslife_inner_300x600_1%2Ckdslife_inner_960x90_1%2Ckdslife.com_728x90_1%2Ckdslife_home_300x250_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F4%2C%2F0%2F11&prev_iu_szs=300x250%2C300x250%2C320x50%7C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C838x108%2C838x108%2C300x600%2C960x90%2C950x90%7C728x90%7C970x66%7C970x90%7C960x90%2C300x250%2C300x250&fluid=0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&cookie=ID%3D776bd5719611d873-22240b8974ba0088%3AT%3D1613142504%3ART%3D1613142504%3AS%3DALNI_MZ85MYn7QIth7lBLjXYsRxiKhrzkw&bc=31&abxe=1&lmt=1613142504&dt=1613142504841&dlt=1613142497049&idt=7770&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C1079%2C-9%2C-9%2C-9%2C221%2C-9%2C-9%2C-9%2C-9%2C1079&adys=-9%2C-9%2C-9%2C-9%2C274%2C-9%2C-9%2C-9%2C3309%2C-9%2C-9%2C-9%2C-9%2C535&adks=1275216858%2C3758934987%2C2362946255%2C2087486275%2C4062481623%2C1570709706%2C983606211%2C2365481295%2C3803842315%2C3039135797%2C642766868%2C3226527759%2C3496240444%2C1301008583&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C320x250%7C0x-1%7C0x-1%7C0x-1%7C840x110%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C321x542&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C838x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x-1&ga_vid=774414956.1613142505&ga_sid=1613142505&ga_hid=2000765424&fws=2%2C2%2C2%2C2%2C4%2C2%2C2%2C2%2C4%2C2%2C2%2C2%2C2%2C4&ohw=0%2C0%2C0%2C0%2C1200%2C0%2C0%2C0%2C879%2C0%2C0%2C0%2C0%2C1200

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2db5df591b2afb4de0fe041755c4a6265203d65d27a2841d4401f761e5d518a0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjL6o_Q5O4CFQSCdwodJUMK_g&gqi=&layout=/sadbundle/%24csp%253Der3%24/14793010761141763963/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17137043892651725478/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17137043892651725478/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO7J6o_Q5O4CFQSCdwodJUMK_g&gqi=&layout=/sadbundle/%24csp%253Der3%24/17137043892651725478/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjL6o_Q5O4CFQSCdwodJUMK_g&gqi=&layout=/sadbundle/%24csp%253Der3%24/14793010761141763963/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17137043892651725478/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17137043892651725478/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO7J6o_Q5O4CFQSCdwodJUMK_g&gqi=&layout=/sadbundle/%24csp%253Der3%24/17137043892651725478/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
google-creative-id: -2,-1,-1,-1,-1,-1,-1,-1,-1,-2,-2,-2,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66024
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1,-1,-1,-2,-2,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Fri, 12 Feb 2021 15:08:25 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://club.kdslife.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 58ms
13ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 38ms
38ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2198989340686001&r=300x250&w=300&h=250&a=0

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 5314 180 KB
51 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11920
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 11:49:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 11:49:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5314 13 KB
5 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 170693
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:32 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5314 90 KB
27 KB 62ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11920
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 11:49:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 11:49:45 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5314 3 KB
1 KB 62ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 170705
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:20 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5314 41 KB
13 KB 64ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 170723
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:02 GMT

GET
DATA 200
OK truncated
/ Frame 5314 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c2d5596202778c181968882e2d5ac0945ce36144793a4c8abfac4a787330a1c

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 774B 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://club.kdslife.com/f_15.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://club.kdslife.com/f_15.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 12 Feb 2021 15:08:24 GMT
expires: Sat, 12 Feb 2022 15:08:24 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame B49A 180 KB
50 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11920
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 11:49:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 11:49:45 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B49A 13 KB
5 KB 64ms
48ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 170693
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:32 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B49A 90 KB
28 KB 55ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11920
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 11:49:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 11:49:45 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B49A 3 KB
1 KB 60ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 170705
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:20 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B49A 41 KB
13 KB 63ms
47ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 170723
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:02 GMT

GET
DATA 200
OK truncated
/ Frame B49A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b589ed25e94e94cd8c8c282d033567984dca94fbf44a55b7b512e118d3829a8e

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 2401068491155517921
tpc.googlesyndication.com/simgad/ Frame 5314 45 KB
45 KB 67ms
49ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2401068491155517921?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkEWyUiqZjxFD7UNN3JzCVNaKTy6w

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed4aaa7be20cad3c21f5f49f2737a7b589cf284db38cdd65e9ef572a6c79eff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:18:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2020 11:33:18 GMT
server: sffe
age: 107395
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46100
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:18:30 GMT

GET
H3-Q050 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5314 3 KB
3 KB 66ms
48ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 04:27:11 GMT
x-content-type-options: nosniff
server: cafe
age: 38474
etag: 12051390396603846657
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3217
x-xss-protection: 0
expires: Sat, 13 Feb 2021 04:27:11 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5314 344 B
614 B 66ms
48ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 09:04:24 GMT
x-content-type-options: nosniff
server: cafe
age: 21841
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 13 Feb 2021 09:04:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5314 0
0 16ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7CsFxIJwPH2Hq1cyGj3DcyH5NSiyF2OSuCrZtXlMtszQJAPqBfzewnCz1HFl3tdX0CjplsRGcNbcvqF108pBscdu95g
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5314 0
0 64ms
63ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUYri6JkmYI2wOYSE3gOlhqnwD8vQzNpg9O6H_sUM3NkeEAEgsI3vemD1lc6B4ASgAZyv-6gCyAEC4AIAqAMByAMIqgTpAU_QovtE8Gtcx917N5XnOAvRBVktcdaiajFN1VrnLnssVZWbWpKhP6feb86k0WAPBTBE844prSkBgUD5V5uVVTfYcZhVwOboP0OJv6gyeQursH7iOYYnb7uvyZO6HGbTrzG5L9SDy6icqg5y3e4DEJAltgJMmCdwcXfhPvrW8pJv0hMwVBf-h1nXMz6DsYec7TujU--71AflPmKW3dGnVMEveYfZXwq2KDCmjoCx7SCDS5EWBok2XaHC4bCnul3CI9Vdh30EBEz7oq3kAi4eZZBuUlcdAdaQ2HnDPkYFYj5NYVj4pvJZiYIDwASlpOyVrQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQjJ0J0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MYAKA8gLAdgTDbIXGgoYCAASFHB1Yi04MzcxNzQ5MjY3MTkxNzI5&sigh=s0HMP_FJNcs&tpd=AGWhJmvOkub4ujGBzXznFRWWKCW9jq8gRR4vX0sTK-grHGrBHg
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 2401068491155517921
tpc.googlesyndication.com/simgad/ Frame B49A 45 KB
45 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2401068491155517921?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkEWyUiqZjxFD7UNN3JzCVNaKTy6w

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed4aaa7be20cad3c21f5f49f2737a7b589cf284db38cdd65e9ef572a6c79eff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:18:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2020 11:33:18 GMT
server: sffe
age: 107395
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46100
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:18:30 GMT

GET
H2 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B49A 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_cn.png

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 04:27:11 GMT
x-content-type-options: nosniff
server: cafe
age: 38474
etag: 12051390396603846657
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3217
x-xss-protection: 0
expires: Sat, 13 Feb 2021 04:27:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B49A 344 B
570 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 09:04:24 GMT
x-content-type-options: nosniff
server: cafe
age: 21841
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 13 Feb 2021 09:04:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B49A 0
0 16ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTimbrK2RTuV4Sisatt20Cx4L1_go4DbRNUY9FeDKng9G1ehnTXGFEWiDETwFE_52j4rOfo86jE0ghS9QZHqZYW0E1T3Q
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B49A 0
0 63ms
62ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT_qz6JkmYIrBOYSE3gOlhqnwD8vQzNpg9O6H_sUM3NkeEAEgsI3vemD1lc6B4ASgAZyv-6gCyAEC4AIAqAMByAMIqgTpAU_QX0SEEqby27eW-vff3Y1wqilxI2OcUHaWJeVqusFOXyf-EINVSD0fC1gLsLMFW74-4qi8-tWCuJLCYaH2l4wL353hAP5vfk3GqMKISOlBwRqKhQgkD8-VoLbz0Rm48qFSMZxvS5feTMj8OKljnkoH4r5WEsZD_cbV-EObobm7gYTCGFG7WMBvV_TAa_ECfpRkR_gBLhp6-6Tx2h1PZnmy2oI71D5lmyP2QI6nMaXCdLBd0im_aYrrAlCr7vurqiiDoYMgz-KL7O2I4YWs0mZ2Fjm-JkKAf8BTMihz_sBj_Q_YSA_UKwyLwASlpOyVrQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQsdMK0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MYAKA8gLAdgTDbIXGgoYCAASFHB1Yi04MzcxNzQ5MjY3MTkxNzI5&sigh=Xeab6ucep3M&tpd=AGWhJmt7g18oeHr5aH8RUdc65pUSBjfNPhpOD9COjwDqKq9Tiw
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/ Frame 2AA3 139 KB
22 KB 24ms
24ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0fb2c3cce6dee777f7c5dd08fd379491845cc236f941a86630be25dc15eb3ef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/14793010761141763963/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 11 Feb 2021 12:57:23 GMT
expires: Fri, 11 Feb 2022 12:57:23 GMT
last-modified: Tue, 15 Sep 2020 09:20:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 20780
age: 94262
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B2CD 0
0 62ms
62ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm4OL6JkmYNi3OYSE3gOlhqnwD433halho82oxsoMsKGy74MCEAEgsI3vemD1lc6B4ASgAbiQmfECyAEJ4AIAqAMByAMIqgTpAU_QuskWS4-nLSzPuH4H0KySSqeitCTdUGwC_uuk0Tdu_S5TQ3PNv5z5HRwbn-zm9E1o6qGT-l5_mJ2I10InsVO93cBHL2H7Fkq4im5h_j6H5xaDWAOFStAyFS3fQh4nzX2GSTMgV13enMnO6OX-JmvReutc4qKb2riGAWIzwrotZthj3itzF6WBrnvPDYa2wyjdwplVoF2hvMCBmbisbaYrozuNSe2yEo3YwWrMMH4jjRlqeB2QnLMyG8zEDtfPkeXc6Gfg21zLWL2cNJkCuQd6mtMyt3yN8fkBaPXfNYUDUDMtNUZoJMOZwASJnMqeoQLgBAGSBQQIBBgBkgUECAUYBKAGLoAHsO_mjgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQr6kC0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MYAKA8gLAdgTCrIXGgoYCAASFHB1Yi04MzcxNzQ5MjY3MTkxNzI5&sigh=2hnJNIvt_1U&template_id=419&tpd=AGWhJmsn38aExK2YnHvmZFY4Ziez-rLveNS7Ebqrjo37zTKl7Q
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame B2CD 18 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:06:38 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame B2CD 3 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:07:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2CD 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 15:08:25 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame B2CD 14 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:01:26 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B2CD 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWtN9WJzMrlkrYzH5-crcpxN_SSgDxVyp4-qbv2uMlL29pmldkh_gYlqwxtd0BYZ2O646D5LOGv1A2fpd8FMONTf2_TQ
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5314
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 12 Feb 2021 15:08:25 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B49A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 12 Feb 2021 15:08:25 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A6B 143 B
226 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkv3nT3xWDHnnjwppLCNcdn4eEQ3qJwb1s1NkMEDvZCefnIs2YoUV8KeYh-
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Feb 2021 14:25:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2549
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B2CD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d34e701b4ff0a04c7d1b59cecaccaabcf7d24503dbfccd9e59b25899d65757e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 2AA3 1 KB
526 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ef9e1ba598dc64509558d3f20cb21670bd1d59d0afa924f1c21a9c3f420023b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 14:57:25 GMT
server: ESF
date: Fri, 12 Feb 2021 15:08:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 15:08:25 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2AA3 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 13 Feb 2021 04:25:40 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2AA3 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 22:10:28 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A6B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkv3nT3xWDHnnjwppLCNcdn4eEQ3qJwb1s1NkMEDvZCefnIs2YoUV8KeYh-; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 15:08:25 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Feb-2021 16:08:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 15:08:25 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 15:08:25 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 2AA3 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Poppins:600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 17:21:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:15 GMT
server: sffe
age: 337620
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
expires: Tue, 08 Feb 2022 17:21:25 GMT

GET
H3-Q050 200 splash.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/ Frame 2AA3 5 KB
5 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/splash.png

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c89efdbde78d18317fa0438e6aea48ca5db9dd0f53add508cf92204f244731a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 182093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4631
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 09:20:07 GMT
server: sffe
date: Wed, 10 Feb 2021 12:33:32 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:33:32 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/ Frame 2AA3 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/logo.png

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d81f01ff8c1c613366087eefc80f18e50bbddfc4f42402827b42988e0d731f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 94261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 09:20:07 GMT
server: sffe
date: Thu, 11 Feb 2021 12:57:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 12:57:24 GMT

GET
H3-Q050 200 728x90-04nu-23.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/ Frame 2AA3 12 KB
12 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/728x90-04nu-23.jpg

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0412a32856f4b8ebb4a96819cfa2f2192ed1b1b5b4fa290e007f6814ac881252

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 30897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12705
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 09:20:07 GMT
server: sffe
date: Fri, 12 Feb 2021 06:33:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 06:33:28 GMT

GET
H3-Q050 200 728x90-03-nu.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/ Frame 2AA3 30 KB
30 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/728x90-03-nu.jpg

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b5678df4a13f1add825a87a09c712e8248502041bc818ea7a75b792bcc2a15

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 205068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30689
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 09:20:07 GMT
server: sffe
date: Wed, 10 Feb 2021 06:10:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 06:10:37 GMT

GET
H3-Q050 200 728x90-02-nu_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/ Frame 2AA3 15 KB
15 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/728x90-02-nu_1.jpg

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83782461fef4964ebadc4454e80fb19824c2533a19e461dcc292b7eca3d512a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 182093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15366
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 09:20:07 GMT
server: sffe
date: Wed, 10 Feb 2021 12:33:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:33:32 GMT

GET
H3-Q050 200 728x90-01-sp.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/ Frame 2AA3 34 KB
34 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14793010761141763963/728x90-01-sp.jpg

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

883fc5b1229c22bb833cf5530677bd85c15a61d86e5b24662537a4403ee8aeed

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 94261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35263
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 09:20:07 GMT
server: sffe
date: Thu, 11 Feb 2021 12:57:24 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 12:57:24 GMT

GET
H2 200 qmosgou.js Show response
88.166sh.com/ 102 KB
33 KB 206ms
206ms Script
text/javascript 42.81.8.130
CHINATELECOM-TIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://88.166sh.com/qmosgou.js
Requested by: Host: 88.166sh.com
URL: https://88.166sh.com/production/gba_xtkt/j_q.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.81.8.130 , China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: d68c43f370558866b0028d72495b06f4427c9c0be2dc38af984bcb3817aeb453

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:26 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 10:14:17 GMT
server: yunjiasu
yjs-cachestatus: HIT
yjs-id: 9cd85c299e4d2cee-115
p3p: CP=" OTI DSP COR IVA OUR IND COM "
cache-control: public, max-age=14400
content-type: text/javascript; charset=utf-8
content-length: 33486
expires: Fri, 12 Feb 2021 19:08:26 GMT

GET pr.js
cpro.baidustatic.com/cpro/ui/ 0
0

GET
H3-Q050 200 container.html Show response
ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F6F9 6 KB
3 KB 52ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js?31060131

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://club.kdslife.com/f_15.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://club.kdslife.com/f_15.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 12 Feb 2021 15:08:24 GMT
expires: Sat, 12 Feb 2022 15:08:24 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 opexus-1dxs.png
img-cms.pchome.net/article/1k1/k4/3o/ 19 KB
19 KB 3730ms
3209ms Image
image/png 115.231.228.249
CT-HANGZHOU-IDC N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cms.pchome.net/article/1k1/k4/3o/opexus-1dxs.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 115.231.228.249 Shanghai, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 10:50:50 GMT
via: cache48.l2cn1824[0,304-0,H], cache29.l2cn1824[0,0], cache9.cn966[0,200-0,H], cache9.cn966[1,0]
x-oss-request-id: 60111B439EA51833342FB6AA
content-md5: 0CidwKRvxbFbM2P/p4z2xw==
age: 793059
x-cache: HIT TCP_MEM_HIT dirn:3:10277779
x-swift-cachetime: 604800
x-swift-savetime: Wed, 10 Feb 2021 08:23:43 GMT
content-length: 19256
x-m-reqid: 60sAAD68pklIN2AW
x-oss-object-type: Normal
x-m-log: QNM:xs1171;QNM3/304
last-modified: Mon, 25 Nov 2019 04:11:35 GMT
server: Tengine
etag: "D0289DC0A46FC5B15B3363FFA78CF6C7"
ali-swift-global-savetime: 1611733828
content-type: image/png
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5887013816138324800
x-qnm-cache: Hit
eagleid: 73e7e49d16131425098003387e
x-oss-server-time: 148

GET
H2 200 gongshang.jpg
images.pchome.net/global/img/footer-img-2015/ 2 KB
3 KB 847ms
27ms Image
image/jpeg 47.246.43.148
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.pchome.net/global/img/footer-img-2015/gongshang.jpg
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.148 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 71354b27aa90573176d55e66fc30c93b1fec7569231c2a070581e073a66c2c73

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-qiniu-zone: 0
x-log: X-Log
date: Tue, 29 Dec 2020 12:01:47 GMT
via: cache20.l2ot7-1[0,304-0,H], cache31.l2ot7-1[1,0], cache31.l2ot7-1[2,0], cache6.de2[0,200-0,H], cache8.de2[1,0]
x-svr: IO
content-md5: 9sQfg0flcIvgWmYgOSz8DQ==
age: 3899200
x-cache: HIT TCP_MEM_HIT dirn:11:173942239
content-transfer-encoding: binary
x-swift-cachetime: 2592000
content-disposition: inline; filename="gongshang.jpg"; filename*=utf-8''gongshang.jpg
x-swift-savetime: Sat, 16 Jan 2021 17:10:18 GMT
content-length: 2555
x-m-reqid: WxAAAH09pRtDLlUW
x-m-log: QNM:xs443;QNM3/304
last-modified: Sat, 08 Feb 2020 06:15:22 GMT
server: Tengine
etag: "FomwdzejKWNlnMhBZgWKQz-8UCYY"
access-control-max-age: 2592000
ali-swift-global-savetime: 1593266860
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-qnm-cache: Hit
eagleid: 2ff62b9c16131425076068520e
x-reqid: 9SMAAACAyWZF90sW
expires: Sat, 31 Oct 2020 07:25:48 GMT

GET
H2 200 wangxin.jpg
images.pchome.net/global/img/footer-img-2015/ 4 KB
4 KB 27ms
26ms Image
image/jpeg 47.246.43.148
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.pchome.net/global/img/footer-img-2015/wangxin.jpg
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.148 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 7611c910632ad7089f38233f96fd5bada41bd21a10b8d71338c8b7198947fa21

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-qiniu-zone: 0
x-log: X-Log
date: Tue, 29 Dec 2020 12:01:47 GMT
via: cache16.l2ot7-1[0,304-0,H], cache36.l2ot7-1[1,0], cache36.l2ot7-1[1,0], cache5.de2[0,200-0,H], cache8.de2[1,0]
x-svr: IO
content-md5: LjDceOhEpTooTnzOQrmPdQ==
age: 3899200
x-cache: HIT TCP_MEM_HIT dirn:0:260076061
content-transfer-encoding: binary
x-swift-cachetime: 2592000
content-disposition: inline; filename="wangxin.jpg"; filename*=utf-8''wangxin.jpg
x-swift-savetime: Thu, 28 Jan 2021 05:01:53 GMT
content-length: 3678
x-m-reqid: hAwAAEmAtxNDLlUW
x-m-log: QNM:jjh1525;QNM3/304
last-modified: Sat, 08 Feb 2020 06:15:24 GMT
server: Tengine
etag: "FqTdExPltT3qx5IphXV5LUxjKup_"
access-control-max-age: 2592000
ali-swift-global-savetime: 1591009595
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-qnm-cache: Hit
eagleid: 2ff62b9c16131425076348605e
x-reqid: xtQAAABPXV5F90sW

GET
H2 200 jbzx.jpg
images.pchome.net/global/img/footer-img-2015/ 3 KB
4 KB 29ms
28ms Image
image/jpeg 47.246.43.148
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.pchome.net/global/img/footer-img-2015/jbzx.jpg
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.148 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2128975055a12e0bae539b389e079bb896e084fa34c6f9bc15a19374512f57f7

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-qiniu-zone: 0
x-log: X-Log
date: Tue, 29 Dec 2020 12:01:46 GMT
via: cache22.l2ot7-1[0,304-0,H], cache13.l2ot7-1[3,0], cache13.l2ot7-1[5,0], cache9.de2[0,200-0,H], cache8.de2[1,0]
x-svr: IO
content-md5: n8ym68RaH0KsyGNtJwdeGg==
age: 3899201
x-cache: HIT TCP_MEM_HIT dirn:10:56791423
content-transfer-encoding: binary
x-swift-cachetime: 2592000
content-disposition: inline; filename="jbzx.jpg"; filename*=utf-8''jbzx.jpg
x-swift-savetime: Sat, 16 Jan 2021 17:10:18 GMT
content-length: 3486
x-m-reqid: fpsAAED3OOVCLlUW
x-m-log: QNM:jjh1909;QNM3/304
last-modified: Sat, 08 Feb 2020 06:15:23 GMT
server: Tengine
etag: "Fvvtg6wiD1AGaAr2H2Gl9TBqw5WK"
access-control-max-age: 2592000
ali-swift-global-savetime: 1593596142
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-qnm-cache: Hit
eagleid: 2ff62b9c16131425076348607e
x-reqid: VMkAAACzX2RF90sW
expires: Sat, 31 Oct 2020 07:25:48 GMT

GET
H2 200 oo69i1-dwu.png
img-cms.pchome.net/article/1k1/hi/2u/ 7 KB
7 KB 2556ms
2556ms Image
image/png 115.231.228.249
CT-HANGZHOU-IDC N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cms.pchome.net/article/1k1/hi/2u/oo69i1-dwu.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 115.231.228.249 Shanghai, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 97de5089ba6ec78131da52a6d87e31d20f75ca6a55a03c1c9da8735f8c780756

Request headers

Referer: https://club.kdslife.com/f_15.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 07:53:38 GMT
via: cache20.l2cn1824[0,200-0,H], cache11.l2cn1824[1,0], cache6.cn966[0,200-0,H], cache9.cn966[1,0]
x-oss-request-id: 60111B4341381D303804D8E3
content-md5: 8uq0WWiggChnLI8Aphp8kA==
age: 803691
x-cache: HIT TCP_MEM_HIT dirn:0:273918854
x-swift-cachetime: 604800
x-swift-savetime: Mon, 08 Feb 2021 08:42:12 GMT
content-length: 6679
x-m-reqid: RmIAAMZf5eycLWAW
x-oss-object-type: Normal
x-m-log: QNM:xs473;QNM3/304
last-modified: Mon, 25 Nov 2019 04:14:58 GMT
server: Tengine
etag: "F2EAB45968A08028672C8F00A61A7C90"
ali-swift-global-savetime: 1611733866
content-type: image/png
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 6480987287669637309
x-qnm-cache: Hit
eagleid: 73e7e49d16131425098093413e
x-oss-server-time: 51

GET
H/1.1 200
OK weixinBtn.png
club.kdslife.com/ui/img/ 3 KB
3 KB 3057ms
1342ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/weixinBtn.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 99f31455b07a1a27fe9b70f7396e3dfa590522a2151117812c417c63bdee52de

Request headers

Referer: https://club.kdslife.com/ui/css/common.css?v=2019090301
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:29 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "ac4-55493f540e6b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 2756
Expires: Sun, 14 Mar 2021 15:08:29 GMT

GET
H/1.1 200
OK wb_sqrcode.gif
club.kdslife.com/ui/img/ 28 KB
29 KB 2541ms
1223ms Image
image/gif 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/wb_sqrcode.gif
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: c7aa89185966717e345babe615460ca3d281bcb178a72a8c05efe12ba9f91938

Request headers

Referer: https://club.kdslife.com/ui/css/common.css?v=2019090301
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:28 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "71d1-55493f54069b9"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 29137
Expires: Sun, 14 Mar 2021 15:08:28 GMT

GET
H/1.1 200
OK app_sqrcode.png
club.kdslife.com/ui/img/ 880 B
1 KB 4345ms
1220ms Image
image/png 106.14.236.64
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://club.kdslife.com/ui/img/app_sqrcode.png
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/ui/css/common.css?v=2019090301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 106.14.236.64 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: d7fd12d80f9c90d855ecd4a1413bb077931778e57252cdacaa423c68ce11c011

Request headers

Referer: https://club.kdslife.com/ui/css/common.css?v=2019090301
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 15:08:30 GMT
Last-Modified: Tue, 18 Jul 2017 09:15:35 GMT
Server: Apache
ETag: "370-55493f54069b9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=0, max=100
Content-Length: 880
Expires: Sun, 14 Mar 2021 15:08:30 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F6F9 0
0 63ms
62ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZoe36JkmYIa0OYSE3gOlhqnwD8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTgzNzE3NDkyNjcxOTE3MjnIAQmpAgM-Nri52YU-4AIAqAMBqgTzAU_QMkPNEEbz5SnHwEHTiZE5NDqWFr8pkZc9sZvVBd6tUQFEYiSkj0gSqIWZJ4WEjT_LOpOicMG-JnfcjW6QLzoI1aXVwdla2IiR73KRy-sGlXm2O1cLm6b5eFDR35kN3-J9-tq__Xu6g77oh8vOfic2oVx0j5S-dEBWnMj6lYW2_YPSODhPsIQCB-fS4AhJoxDhEpwDnb314f6osqoBHD5h5jXqJb5QDOtRoURg3WwwgyfXi3CgFGIY6ZIzupNlWnFIkhUHXBJVAzUImqxON79hNR-cBLdxGMKAWVQcCUgJix0J7mMNzSs1VTPqUFqtHtVX_-AEAYAGotLy5672s-u9AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MYAKA_oLAggBgAwBshcYChYSFHB1Yi04MzcxNzQ5MjY3MTkxNzI5&sigh=LqK1HcNQs2Y&tpd=AGWhJmslTJChtuZXy-WJqkrQge54KFAUkLP-yp5GWlN48HQ2Tg
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame F6F9 2 KB
2 KB 163ms
62ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43420829;rtbwp=YCaZ6AAOWgYKd4IEAApDJQsnxe5GUuVW6w0dOw;rtbdata=213YhU2VLU1jFoK2Of4mVEVd9-myf4IOVEqxySRl7Cd3CU7f-FL3Iw6lzVbaIVSCyQ15zRHvF7w1aPRuMtXHYO4pQW4aschSprZcZQTtiVvaJWo3-f53VfLl3IISJJOuRzm4ZzDkqMPGH_0GdUXB1dxU3BwA81KKHNDu1rz4iAnR1krgmYyTk3nUvGZg8em1BwyPIMCW8pTKFV3IK5FMFdwjQMKcFSYU1yCOIH0MTVJB4SKZKGrNxw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cyvpl6JkmYIa0OYSE3gOlhqnwD8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTgzNzE3NDkyNjcxOTE3MjnIAQmpAgM-Nri52YU-4AIAqAMBqgT2AU_QMkPNEEbz5SnHwEHTiZE5NDqWFr8pkZc9sZvVBd6tUQFEYiSkj0gSqIWZJ4WEjT_LOpOicMG-JnfcjW6QLzoI1aXVwdla2IiR73KRy-sGlXm2O1cLm6b5eFDR35kN3-J9-tq__Xu6g77oh8vOfic2oVx0j5S-dEBWnMj6lYW2_YPSODhPsIQCB-fS4AhJoxDhEpwDnb314f6osqoBHD5h5jXqJb5QDOtRoURg3WwwgyfXi3CgFGIY6ZIzupNlWnFIkhUHXBJVAzUImqxON79hNR-cBLdxGMKAWVQcCUgJi18L4_GFDeBNi_jhk7L52hUz67DtL-AEAYAGotLy5672s-u9AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MfoLAggBgAwB&num=1&sig=AOD64_0sgAusmEizH53gtqeK5jpgzdxjoQ&client=ca-pub-8371749267191729&adurl=

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7d9e379dfd3e4f778d402f09933d9ee77b64fc9574f845f622fe758fe21f9f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1666
expires: -1

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame F6F9 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:07:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6F9 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 15:08:26 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame F6F9 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:01:26 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame F6F9 24 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 14:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87224
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 14:54:42 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame F6F9 34 KB
16 KB 139ms
45ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43420829;rtbwp=YCaZ6AAOWgYKd4IEAApDJQsnxe5GUuVW6w0dOw;rtbdata=213YhU2VLU1jFoK2Of4mVEVd9-myf4IOVEqxySRl7Cd3CU7f-FL3Iw6lzVbaIVSCyQ15zRHvF7w1aPRuMtXHYO4pQW4aschSprZcZQTtiVvaJWo3-f53VfLl3IISJJOuRzm4ZzDkqMPGH_0GdUXB1dxU3BwA81KKHNDu1rz4iAnR1krgmYyTk3nUvGZg8em1BwyPIMCW8pTKFV3IK5FMFdwjQMKcFSYU1yCOIH0MTVJB4SKZKGrNxw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cyvpl6JkmYIa0OYSE3gOlhqnwD8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTgzNzE3NDkyNjcxOTE3MjnIAQmpAgM-Nri52YU-4AIAqAMBqgT2AU_QMkPNEEbz5SnHwEHTiZE5NDqWFr8pkZc9sZvVBd6tUQFEYiSkj0gSqIWZJ4WEjT_LOpOicMG-JnfcjW6QLzoI1aXVwdla2IiR73KRy-sGlXm2O1cLm6b5eFDR35kN3-J9-tq__Xu6g77oh8vOfic2oVx0j5S-dEBWnMj6lYW2_YPSODhPsIQCB-fS4AhJoxDhEpwDnb314f6osqoBHD5h5jXqJb5QDOtRoURg3WwwgyfXi3CgFGIY6ZIzupNlWnFIkhUHXBJVAzUImqxON79hNR-cBLdxGMKAWVQcCUgJi18L4_GFDeBNi_jhk7L52hUz67DtL-AEAYAGotLy5672s-u9AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MfoLAggBgAwB&num=1&sig=AOD64_0sgAusmEizH53gtqeK5jpgzdxjoQ&client=ca-pub-8371749267191729&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1385e207fdbb43095bd84a55fa75883f52fd55d8b609753498f5574d10e18ed

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:26 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 13:46:12 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 13 Feb 2021 18:15:28 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F6F9 8 KB
4 KB 57ms
50ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=43420829;rtbwp=YCaZ6AAOWgYKd4IEAApDJQsnxe5GUuVW6w0dOw;rtbdata=213YhU2VLU1jFoK2Of4mVEVd9-myf4IOVEqxySRl7Cd3CU7f-FL3Iw6lzVbaIVSCyQ15zRHvF7w1aPRuMtXHYO4pQW4aschSprZcZQTtiVvaJWo3-f53VfLl3IISJJOuRzm4ZzDkqMPGH_0GdUXB1dxU3BwA81KKHNDu1rz4iAnR1krgmYyTk3nUvGZg8em1BwyPIMCW8pTKFV3IK5FMFdwjQMKcFSYU1yCOIH0MTVJB4SKZKGrNxw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cyvpl6JkmYIa0OYSE3gOlhqnwD8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTgzNzE3NDkyNjcxOTE3MjnIAQmpAgM-Nri52YU-4AIAqAMBqgT2AU_QMkPNEEbz5SnHwEHTiZE5NDqWFr8pkZc9sZvVBd6tUQFEYiSkj0gSqIWZJ4WEjT_LOpOicMG-JnfcjW6QLzoI1aXVwdla2IiR73KRy-sGlXm2O1cLm6b5eFDR35kN3-J9-tq__Xu6g77oh8vOfic2oVx0j5S-dEBWnMj6lYW2_YPSODhPsIQCB-fS4AhJoxDhEpwDnb314f6osqoBHD5h5jXqJb5QDOtRoURg3WwwgyfXi3CgFGIY6ZIzupNlWnFIkhUHXBJVAzUImqxON79hNR-cBLdxGMKAWVQcCUgJi18L4_GFDeBNi_jhk7L52hUz67DtL-AEAYAGotLy5672s-u9AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MfoLAggBgAwB&num=1&sig=AOD64_0sgAusmEizH53gtqeK5jpgzdxjoQ&client=ca-pub-8371749267191729&adurl=;js=1;adfxid=1x;1820;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|undefined;fd=0|0&CREFURL=https%3A%2F%2Fclub.kdslife.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5ee3dc788ab0f3e7c77d922271be15308382d54b99181658eeaf81a8ee7dad76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3409
expires: -1

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B49A 42 B
79 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu19ToyoFKNvYFBi2yLRf3EuPhRl4VhvIKrnXQZ7GwCvQSGVnVyIDv8WNAIq7K3cIhLAlM05HE5kBJX3aCmOGdNMHzp3GIFIhXziLQH4qLClkLGJFGgUmTsoDw&sai=AMfl-YTGBBt73KuvhdZ_Hz7gFRDmWiQq0sfl0bqGFWHB0cnrSXFkwr3BSSSt3z3gQNjL3ZfDo7lKXspHkNoa2D8a9XZasa2dUp1ONseBjP6YbrF6hNclXmV6XO6s-yM&sig=Cg0ArKJSzMfgLdDxt0yNEAE&cid=CAASFeRo_tGrTYsp6yhiOwCtkblv7bREKg&id=ampim&o=1079,535&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=196&tls=1197&g=100&h=100&tt=1197&r=v&avms=ampa&adk=1301008583

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5314 42 B
66 B 45ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3uSIHkVao0CjsaIsEvA9aZAUMUs0TpJ-zYSUcKN1_zmghpo_xe49kxLqXOzteOU5lFx6291u3rOYH_jTkQUy9T7szH_0LHp5XOsJb_y4GUgE16nJ0UU5kLGk&sai=AMfl-YQxc_Qk_LeDJBw6QLBhKMA9ABfzoJA2KvaywF2iS0LggTQWd4jUzc7AAO-QIcKhXFFuJrGdmUut0MGSCVuURqT_WiBn6Q53gQRFc78JgZ515k856W9dTsTssqk&sig=Cg0ArKJSzCnRqnu32hXUEAE&cid=CAASFeRoZ_mjeaVmlss0c-Dk9ZW-gSzLCA&id=ampim&o=1079,274&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=252&tls=1253&g=100&h=100&tt=1253&r=v&avms=ampa&adk=4062481623

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://club.kdslife.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impression_tracker.php Show response
assets.bly.ch/tool/php/ Frame F6F9 792 B
471 B 123ms
37ms Script
text/javascript 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=43147010&campaign_id=2267542
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: 908ae7e4eb7123bb0a2379e7d89712ca9e0e24821d5948e233226598a7a475f5

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
x-bly-info: Opt Out under https://www.bly.ch/opt-out/
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin

GET
H2 200 asyncjs.php Show response
assets.bly.ch/tool/www/delivery/ Frame F6F9 4 KB
2 KB 125ms
41ms Script
text/javascript 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/www/delivery/asyncjs.php
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: 0ba277ecbad3df85b50e567bb0c1ec778307399c458d15d84abc5205d867bcb5

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: br
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Fri, 12 Feb 2021 16:08:27 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F6F9 35 B
502 B 48ms
47ms Other
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43420829&csi=vT9md3zZ2-RTQDh6-MpP7uyTn5o_Xw8BCBUUynYkFDfrygPkIxxfkz_f8b9uXg8LtqLxOtJeTZHY6-3IvlesvCcs4ODdxxAu0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

1x1.gif
www.adtracker.ch/upload/ Frame F6F9
Redirect Chain

https://cct.connects.ch/tpv.php?t=116404V1455142245M&rnd=33161
https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878222599X116404V1455142245M&utm_source=Affiliate

42 B
156 B

111ms
29ms

Image
image/gif

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878222599X116404V1455142245M&utm_source=Affiliate
Requested by: Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 , Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
last-modified: Tue, 10 Jul 2018 10:21:41 GMT
server: Apache
accept-ranges: bytes
etag: "2a-570a27efbd740"
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878222599X116404V1455142245M&utm_source=Affiliate
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.197/e/iwSBggDA/i/vCAv.IAAAAAoAA/r:types/ Frame F6F9 33 KB
14 KB 58ms
58ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.197/e/iwSBggDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b0f62719efee7a8a3548115ada8f568a54709e7843a6ead1e6032111ae07ea2

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 13:46:12 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 13 Feb 2021 18:40:44 GMT

GET
H/1.1

200
OK

Cookie set de
www.post.ch/ Frame 493C
Redirect Chain

https://cct.connects.ch/tpv.php?t=116404V1571145373M
https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1
https://tracking.adtracker.ch/link/red/l/Mzg2?lea_source=2021021216082744878222769X116404V1571145373M&utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects
https://www.post.ch/?lea_source=2021021216082744878222769X116404V1571145373M
https://www.post.ch/de?lea_source=2021021216082744878222769X116404V1571145373M

0
0

118ms
118ms

Document
text/html

2a00:17c8:0:103::20a
CH-POSTNETZ Post ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.post.ch/de?lea_source=2021021216082744878222769X116404V1571145373M

Requested by

Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=43147010&campaign_id=2267542

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a00:17c8:0:103::20a Rickenbach, Germany, ASN12511 (CH-POSTNETZ Post CH AG, CH),

Reverse DNS

Software

Delivery2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .pnet.ch .post.ch .becompany.ch .signdemo.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.post.ch
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

Date: Fri, 12 Feb 2021 14:49:36 GMT
Server: Delivery2
Strict-Transport-Security: max-age=31536000
Set-Cookie: ittrksessid=792668de.5bb250222e514;HttpOnly;Secure; path=/
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Cache-Control: max-age=1800
Content-Type: text/html; charset=utf-8
Expires: Fri, 12 Feb 2021 15:19:36 GMT
Content-Security-Policy: frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Age: 1131
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19166
Keep-Alive: timeout=5
Connection: Keep-Alive

Redirect headers

Date: Fri, 12 Feb 2021 15:08:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
Location: https://www.post.ch/de?lea_source=2021021216082744878222769X116404V1571145373M
Content-Length: 286
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 index.html Show response
campaigns.cembra.ch/campaigns/de/connects/ Frame 135C 426 B
1 KB 61ms
19ms Document
text/html 2a01:ab20:0:203::1:245
CYON

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=43147010&campaign_id=2267542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software: /
Resource Hash: 913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method: GET
:authority: campaigns.cembra.ch
:scheme: https
:path: /campaigns/de/connects/index.html?ap=116404
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

set-cookie: PHPSESSID=2a7909eaa75f0e8a7e319bba0d706182; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp1=Q0VNQlRDMjhBRkZHMDAwMDE5NzMwMTk4MDAxMjAwMDAwMDAwMDAyMjAwMDAwMDAwMDA4ODE2MTMxNDI1MDcwMGNvbm5lY3RzMDAzMzI1NDIzNzk1NTFjYjI1YjIwNTI0NzQ3MjcyZjcyZg%3D%3D; expires=Sun, 14-Mar-2021 15:08:27 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv1=connects; expires=Sun, 14-Mar-2021 15:08:27 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp1_e=MTYxMzE0MjUwN2FmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Sun, 14-Mar-2021 15:08:27 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
content-length: 301
content-encoding: br
vary: Accept-Encoding
date: Fri, 12 Feb 2021 15:08:27 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 index.html Show response
campaigns.cembra.ch/campaigns/de/cumulusmc_pv/ Frame C3DE 426 B
864 B 58ms
20ms Document
text/html 2a01:ab20:0:203::1:245
CYON

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=43147010&campaign_id=2267542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software: /
Resource Hash: 913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method: GET
:authority: campaigns.cembra.ch
:scheme: https
:path: /campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

set-cookie: PHPSESSID=8bf9610e6671c18d3d6247acc00261d9; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp2=Q0VNQlRDNjcxMDAwMDE0MDEwMjgwMTk5MDAyMTAwMDAwMDAwMDA2MjAwMDAwMDAwMDAyNzE2MTMxNDI1MDcwMGNvbm5lY3RzMDAzZjRiMjJjNzk5MzlmYjU2OWMzYmI2YzBjNTdmYjhiZA%3D%3D; expires=Sun, 14-Mar-2021 15:08:27 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv2=connects; expires=Sun, 14-Mar-2021 15:08:27 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp2_e=MTYxMzE0MjUwN2FmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Sun, 14-Mar-2021 15:08:27 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
content-length: 301
content-encoding: br
vary: Accept-Encoding
date: Fri, 12 Feb 2021 15:08:27 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F7AA 1 KB
835 B 9ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 12 Feb 2021 05:59:32 GMT
expires: Sat, 13 Feb 2021 05:59:32 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 32935
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Cookie set s Show response
pos.baidu.com/ Frame A1D0 69 KB
14 KB 947ms
418ms Document
text/html 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/s?wid=300&hei=250&di=u6431392&ltu=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&psi=9959a03241d2a03e34ad6bfe0d4e1631&dc=3&ti=%E5%AE%BD%E5%B8%A6%E5%B1%B1-%E5%AE%BD%E5%B8%A6%E5%B1%B1KDS-%E5%AE%BD%E5%B8%A6%E5%B1%B1%E7%A4%BE%E5%8C%BA-%E5%9F%8E%E5%B8%82%E6%B6%88%E8%B4%B9%E9%97%A8%E6%88%B7&ps=805x1079&drs=1&pcs=1600x1200&pss=1600x3708&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1613142507&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1613142507&dtm=HTML_POST&tpr=1613142507248&ari=2&ant=0&exps=110257,110009,111000,110011,110739&prot=2&dis=0&dai=1&dri=0

Requested by

Host: 88.166sh.com
URL: https://88.166sh.com/qmosgou.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

84e0f30a25d6e5cd8f22137efcff8273b56e1de32782fbfa522b849f0f3d85c4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: pos.baidu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://club.kdslife.com/f_15.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://club.kdslife.com/f_15.html

Response headers

Cache-Control: post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 13811
Content-Type: text/html;charset=UTF-8
Date: Fri, 12 Feb 2021 15:08:28 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri Feb 12 23:08:28 2021
P3p: CP=" OTI DSP COR IVA OUR IND COM " CP=" OTI DSP COR IVA OUR IND COM "
Pragma: no-cache
Server: nginx
Set-Cookie: BAIDUID=D712CDD5989FDDFE0D15A1892A6A542A:FG=1; expires=Sat, 12-Feb-52 15:08:28 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1 BAIDUID_BFESS=D712CDD5989FDDFE0D15A1892A6A542A:FG=1; Path=/; Domain=baidu.com; Expires=Mon, 12 Feb 2052 15:08:28 GMT; Max-Age=31536000; Secure; SameSite=None
X-Xss-Protection: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F7AA
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBb8uJvhwRYLL_PjtkFQigU&google_cver=1&google_push=AQvitUI1oXQ7BxIiS-_I9rjtaQvjbbOHVQC3VZ7arWw_UPCJIZdoi-JdtIslIcBY0Ytx9SHiRBbJG...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUI1oXQ7BxIiS-_I9rjtaQvjbbOHVQC3VZ7arWw_UPCJIZdoi-JdtIslIcBY0Ytx9SHiRBbJGTiVD4Eebbboxfs-RVQwdg

170 B
190 B

17ms
16ms

Image
image/png

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUI1oXQ7BxIiS-_I9rjtaQvjbbOHVQC3VZ7arWw_UPCJIZdoi-JdtIslIcBY0Ytx9SHiRBbJGTiVD4Eebbboxfs-RVQwdg

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 12 Feb 2021 15:08:27 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUI1oXQ7BxIiS-_I9rjtaQvjbbOHVQC3VZ7arWw_UPCJIZdoi-JdtIslIcBY0Ytx9SHiRBbJGTiVD4Eebbboxfs-RVQwdg
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 53P+S5AIYxZQ2FnZ+SoAAA==

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F7AA 70 B
265 B 154ms
48ms Image
image/gif 63.32.128.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOYyQYQsn2Clnsr43ikPuMU&google_cver=1&google_push=AQvitUKjdo-2h_WQagsgusWu-bFEydqIXjsbxcy3MiTKb5lnqrT00SFQUiLuqKZw1Z0gnW2QhAyi-hdHE3zhd2xJOU0i48J_fGI
Requested by: Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.128.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-128-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F7AA
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESEG3eSQ-Ud_nWm1SeyIkdOe8&google_cver=1&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA
https://px.adhigh.net/p/gm/rub?google_gid=CAESEG3eSQ-Ud_nWm1SeyIkdOe8&google_cver=1&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA&bo...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA&google_hm=ueALrhzNf_oAAikABlF3lslI6...

170 B
190 B

16ms
16ms

Image
image/png

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA&google_hm=ueALrhzNf_oAAikABlF3lslI6g%3D%3D

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:29 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f13-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AQvitUL4RqnLE_9uRQQfQeYPbO9s5Pb0YATKiwRotp_jD3kDz1uziojj2E5N2r7C-v7aJHBa9AnsiCVi36bb2qRa-67DaLfEdA&google_hm=ueALrhzNf_oAAikABlF3lslI6g%3D%3D
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F7AA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mYNrod49RAe2yO3E1wsawA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

17ms
17ms

Image
image/png

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mYNrod49RAe2yO3E1wsawA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIgP3L52e9D-7Q2GZz2BYhB8ah7Hxeug1go2IN0hxanJQZEYiahO9AjGxCSs0Ww4Lb3D_OJxQsGr59TD14UVoAVtJbBAms

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mYNrod49RAe2yO3E1wsawA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIgP3L52e9D-7Q2GZz2BYhB8ah7Hxeug1go2IN0hxanJQZEYiahO9AjGxCSs0Ww4Lb3D_OJxQsGr59TD14UVoAVtJbBAms
Date: Fri, 12 Feb 2021 15:08:27 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F7AA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAY6HmvUVtKjACC7ZUSMLp8&google_cver=1&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0wyRkVDVUktMTctTTMzVg==&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsXiUCCKj98wCVhU6hAu-Zgl2GQ
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0wyRkVDVUktMTctTTMzVg==&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsXiUCCKj98wCVhU6hAu-Zgl2GQ&g...

170 B
224 B

16ms
16ms

Image
image/png

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0wyRkVDVUktMTctTTMzVg==&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsXiUCCKj98wCVhU6hAu-Zgl2GQ&google_tc=

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0wyRkVDVUktMTctTTMzVg==&google_push=AQvitUI2y6SJHEQ8QZ_jS1OHaHi2VcePM9_f-msKg-WLYB74iYNqQGTpqmU33flAqvfLDwTJQsXiUCCKj98wCVhU6hAu-Zgl2GQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 415
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F7AA
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEGGD5uKjLP8Yb6ztbpvLEaU&google_cver=1&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZuvH9vxd...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGGD5uKjLP8Yb6ztbpvLEaU&google_cver=1&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZu...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vNZ16fm4Tt-AD4i0cY-lzQ&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vNZ16fm4Tt-AD4i0cY-lzQ&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZ...

170 B
190 B

16ms
16ms

Image
image/png

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vNZ16fm4Tt-AD4i0cY-lzQ&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZuvH9vxd2jyjc&google_tc=

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vNZ16fm4Tt-AD4i0cY-lzQ&google_push=AQvitUJhlJHESnMGdmZgCq-HIWlcQ5P3ePc6vz0CUSy-IzNG8hJt44-7gcGKueMzPCnVvTpbWzBY7VMjaPRBeVZuvH9vxd2jyjc&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame F7AA 0
44 B 739ms
244ms Image
text/plain 54.250.196.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESECOSJlpjOww4xMxIlRYj17k&google_cver=1&google_push=AQvitUJxAjqN9VuGsIjPaI2tpWAdr4kbNc8stpqQ00XQ48b2QkFsZoO-nRPH8eeTO-zZlKS4KqbrCKqW9D7zKOsui7t-FjsP6-I
Requested by: Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.196.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-196-226.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F7AA 0
59 B 37ms
35ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgC_b81MEzzjdxcM_llp_I1lt75FbiU1g2NdTnpBeuPzcCQNQm1fNNhD7KBpD55poShkEL

Requested by

Host: ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
URL: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
server: HTTP server (unknown)
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 asyncspc.php Show response
assets.bly.ch/tool/www/delivery/ Frame F6F9 1 KB
974 B 43ms
42ms XHR
application/json 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/www/delivery/asyncspc.php?zones=112&prefix=revive-0-&cctpid=1455&lineitem=7222988&exchange=876144&campaignid=2267542&bannerid=876144&ct0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCyvpl6JkmYIa0OYSE3gOlhqnwD8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTgzNzE3NDkyNjcxOTE3MjnIAQmpAgM-Nri52YU-4AIAqAMBqgT2AU_QMkPNEEbz5SnHwEHTiZE5NDqWFr8pkZc9sZvVBd6tUQFEYiSkj0gSqIWZJ4WEjT_LOpOicMG-JnfcjW6QLzoI1aXVwdla2IiR73KRy-sGlXm2O1cLm6b5eFDR35kN3-J9-tq__Xu6g77oh8vOfic2oVx0j5S-dEBWnMj6lYW2_YPSODhPsIQCB-fS4AhJoxDhEpwDnb314f6osqoBHD5h5jXqJb5QDOtRoURg3WwwgyfXi3CgFGIY6ZIzupNlWnFIkhUHXBJVAzUImqxON79hNR-cBLdxGMKAWVQcCUgJi18L4_GFDeBNi_jhk7L52hUz67DtL-AEAYAGotLy5672s-u9AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAUIgGEQAfIIG2FkeC1zdWJzeW4tOTU5ODExNzE3MTc4MDI3MfoLAggBgAwB%26num%3D1%26sig%3DAOD64_0sgAusmEizH53gtqeK5jpgzdxjoQ%26client%3Dca-pub-8371749267191729%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D43420829%3Bcrtbwp%3DYCaZ6AAOWgYKd4IEAApDJQsnxe5GUuVW6w0dOw%3Bcrtbdata%3D213YhU2VLU1jFoK2Of4mVEVd9-myf4IOVEqxySRl7Cd3CU7f-FL3Iw6lzVbaIVSCyQ15zRHvF7w1aPRuMtXHYO4pQW4aschSprZcZQTtiVvaJWo3-f53VfLl3IISJJOuRzm4ZzDkqMPGH_0GdUXB1dxU3BwA81KKHNDu1rz4iAnR1krgmYyTk3nUvGZg8em1BwyPIMCW8pTKFV3IK5FMFdwjQMKcFSYU1yCOIH0MTVJB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Djk_CKHmWpZuoSCpoLbKLHSAuyFiFPlJcs61jRRBDnqELJVNKyp5lVp5ZGNwhVV0wZr-bjp8GuG-vPCrSsv5_L3LLb10zwiQqTvhgTO8831RPgXU93VzT_m65V4aLt9QVIX1Z8qfOCBLjpmSy5lWvlMN4iOtIBxgX0%3B%3BCREFURL%3Dhttps%253a%252f%252fclub.kdslife.com%3BC%3D1%3Bcpdir%3D&loc=https%3A%2F%2Fad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&referer=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: a2d3c48b24edce0cebb3d96111170f11470d3fa9299c415f323bb760030ffae7

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
expires: 0

GET
H2 200 index.html Show response
assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/ Frame 83C4 934 B
633 B 39ms
38ms Document
text/html 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: 6842d1cc7b74a61529772d40cd6b5978774da9b667e4d5587754bb5355ec0f4f

Request headers

:method: GET
:authority: assets.bly.ch
:scheme: https
:path: /tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OAID=0f58aa19185b77d06e6d138a9ef6e412
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

server: nginx
date: Fri, 12 Feb 2021 15:08:27 GMT
content-type: text/html
last-modified: Thu, 11 Feb 2021 15:06:53 GMT
vary: Accept-Encoding
etag: W/"6025480d-3a6"
content-encoding: br

GET
H2

200

1x1.gif
www.adtracker.ch/upload/ Frame F6F9
Redirect Chain

https://cct.connects.ch/tpv.php?t=116404V1455142245M
https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878223265X116404V1455142245M&utm_source=Affiliate

42 B
88 B

22ms
21ms

Image
image/gif

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878223265X116404V1455142245M&utm_source=Affiliate
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 , Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
last-modified: Tue, 10 Jul 2018 10:21:41 GMT
server: Apache
accept-ranges: bytes
etag: "2a-570a27efbd740"
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: https://www.adtracker.ch/upload/1x1.gif?lea_source=2021021216082744878223265X116404V1455142245M&utm_source=Affiliate
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 main.css
assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/css/ Frame 83C4 5 KB
2 KB 40ms
39ms Stylesheet
text/css 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/css/main.css
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: 0d3a37cfa6c9e86e6d0f75c14b43b6ddc330097751345b3f4865555ea9fda760

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: br
last-modified: Thu, 11 Feb 2021 15:06:53 GMT
server: nginx
etag: W/"6025480d-1494"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 83C4 85 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 00:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53357
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 00:19:10 GMT

GET
H2 200 main-min.js Show response
assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/js/ Frame 83C4 44 KB
11 KB 56ms
55ms Script
application/javascript 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/js/main-min.js
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: ba5d5691ec4b35680f177e288211c38eabcb0d8768716266f01ddfe33ecb701d

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: br
last-modified: Thu, 11 Feb 2021 15:06:53 GMT
server: nginx
etag: W/"6025480d-af53"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ Frame 83C4 6 KB
792 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Requested by

Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b153fc4a86b9bf3d98b978f19d5f3cbdd391309f33f95e176b4bdf4a271e1847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 13:29:29 GMT
server: ESF
date: Fri, 12 Feb 2021 15:08:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 15:08:27 GMT

GET
H2 200 Adform.DHTML.js Show response
assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/js/ Frame 83C4 30 KB
13 KB 42ms
42ms Script
application/javascript 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/js/Adform.DHTML.js?bv=0.10361222302867024
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: 93afdbd4031d7fa3cfc06a4893951e4bfe2fe32a5010ebd73a0ddcd317f9f417

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: br
last-modified: Thu, 11 Feb 2021 15:06:53 GMT
server: nginx
etag: W/"6025480d-7920"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 Adform.Products.js Show response
s1.adform.net/Banners/scripts/components/ Frame 83C4 3 KB
2 KB 46ms
46ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/scripts/components/Adform.Products.js?bv=0.4606724531176609
Requested by: Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/js/Adform.DHTML.js?bv=0.10361222302867024
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d9ce344abce003d8b77142e6a74b5958f32ce97e47dd59f75901cc0144e442ae

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:27 GMT
content-encoding: gzip
last-modified: Tue, 06 Oct 2020 13:37:16 GMT
server: nginx
etag: W/"5f7c730c-c84"
x-cache-status: MISS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 lg.php
assets.bly.ch/tool/www/delivery/ Frame F6F9 43 B
317 B 42ms
40ms Image
image/gif 94.130.16.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bly.ch/tool/www/delivery/lg.php?bannerid=218&campaignid=105&zoneid=112&loc=https%3A%2F%2Fad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&referer=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&cb=7931b88856
Requested by: Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: veramedia1.timmeserver.de
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 15:08:27 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0

GET
H2 200 / Show response
track.adform.net/dco/recommendations/ Frame 83C4 6 KB
2 KB 58ms
57ms Script
application/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/dco/recommendations/?aid=2040936&tid=28093&tv=1613142507967&icid=0&eid=0&dco=1&bnrid=0&intid=0&geo=0,0,0&bn=0&gcnt=100&pgsz=6&format=json&callback=adform_com_3t1l5uoa7o0

Requested by

Host: assets.bly.ch
URL: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/js/Adform.DHTML.js?bv=0.10361222302867024

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

658f48534d1a82a252f34625df594a887f9d201d1611ab1cd20585d50d749990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

correlationid: c3302760-2465-4d76-a670-78b5265f7835
date: Fri, 12 Feb 2021 15:08:28 GMT
content-encoding: gzip
x-origin: dcotar001prpitx
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript;charset=utf-8
content-length: 1405

GET
H2 200 logo-sm.css
88.166sh.com/js/logo/css/ Frame A1D0 2 KB
924 B 445ms
445ms Stylesheet
text/css 42.81.8.130
CHINATELECOM-TIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://88.166sh.com/js/logo/css/logo-sm.css
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=300&hei=250&di=u6431392&ltu=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&psi=9959a03241d2a03e34ad6bfe0d4e1631&dc=3&ti=%E5%AE%BD%E5%B8%A6%E5%B1%B1-%E5%AE%BD%E5%B8%A6%E5%B1%B1KDS-%E5%AE%BD%E5%B8%A6%E5%B1%B1%E7%A4%BE%E5%8C%BA-%E5%9F%8E%E5%B8%82%E6%B6%88%E8%B4%B9%E9%97%A8%E6%88%B7&ps=805x1079&drs=1&pcs=1600x1200&pss=1600x3708&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1613142507&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1613142507&dtm=HTML_POST&tpr=1613142507248&ari=2&ant=0&exps=110257,110009,111000,110011,110739&prot=2&dis=0&dai=1&dri=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.81.8.130 , China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7

Request headers

Referer: https://pos.baidu.com/s?wid=300&hei=250&di=u6431392&ltu=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&psi=9959a03241d2a03e34ad6bfe0d4e1631&dc=3&ti=%E5%AE%BD%E5%B8%A6%E5%B1%B1-%E5%AE%BD%E5%B8%A6%E5%B1%B1KDS-%E5%AE%BD%E5%B8%A6%E5%B1%B1%E7%A4%BE%E5%8C%BA-%E5%9F%8E%E5%B8%82%E6%B6%88%E8%B4%B9%E9%97%A8%E6%88%B7&ps=805x1079&drs=1&pcs=1600x1200&pss=1600x3708&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1613142507&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1613142507&dtm=HTML_POST&tpr=1613142507248&ari=2&ant=0&exps=110257,110009,111000,110011,110739&prot=2&dis=0&dai=1&dri=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:28 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 06:01:29 GMT
server: yunjiasu
etag: W/"600675b9-850"
yjs-id: 9cd85c3d62be2cee-115
p3p: CP=" OTI DSP COR IVA OUR IND COM "
cache-control: public, max-age=14400
yjs-cachestatus: HIT
content-type: text/css
content-length: 783
expires: Fri, 12 Feb 2021 19:08:28 GMT

GET
H2 200 logo.js Show response
88.166sh.com/js/logo/js/ Frame A1D0 6 KB
4 KB 446ms
445ms Script
application/x-javascript 42.81.8.130
CHINATELECOM-TIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://88.166sh.com/js/logo/js/logo.js
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=300&hei=250&di=u6431392&ltu=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&psi=9959a03241d2a03e34ad6bfe0d4e1631&dc=3&ti=%E5%AE%BD%E5%B8%A6%E5%B1%B1-%E5%AE%BD%E5%B8%A6%E5%B1%B1KDS-%E5%AE%BD%E5%B8%A6%E5%B1%B1%E7%A4%BE%E5%8C%BA-%E5%9F%8E%E5%B8%82%E6%B6%88%E8%B4%B9%E9%97%A8%E6%88%B7&ps=805x1079&drs=1&pcs=1600x1200&pss=1600x3708&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1613142507&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1613142507&dtm=HTML_POST&tpr=1613142507248&ari=2&ant=0&exps=110257,110009,111000,110011,110739&prot=2&dis=0&dai=1&dri=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.81.8.130 , China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 1ca157b165a1f0c517ab0031e8db49cdcdd328c5b9355acbe500287c219dd4d8

Request headers

Referer: https://pos.baidu.com/s?wid=300&hei=250&di=u6431392&ltu=https%3A%2F%2Fclub.kdslife.com%2Ff_15.html&psi=9959a03241d2a03e34ad6bfe0d4e1631&dc=3&ti=%E5%AE%BD%E5%B8%A6%E5%B1%B1-%E5%AE%BD%E5%B8%A6%E5%B1%B1KDS-%E5%AE%BD%E5%B8%A6%E5%B1%B1%E7%A4%BE%E5%8C%BA-%E5%9F%8E%E5%B8%82%E6%B6%88%E8%B4%B9%E9%97%A8%E6%88%B7&ps=805x1079&drs=1&pcs=1600x1200&pss=1600x3708&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1613142507&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1613142507&dtm=HTML_POST&tpr=1613142507248&ari=2&ant=0&exps=110257,110009,111000,110011,110739&prot=2&dis=0&dai=1&dri=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 15:08:28 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 07:26:35 GMT
server: yunjiasu
etag: W/"5fd1cdab-18f1"
yjs-id: 9cd85c3da7172cee-115
p3p: CP=" OTI DSP COR IVA OUR IND COM "
cache-control: public, max-age=14400
yjs-cachestatus: HIT
content-type: application/x-javascript
content-length: 3639
expires: Fri, 12 Feb 2021 19:08:28 GMT

GET adx.php
wn.pos.baidu.com/ Frame A1D0 0
0

GET
H2 200 SpecialPrice
assets.lyreco.com/is/image/lyrecows/ Frame 83C4 6 KB
6 KB 31ms
12ms Image
image/jpeg 2a02:26f0:7100:481::2638
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lyreco.com/is/image/lyrecows/SpecialPrice?$IMG_SRC=lyrecows/2018-5064914&$VALUE=76.90+CHF&$VALUE_BOTTOM=76.90+CHF&$TEXT_SIZE=1&$TEXT_TOP=NUR&$VALUE_SIZE=1&$TEXT_SIZE_TOP=350&$TEXT=NUR&$VALUE_SIZE_BOTTOM=356&wid=200&hei=200&fmt=jpg&locale=CH_de&qlt=70&resmode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:481::2638 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

50794cce63689efd503211b7ad2f6295552025e2f9e7851b4883e2f865e57bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 18 Jun 2020 16:12:14 GMT
server: Unknown
etag: "c537c565e23712460d38bd6df03c9421"
content-type: image/jpeg
access-control-allow-origin: *
date: Fri, 12 Feb 2021 15:08:28 GMT
content-length: 6148
expires: Fri, 12 Feb 2021 23:01:23 GMT

GET
H2 200 SpecialPrice
assets.lyreco.com/is/image/lyrecows/ Frame 83C4 4 KB
5 KB 34ms
16ms Image
image/jpeg 2a02:26f0:7100:481::2638
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lyreco.com/is/image/lyrecows/SpecialPrice?$IMG_SRC=lyrecows/2018-11559709&$VALUE=109.00+CHF&$VALUE_BOTTOM=109.00+CHF&$TEXT_SIZE=1&$TEXT_TOP=PRIX+NET&$VALUE_SIZE=324&$TEXT_SIZE_TOP=1&$TEXT=PRIX+NET&$VALUE_SIZE_BOTTOM=1&wid=200&hei=200&fmt=jpg&locale=CH_fr&qlt=70&resmode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:481::2638 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

a658dd9ad29a975796f80732c8d002fd3ba3f4bfefd4f1a12517c3566790ccce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 18 Jun 2020 16:12:35 GMT
server: Unknown
etag: "c495220cd672037c97133b3868b2ef18"
content-type: image/jpeg
access-control-allow-origin: *
date: Fri, 12 Feb 2021 15:08:28 GMT
content-length: 4414
expires: Fri, 12 Feb 2021 23:02:07 GMT

GET
H2 200 SpecialPrice
assets.lyreco.com/is/image/lyrecows/ Frame 83C4 7 KB
8 KB 38ms
20ms Image
image/jpeg 2a02:26f0:7100:481::2638
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lyreco.com/is/image/lyrecows/SpecialPrice?$IMG_SRC=lyrecows/2018-10802112&$VALUE=209.00+CHF&$VALUE_BOTTOM=209.00+CHF&$TEXT_SIZE=1&$TEXT_TOP=NUR&$VALUE_SIZE=1&$TEXT_SIZE_TOP=350&$TEXT=NUR&$VALUE_SIZE_BOTTOM=324&wid=200&hei=200&fmt=jpg&locale=CH_de&qlt=70&resmode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:481::2638 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

de8268cca272a04f3d3325241f7ac647be2a1e856799a636b2b29dde6cda5914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 20 Aug 2020 16:12:07 GMT
server: Unknown
etag: "01410f93f99bfd99d8ed3650457c59fb"
content-type: image/jpeg
access-control-allow-origin: *
date: Fri, 12 Feb 2021 15:08:28 GMT
content-length: 7629
expires: Sat, 13 Feb 2021 00:36:27 GMT

GET
H2 200 SpecialPrice
assets.lyreco.com/is/image/lyrecows/ Frame 83C4 3 KB
3 KB 42ms
24ms Image
image/jpeg 2a02:26f0:7100:481::2638
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lyreco.com/is/image/lyrecows/SpecialPrice?$IMG_SRC=lyrecows/2018-12997298&$VALUE=9.90+CHF&$VALUE_BOTTOM=9.90+CHF&$TEXT_SIZE=1&$TEXT_TOP=PRIX+NET&$VALUE_SIZE=395&$TEXT_SIZE_TOP=1&$TEXT=PRIX+NET&$VALUE_SIZE_BOTTOM=1&wid=200&hei=200&fmt=jpg&locale=CH_fr&qlt=70&resmode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:481::2638 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

41da47c0192303f13a9261de7f7bbbc12e36a45f9cd1e2c489136f3c0f59bcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 30 Jul 2020 16:22:34 GMT
server: Unknown
etag: "975c6d32081375eac2af3f5b2a833188"
content-type: image/jpeg
access-control-allow-origin: *
date: Fri, 12 Feb 2021 15:08:28 GMT
content-length: 2976
expires: Sat, 13 Feb 2021 00:36:41 GMT

GET
H2 200 SpecialPrice
assets.lyreco.com/is/image/lyrecows/ Frame 83C4 5 KB
5 KB 46ms
28ms Image
image/jpeg 2a02:26f0:7100:481::2638
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lyreco.com/is/image/lyrecows/SpecialPrice?$IMG_SRC=lyrecows/2018-12260602&$VALUE=36.90+CHF&$VALUE_BOTTOM=36.90+CHF&$TEXT_SIZE=1&$TEXT_TOP=PRIX+NET&$VALUE_SIZE=356&$TEXT_SIZE_TOP=1&$TEXT=PRIX+NET&$VALUE_SIZE_BOTTOM=1&wid=200&hei=200&fmt=jpg&locale=CH_fr&qlt=70&resmode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:481::2638 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

c6e4d2af4b540daedfbff8d53f777e1187919dfaa576c9499785a4ce93e8f03f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 09 Nov 2020 17:08:12 GMT
server: Unknown
etag: "e7419ed97dbdd986b75796d186617416"
content-type: image/jpeg
access-control-allow-origin: *
date: Fri, 12 Feb 2021 15:08:28 GMT
content-length: 5129
expires: Fri, 12 Feb 2021 16:17:25 GMT

GET
H2 200 SpecialPrice
assets.lyreco.com/is/image/lyrecows/ Frame 83C4 4 KB
4 KB 51ms
34ms Image
image/jpeg 2a02:26f0:7100:481::2638
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.lyreco.com/is/image/lyrecows/SpecialPrice?$IMG_SRC=lyrecows/2018-12997152&$VALUE=9.90+CHF&$VALUE_BOTTOM=9.90+CHF&$TEXT_SIZE=1&$TEXT_TOP=NUR&$VALUE_SIZE=1&$TEXT_SIZE_TOP=350&$TEXT=NUR&$VALUE_SIZE_BOTTOM=395&wid=200&hei=200&fmt=jpg&locale=CH_de&qlt=70&resmode=sharp2&op_usm=1.75,0.3,2,0

Requested by

Host: club.kdslife.com
URL: https://club.kdslife.com/f_15.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:481::2638 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Unknown /

Resource Hash

00a6db6669932a759fe0e7f9d98a58905c650dd951e919f26923d2f4ae6e0583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.bly.ch/tool/www/images/937cffa6531bf8a04a1fde1090de8051/index.html?clickTag=https%3A%2F%2Fassets.bly.ch%2Ftool%2Fwww%2Fdelivery%2Fcl.php%3Fbannerid%3D218%26zoneid%3D112%26OXLCA%3D1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 30 Jul 2020 16:23:05 GMT
server: Unknown
etag: "deede7aa73742b052670d408fe9614bd"
content-type: image/jpeg
access-control-allow-origin: *
date: Fri, 12 Feb 2021 15:08:28 GMT
content-length: 3640
expires: Sat, 13 Feb 2021 00:36:32 GMT

GET cpro.js
cpro.baidustatic.com/cpro/ui/noexpire/js/3.1.6/ Frame A1D0 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cpro.baidustatic.com
URL: https://cpro.baidustatic.com/cpro/ui/cm.js

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/gif5.gif

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/gif0.gif

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/lv_index.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/mod_icon2.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/mod_icon1.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/mod_icon3.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/mod_icon4.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/mod_icon5.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/js/kds.js?v=2020092210

Domain: club.kdslife.com
URL: https://club.kdslife.com/index.php?c=index&m=hello_word

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/js/floor.js?v=2018052801

Domain: s9.cnzz.com
URL: https://s9.cnzz.com/z_stat.php?id=1278926474&web_id=1278926474

Domain: s9.cnzz.com
URL: https://s9.cnzz.com/z_stat.php?id=1278580838&web_id=1278580838

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/totop.gif

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/chartMess.gif?v=2

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/night.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/kds_navi_l.png

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/moderator.gif

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/gif2.gif

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/gif4.gif

Domain: club.kdslife.com
URL: https://club.kdslife.com/ui/img/gif3.gif

Domain: cpro.baidustatic.com
URL: https://cpro.baidustatic.com/cpro/ui/pr.js

Domain: wn.pos.baidu.com
URL: https://wn.pos.baidu.com/adx.php?c=d25pZD1lNGM1ZTdlOWE2NjI3ZDUwAHM9ZTRjNWU3ZTlhNjYyN2Q1MAB0PTE2MTMxNDI1MDgAc2U9MQBidT00AHByaWNlPVlDYVo3QUFBUWw5N2pFcGdXNUlBOGhaRDh6dUJtOHhUekFBZ3VnAGNoYXJnZV9wcmljZT0xAHNoYXJpbmdfcHJpY2U9MTAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTQ5NzY0MTkxMQB0dT11NjQzMTM5MgBhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGJjaG1kPTAAdG09Mjc1NDQ4NzMwAHY9MQBpPTUyYWMyYmI4

Domain: cpro.baidustatic.com
URL: https://cpro.baidustatic.com/cpro/ui/noexpire/js/3.1.6/cpro.js

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://club.kdslife.com/f_15.html
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://club.kdslife.com/f_15.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88.166sh.com
ad28a174cf0915029db90ca56adb361f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.bly.ch
assets.lyreco.com
campaigns.cembra.ch
cc.adingo.jp
cct.connects.ch
cct.shop.post.ch
cdn.ampproject.org
club-img.kdslife.com
club.kdslife.com
cm.g.doubleclick.net
cpro.baidustatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
images.kdslife.com
images.pchome.net
img-cms.pchome.net
match.360yield.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pos.baidu.com
px.adhigh.net
px.ads.linkedin.com
s1.adform.net
s9.cnzz.com
securepubads.g.doubleclick.net
static.kdslife.com
static.mediav.com
tpc.googlesyndication.com
track.adform.net
tracking.adtracker.ch
wn.pos.baidu.com
www.adtracker.ch
www.google.com
www.googletagservices.com
www.post.ch
club.kdslife.com
cpro.baidustatic.com
s9.cnzz.com
wn.pos.baidu.com
104.192.110.245
106.14.236.64
115.231.228.249
142.250.185.130
142.250.186.66
171.107.86.35
182.61.200.109
185.64.189.115
193.232.148.152
216.58.212.130
218.59.209.10
218.59.209.6
2620:119:50e1:101::6cae:b25
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2004
2a00:17c8:0:103::20a
2a01:ab20:0:203::1:245
2a02:26f0:7100:481::2638
37.157.4.23
37.157.5.73
42.81.8.130
47.246.43.148
5.148.168.135
52.57.46.37
54.250.196.226
63.32.128.23
69.173.144.139
84.200.5.215
94.130.16.67
00a6db6669932a759fe0e7f9d98a58905c650dd951e919f26923d2f4ae6e0583
0412a32856f4b8ebb4a96819cfa2f2192ed1b1b5b4fa290e007f6814ac881252
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43
0b0f62719efee7a8a3548115ada8f568a54709e7843a6ead1e6032111ae07ea2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba277ecbad3df85b50e567bb0c1ec778307399c458d15d84abc5205d867bcb5
0d3a37cfa6c9e86e6d0f75c14b43b6ddc330097751345b3f4865555ea9fda760
0fe052735f5a9c0750917d5411caf50df03ac5be065fc686f6e8dbbb209ad268
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16acf03a08b0bcf3700a99aac7128c00cdebabd2c3c1edfa4f1e1e1f24619715
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bc45f2a5e105b35afc942730d898d60c7d588dcb8ba3b4c40da1e9b05e8858c
1c2d5596202778c181968882e2d5ac0945ce36144793a4c8abfac4a787330a1c
1ca157b165a1f0c517ab0031e8db49cdcdd328c5b9355acbe500287c219dd4d8
1d6f3374e6585f541d143d936c0b264b2104d53a9108bcf81d66e895d03287e0
1ef9e1ba598dc64509558d3f20cb21670bd1d59d0afa924f1c21a9c3f420023b
2128975055a12e0bae539b389e079bb896e084fa34c6f9bc15a19374512f57f7
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2db5df591b2afb4de0fe041755c4a6265203d65d27a2841d4401f761e5d518a0
3c7a4c9f54d1f5647a8347cb8185ab16ccab1f0a598a76a4baaa0b2e9fb44f11
3d81f01ff8c1c613366087eefc80f18e50bbddfc4f42402827b42988e0d731f4
41da47c0192303f13a9261de7f7bbbc12e36a45f9cd1e2c489136f3c0f59bcc8
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7
50794cce63689efd503211b7ad2f6295552025e2f9e7851b4883e2f865e57bb1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5e86a08da43af3bbcc6d4c750c0834244799cad8cda56969fc00ac53ab8093ae
5ee3dc788ab0f3e7c77d922271be15308382d54b99181658eeaf81a8ee7dad76
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
5fe79846f39763e4f7a9aa820cad309f417ad165b1829272a30ccb9cbe819fe9
658f48534d1a82a252f34625df594a887f9d201d1611ab1cd20585d50d749990
678c05c34756854253747e40e317c4bbbfae1239eeb42cca106cdb6c3eb116f5
680b119ca98f373b687ceade9cbd4a319c45a38687ba96c76eea1cd16d9583fe
6842d1cc7b74a61529772d40cd6b5978774da9b667e4d5587754bb5355ec0f4f
6c89efdbde78d18317fa0438e6aea48ca5db9dd0f53add508cf92204f244731a
71354b27aa90573176d55e66fc30c93b1fec7569231c2a070581e073a66c2c73
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
7611c910632ad7089f38233f96fd5bada41bd21a10b8d71338c8b7198947fa21
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
7d9e379dfd3e4f778d402f09933d9ee77b64fc9574f845f622fe758fe21f9f92
7f67d7d259e6084e5915f4d8c2ae0d185a207b22c4940a3c69fc5608793d1789
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83782461fef4964ebadc4454e80fb19824c2533a19e461dcc292b7eca3d512a2
847f4a9e22fda152adc2a0658bc70cef9004b103cc9761324e48fd6f4bd281c1
84e0f30a25d6e5cd8f22137efcff8273b56e1de32782fbfa522b849f0f3d85c4
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
876e3791e775996e7af115334c0023825ff4335006456da445708cdab4dd2ba9
883fc5b1229c22bb833cf5530677bd85c15a61d86e5b24662537a4403ee8aeed
89cc8c548f7d32502717d0ff8fd8aaa8690360eb5029cd87017bd449c65391b8
8aa16a5299f3fbaf2d4c621da90cb0fcce7a1ddbe2af504376329a991acdbdd0
8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a
8c32ddc8f8165cfb8b05216ff7284055996c2253b8fd0d87a171cbff117da733
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
908ae7e4eb7123bb0a2379e7d89712ca9e0e24821d5948e233226598a7a475f5
913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3
93afdbd4031d7fa3cfc06a4893951e4bfe2fe32a5010ebd73a0ddcd317f9f417
95b5678df4a13f1add825a87a09c712e8248502041bc818ea7a75b792bcc2a15
97de5089ba6ec78131da52a6d87e31d20f75ca6a55a03c1c9da8735f8c780756
99f31455b07a1a27fe9b70f7396e3dfa590522a2151117812c417c63bdee52de
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513
a2d3c48b24edce0cebb3d96111170f11470d3fa9299c415f323bb760030ffae7
a658dd9ad29a975796f80732c8d002fd3ba3f4bfefd4f1a12517c3566790ccce
a765588a97931a762a96e3a65ef8816c4f5122cad124b0115125eab5fe32178a
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61
ab4483961660a7deda7c6606e5621c492a8372802879f070899905f5d021d8ad
b1385e207fdbb43095bd84a55fa75883f52fd55d8b609753498f5574d10e18ed
b153fc4a86b9bf3d98b978f19d5f3cbdd391309f33f95e176b4bdf4a271e1847
b287987abdcc38e98f8d96f5fcff98d98460c0002b2fec0f0b625b77f2948055
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b5096dc75bbb55a6e5c7fc39efce284cdff9c8e828d37a007d4960d25cdd0c6f
b562ca0bf5ab40eed8c2c20c9d108a130b20fe666602b9fa71fb5930c9b3b141
b589ed25e94e94cd8c8c282d033567984dca94fbf44a55b7b512e118d3829a8e
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b8b885b0eb023ca197a7618d5d3964572ddc10a28562b775f1b73feb8c16f69d
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
ba5d5691ec4b35680f177e288211c38eabcb0d8768716266f01ddfe33ecb701d
bc77530262771e38e524df411970b9e2ec75d66900bd780ab938a88e54b2b319
c6e4d2af4b540daedfbff8d53f777e1187919dfaa576c9499785a4ce93e8f03f
c7aa89185966717e345babe615460ca3d281bcb178a72a8c05efe12ba9f91938
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
d34e701b4ff0a04c7d1b59cecaccaabcf7d24503dbfccd9e59b25899d65757e3
d68c43f370558866b0028d72495b06f4427c9c0be2dc38af984bcb3817aeb453
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
d7a2e2b476e08b736e57e6a4c27bbc224b43a7680b34cbc87cf097cb01e3f112
d7fd12d80f9c90d855ecd4a1413bb077931778e57252cdacaa423c68ce11c011
d9ce344abce003d8b77142e6a74b5958f32ce97e47dd59f75901cc0144e442ae
da314a5f7b1d7954ed7c5af7330f87124690b72e1c0f7065b0833dfe89d7f9b1
de8268cca272a04f3d3325241f7ac647be2a1e856799a636b2b29dde6cda5914
dfb58554b9ae72904754724b542fcd53d0dbd01a77dac7e02c8712dd0efa84ff
e0ec060a7251758202644159bb3c9ca30b915106d8601d3fa2d8edb7110b9834
e2daa224b6c152e3a1b51334bf64aa8c5ce0447b9769ad2d50bad84b4ac7118f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a40691884898512c872347ef41d98ceeb51cd354a52181fecca7cca745db7
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ed4aaa7be20cad3c21f5f49f2737a7b589cf284db38cdd65e9ef572a6c79eff5
ee1a2bce502b6a8942b4e5f3189099252272922c9c90564eb59209e8d56fc44d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f080853c0b8766979ce689976df39537673e0aeab33e426ccddce232cbc19a09
f0fb2c3cce6dee777f7c5dd08fd379491845cc236f941a86630be25dc15eb3ef
f61ed1014915942c5eff743083923dc5b3ba5e2477821decc6273c02a46e2c3b
f723111a32933003bd81e290506ca9faa70700901c1ac6effee7178d119bc3cd
f93f1634d92995df3f47225262dbc0f67cd541ed815242acd0a60a64dc39b1be

club.kdslife.com Open in urlscan Pro 106.14.236.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

85 %HTTPS

41 %IPv6

30 Domains

44 Subdomains

34 IPs

10 Countries

1575 kBTransfer

3891 kBSize

0 Cookies

140 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

club.kdslife.com Open in urlscan Pro
106.14.236.64 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

85 %
HTTPS

41 %
IPv6

30
Domains

44
Subdomains

34
IPs

10
Countries

1575 kB
Transfer

3891 kB
Size

0
Cookies

171 HTTP transactions
3 data transactions