www.baiduinenglish.com Open in urlscan Pro
104.168.161.91 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.baiduinenglish.com/
Submission: On August 09 via manual (August 9th 2021, 12:53:01 pm UTC) from US

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 15 domains to perform 53 HTTP transactions. The main IP is 104.168.161.91, located in United States and belongs to HOSTWINDS, US. The main domain is www.baiduinenglish.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 28th 2021. Valid for: 3 months.

This is the only time www.baiduinenglish.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.168.161.91 104.168.161.91	54290 (HOSTWINDS) (HOSTWINDS)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:3600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	175.6.29.252 175.6.29.252	63835 (CT-HUNAN-...) (CT-HUNAN-CHANGSHA-IDC No.293)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:6600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:8e00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.162 142.250.185.162	() ()
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	3.124.181.115 3.124.181.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	203.119.128.195 203.119.128.195	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	47.88.68.21 47.88.68.21	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
10	2600:9000:219... 2600:9000:2190:4e00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
53	24

2 104.168.161.91 (United States)

ASN54290 (HOSTWINDS, US)
PTR: client-104-168-161-91.hostwindsdns.com

www.baiduinenglish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:3600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 175.6.29.252 (Wuhan, China)

ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN)

s4.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icon.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:6600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8e00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN- ()
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.181.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.119.128.195 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z3.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.88.68.21 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2190:4e00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	215 KB
13	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com platform-cdn.sharethis.com	53 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	doubleclick.net googleads.g.doubleclick.net	32 KB
4	cnzz.com s4.cnzz.com c.cnzz.com z3.cnzz.com icon.cnzz.com	6 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.com adservice.google.com www.google.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	baiduinenglish.com www.baiduinenglish.com	23 KB
1	mmstat.com cnzz.mmstat.com	432 B
1	googleapis.com fonts.googleapis.com	765 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	662 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
53	15

	Domain	Requested by
10	platform-cdn.sharethis.com	www.baiduinenglish.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	www.baiduinenglish.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.baiduinenglish.com	www.baiduinenglish.com
1	www.google.com	tpc.googlesyndication.com
1	icon.cnzz.com	www.baiduinenglish.com
1	cnzz.mmstat.com	www.baiduinenglish.com
1	z3.cnzz.com	www.baiduinenglish.com
1	c.cnzz.com	s4.cnzz.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	l.sharethis.com	platform-api.sharethis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	s4.cnzz.com	www.baiduinenglish.com
1	www.googletagmanager.com	www.baiduinenglish.com
1	platform-api.sharethis.com	www.baiduinenglish.com
53	24

This site contains links to these domains. Also see Links.

Domain
www.baidu.com
zh.wikipedia.org
www.cnzz.com

Subject Issuer	Validity	Valid
baiduinenglish.com cPanel, Inc. Certification Authority	`2021-07-28` - `2021-10-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-01-05` - `2022-02-06`	a year	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-06-28` - `2022-07-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.baiduinenglish.com/
Frame ID: E0145D6FC2A761C74125FF03CFEC18EE
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: CE4ED01D57A11D7F247E16B5FFCF03D2
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: CC35CB355F262D913144FA715F60DCE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8353982621444073&output=html&adk=1812271804&adf=3025194257&lmt=1611477935&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558157&bpp=2&bdt=83&idt=62&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=597311042079&frm=20&pv=2&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78
Frame ID: 865E670394DC67C9DEF982E116B23492
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8353982621444073&output=html&h=280&slotname=3048560621&adk=2950391598&adf=2974123936&pi=t.ma~as.3048560621&w=1200&fwrn=4&fwrnh=100&lmt=1611477935&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558159&bpp=2&bdt=85&idt=82&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=597311042079&frm=20&pv=1&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o3yk2AuQGM&p=https%3A//www.baiduinenglish.com&dtd=89
Frame ID: E04FD6D02F027854357C3728B3DD49CB
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: 060018B29D6A0488C6E67DC92888F6DA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C340CAFFF2C2E90D28F5F41268A2D8E0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BF4D5C6DEDA6DD080E6BA5C60C2E719
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

53
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

24
Subdomains

24
IPs

3
Countries

516 kB
Transfer

1298 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.baidu.com/
Title: Official Website

Search URL Search Domain Scan URL

URL: https://zh.wikipedia.org/
Title: Wikipedia

Search URL Search Domain Scan URL

URL: https://www.cnzz.com/stat/website.php?web_id=1278827440

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.baiduinenglish.com/ 10 KB
3 KB 813ms
171ms Document
text/html 104.168.161.91
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.168.161.91 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: client-104-168-161-91.hostwindsdns.com
Software: Apache /
Resource Hash: 6d59bb7bfbec20359708609ae5584a20eb622f6b606765dc299d8b3caeb3e014

Request headers

:method: GET
:authority: www.baiduinenglish.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:37 GMT
server: Apache
last-modified: Sun, 24 Jan 2021 08:45:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3125
content-type: text/html

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49445
x-xss-protection: 0
server: cafe
etag: 12364812339251644168
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 12:52:38 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 186 KB
42 KB 47ms
14ms Script
text/javascript 2600:9000:2190:3600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 572cc391194c430b6c2d54711336747c61c26caca871bfe881ddb153dcc8c8f7

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:48:37 GMT
content-encoding: gzip
age: 241
etag: W/"2e72d-DBEWLnQDQyOeqYgRhmupyANAHZs"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: k8Xegi9iqskRWdqy_KYZeIoG6P-O1Jbm5X6VXmeewpcFTJAs6eUFZA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-165209644-1

Requested by

Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d96af09146d03a2b3a2024a0301049b994921da4ba85c8445e101fa5cf00549a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40793
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Aug 2021 12:52:38 GMT

GET
H2 200 baiduinenglishLogo.jpg
www.baiduinenglish.com/images/ 19 KB
20 KB 170ms
169ms Image
image/jpeg 104.168.161.91
HOSTWINDS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baiduinenglish.com/images/baiduinenglishLogo.jpg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.168.161.91 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: client-104-168-161-91.hostwindsdns.com
Software: Apache /
Resource Hash: 8f3ce7226e02d79cb450db43476ff089b2fa34e9d1841d8180410d76e8c2f766

Request headers

:path: /images/baiduinenglishLogo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.baiduinenglish.com
referer: https://www.baiduinenglish.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:38 GMT
last-modified: Tue, 14 Jul 2020 13:05:19 GMT
server: Apache
accept-ranges: bytes
content-length: 19958
content-type: image/jpeg

GET
H2 200 z_stat.php Show response
s4.cnzz.com/ 11 KB
4 KB 2123ms
870ms Script
application/javascript 175.6.29.252
CT-HUNAN-CHANGSHA...

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.cnzz.com/z_stat.php?id=1278827440&show=pic1
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.6.29.252 Wuhan, China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: ec3bc226a03bf8d3783423640fc64783d6b31608364c5569d6b2c47b2e6f2d56

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 09 Aug 2021 12:33:43 GMT
content-encoding: gzip
age: 1137
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:13:39360867
x-swift-cachetime: 5400
x-swift-savetime: Mon, 09 Aug 2021 12:33:43 GMT
content-length: 4053
last-modified: Mon, 09 Aug 2021 12:33:43 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1628512423
content-type: application/javascript
via: cache26.l2cn1802[44,44,200-0,M], cache23.l2cn1802[46,0], cache6.cn1414[0,0,200-0,H], cache10.cn1414[2,0]
cache-control: max-age=5400,s-maxage=5400
timing-allow-origin: *
eagleid: af061d9e16285135600133041e

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-165209644-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4564
date: Mon, 09 Aug 2021 11:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 09 Aug 2021 13:36:34 GMT

GET
H2 200 5f8d1bb325ffd0001210cfbe.js Show response
buttons-config.sharethis.com/js/ 692 B
1 KB 50ms
21ms Script
text/javascript 2600:9000:2190:6600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f8d1bb325ffd0001210cfbe.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e566aae5bab07bead72f21ef03379fa7f3639c4ceef99dd8948120885b8987c4

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 09 Aug 2021 12:52:38 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 07:55:45 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "00cb8463b2c45574620c41dcd0dae665"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 692
x-amz-cf-id: WTuMEcHxHOdEQvjONNkY_ASt46qwBLAV_9sQlEBKMF1bAOi0ZDQPWA==

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 250 KB
93 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8353982621444073&plah=www.baiduinenglish.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 390643862346785813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 12:52:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame CE4E 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.baiduinenglish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.baiduinenglish.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 08 Aug 2021 19:31:05 GMT
expires: Sun, 22 Aug 2021 19:31:05 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 62493
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame CC35 2 KB
1 KB 77ms
12ms Document
text/html 2600:9000:2057:8e00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.baiduinenglish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.baiduinenglish.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Mon, 09 Aug 2021 12:03:25 GMT
cache-control: max-age=3600, public
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: IXfoPSpwb3MsHgGdBsGB0WBotgO0swoSWmS8ZhIOgUtcwRCJuydC4w==
age: 2953

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2115383807&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baiduinenglish.com%2F&ul=en-us&de=UTF-8&dt=Baidu%20In%20English&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=254979518&gjid=571036838&cid=1545726925.1628513558&tid=UA-165209644-1&_gid=573814878.1628513558&_r=1&gtm=2ou840&z=492832420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:52:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baiduinenglish.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
662 B 110ms
47ms Script
text/javascript 142.250.185.162

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.baiduinenglish.com&callback=_gfp_s_&client=ca-pub-8353982621444073

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8353982621444073&plah=www.baiduinenglish.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

07c44003597e9873c9786d1bf9f7c2c6f0f2968e8b355f79922568177a1e21e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.baiduinenglish.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.baiduinenglish.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 865E 12 KB
4 KB 353ms
352ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8353982621444073&output=html&adk=1812271804&adf=3025194257&lmt=1611477935&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558157&bpp=2&bdt=83&idt=62&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=597311042079&frm=20&pv=2&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52f57d68861e63e85380b20cb93fac2aa8ed7998528ed723a67097f8667a610e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8353982621444073&output=html&adk=1812271804&adf=3025194257&lmt=1611477935&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558157&bpp=2&bdt=83&idt=62&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=597311042079&frm=20&pv=2&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.baiduinenglish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.baiduinenglish.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 12:52:38 GMT
server: cafe
content-length: 4530
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 13:07:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:52:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249289658065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28112
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:52:38 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E04F 68 KB
23 KB 601ms
601ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8353982621444073&output=html&h=280&slotname=3048560621&adk=2950391598&adf=2974123936&pi=t.ma~as.3048560621&w=1200&fwrn=4&fwrnh=100&lmt=1611477935&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558159&bpp=2&bdt=85&idt=82&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=597311042079&frm=20&pv=1&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o3yk2AuQGM&p=https%3A//www.baiduinenglish.com&dtd=89

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

431d5da94fe0d246d791d9a051d55993ffa2469ca5897eb0e5e795a4a5c30f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8353982621444073&output=html&h=280&slotname=3048560621&adk=2950391598&adf=2974123936&pi=t.ma~as.3048560621&w=1200&fwrn=4&fwrnh=100&lmt=1611477935&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558159&bpp=2&bdt=85&idt=82&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=597311042079&frm=20&pv=1&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o3yk2AuQGM&p=https%3A//www.baiduinenglish.com&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.baiduinenglish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.baiduinenglish.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 12:52:38 GMT
server: cafe
content-length: 23583
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 13:07:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 12:52:38 GMT
cache-control: private

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
344 B 119ms
27ms XHR
text/plain 3.124.181.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=www.baiduinenglish.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Baidu%20In%20English&cms=unknown&publisher=5f8d1bb325ffd0001210cfbe&sop=true&bsamesite=true&consent_cookie_duration=142&consent_duration=142&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en&description=Browse%20and%20read%20information%20from%20the%20%E7%99%BE%E5%BA%A6%20Baidu.com%20Search%20Engine%20in%20English%2C%20and%20easily%20find%20translated%20Chinese%20resources%20in%20www.baidu.com%20English%20SERP.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-181-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 12:52:38 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.baiduinenglish.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 css
fonts.googleapis.com/ Frame E04F 6 KB
765 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8353982621444073&output=html&h=280&slotname=3048560621&adk=2950391598&adf=2974123936&pi=t.ma~as.3048560621&w=1200&fwrn=4&fwrnh=100&lmt=1611477935&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558159&bpp=2&bdt=85&idt=82&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=597311042079&frm=20&pv=1&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o3yk2AuQGM&p=https%3A//www.baiduinenglish.com&dtd=89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 12:43:49 GMT
server: ESF
date: Mon, 09 Aug 2021 12:52:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Aug 2021 12:52:38 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame E04F 1 KB
937 B 33ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:45:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame E04F 18 KB
8 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:50:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame E04F 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:50:01 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame E04F 14 KB
6 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 12:51:24 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E04F 125 KB
38 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:52:38 GMT

GET
H2 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame E04F 26 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 09:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 17:10:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 09:18:09 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/126711391981107757/ Frame E04F 11 KB
11 KB 26ms
12ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/126711391981107757/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b005e1d909763600a394364a5255d656955104ae7426f86a047c11c6ff5d1f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 04:58:13 GMT
x-content-type-options: nosniff
age: 201265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11490
x-xss-protection: 0
last-modified: Tue, 04 May 2021 13:42:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 04:58:13 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E04F 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CidC4FiURYYz-D6vCx_AP1dqUyA_X4_6fZJD5l4e1DtnZHhABIN-f_wtglQKgAaXh9LcDyAEJqQJ_hdOmhrqzPqgDAcgDywSqBN8BT9CWjj3Nqoy9MKarXDNGl_j06xVgO6NUoplbSQz7JVY7SsopW_PYbmLHFS98p9vf5NRxHJESu5hkVBxqDEvY6Ehe8qm_n7UJJbW05xVNIJHfgPzEq8bEXrTybzKTnAQO5pgiH8KJvglSBOaBH55nvrO6cZV8cMDoC_ciOU-LGssXehJVFKBGxdJvo0dIAsMZ3IQ6v524ZjV431HDe2J4PCUZ1I0qlYRtFyBDkeHZDiDRi3G890E1_svs3M3dQmVfSq0STQx78uaRiapJCLN92TWp7CbM8_WTjjnQ-r6vTsAElPSVscsDkgUECAQYAZIFBAgFGASgBi6AB8Oei0ioB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ24Qg0ggJCIDhgBAQARgfgAoByAsB2BMMiBQB0BUBgBcBshcaChgIABIUcHViLTgzNTM5ODI2MjE0NDQwNzM&sigh=G-x0WnDZ6xY&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8353982621444073&output=html&h=280&slotname=3048560621&adk=2950391598&adf=2974123936&pi=t.ma~as.3048560621&w=1200&fwrn=4&fwrnh=100&lmt=1611477935&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.baiduinenglish.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628513558159&bpp=2&bdt=85&idt=82&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=597311042079&frm=20&pv=1&ga_vid=1545726925.1628513558&ga_sid=1628513558&ga_hid=2115383807&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060566%2C20211866%2C31062064&oid=3&pvsid=3155335796957088&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o3yk2AuQGM&p=https%3A//www.baiduinenglish.com&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 12:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:52:38 GMT

GET
DATA 200
OK truncated
/ Frame E04F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0215e307d882706106125777b3fd060076f69c65908bdad2edc1b11ff6c5c3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E04F 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 553924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:00:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E04F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:57:53 GMT
x-content-type-options: nosniff
age: 532485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:57:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E04F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 540020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:52:18 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 0600 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 20:17:54 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E04F 42 B
64 B 38ms
37ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu20ZYf1zaBnuIMHhSVtPymWPxB-gP4KuRVnoEJRyyWC1u7iEOSNiV6sR-2gRx3Mu2ZaBB0X9Dq1eozUgt1y1n0V2Twmn78UAQS8tbb8vyTf6WyWQI1bhbyWNCXUw&sai=AMfl-YQPktQZIGWADN8vgFPEY8LQkDIQw1PUz8b-bAISFx1AWIpoXYXRHTFTuGKtAJDBHjITQqktkLqsSif-&sig=Cg0ArKJSzIHUXBjQ2yprEAE&id=lidar2&mcvt=1000&p=195,200,475,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2950391598&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628513558251&dlt=605&rpt=27&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:52:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.php Show response
c.cnzz.com/ 972 B
907 B 309ms
291ms Script
application/javascript 175.6.29.252
CT-HUNAN-CHANGSHA...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/core.php?web_id=1278827440&show=pic1&t=z
Requested by: Host: s4.cnzz.com
URL: https://s4.cnzz.com/z_stat.php?id=1278827440&show=pic1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.6.29.252 Wuhan, China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: ef56d33001e2622aec0891d856cd696520fec74974fc8a8cf296620e0df2618b

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 09 Aug 2021 12:50:15 GMT
content-encoding: gzip
age: 145
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-cachetime: 900
x-swift-savetime: Mon, 09 Aug 2021 12:50:15 GMT
content-length: 620
last-modified: Mon, 09 Aug 2021 12:50:15 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1628513415
content-type: application/javascript
via: cache48.l2cn1802[46,46,200-0,M], cache10.l2cn1802[48,0], cache3.cn1414[0,0,200-0,H], cache10.cn1414[0,0]
timing-allow-origin: *
eagleid: af061d9e16285135603434968e
expires: Mon, 09 Aug 2021 13:05:15 GMT

GET
H2 200 stat.htm
z3.cnzz.com/ 2 B
112 B 3133ms
898ms Image
text/html 203.119.128.195
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z3.cnzz.com/stat.htm?id=1278827440&r=&lg=en-us&ntime=none&cnzz_eid=571304360-1628512423-&showp=1600x1200&p=https%3A%2F%2Fwww.baiduinenglish.com%2F&t=Baidu%20In%20English&umuuid=17b2af8e68ffc-023feaf6a78c65-5771e33-1d4c00-17b2af8e690746&h=1&rnd=303986740
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.119.128.195 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 9.gif
cnzz.mmstat.com/ 43 B
432 B 604ms
155ms Image
image/gif 47.88.68.21
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnzz.mmstat.com/9.gif?abc=1&rnd=3699462
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.88.68.21 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:52:41 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pic1.gif
icon.cnzz.com/img/ 428 B
777 B 952ms
312ms Image
image/gif 175.6.29.252
CT-HUNAN-CHANGSHA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icon.cnzz.com/img/pic1.gif

Requested by

Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

175.6.29.252 Wuhan, China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN),

Reverse DNS

Software

Tengine /

Resource Hash

a335923d66de556f45fe8e855728bc9ff757d3c3a045577cc0cf52c84b7465ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:38:20 GMT
via: cache36.l2cn1802[112,112,304-0,M], cache24.l2cn1802[112,0], cache6.cn1414[0,0,200-0,H], cache10.cn1414[12,0]
eagleeye-traceid: af061da016285127000032506e
age: 861
x-cache: HIT TCP_MEM_HIT dirn:12:82283485
x-swift-cachetime: 3600
x-swift-savetime: Mon, 09 Aug 2021 12:38:20 GMT
content-length: 428
last-modified: Thu, 05 Sep 2019 02:16:52 GMT
server: Tengine
etag: "5d707014-1ac"
strict-transport-security: max-age=31536000
ali-swift-global-savetime: 1628440700
content-type: image/gif
accept-ranges: bytes
timing-allow-origin: *, *
eagleid: af061d9e16285135612852675e

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
680 B 46ms
11ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 30 Jul 2021 07:55:04 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 881857
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: ZqVCJpQG1wk3jJHmnCytaGHoH3YJlA-fTGPr94WzwURr2_vHFwTzZw==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 47ms
12ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 03 Aug 2021 12:03:15 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 521366
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: sD5_jKjKKOzebqKKGjRQjqIFbd19PbApiJ8wyeMPGY71dGpuv_v25w==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 47ms
12ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Jul 2021 11:03:51 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2512130
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: 7vbZzqymKoVCbMmzz51NT1bKakM2YRj0zBZEgjMjN5k4WRLCpkId1A==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
722 B 48ms
13ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Jul 2021 11:49:24 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2509397
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: Kx2ytCJ5Y37NkwZMUlYNIc7NrP_ghhUVMwIfGsNUoelmL5Ng1O2jOg==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
891 B 48ms
13ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 17 Jul 2021 20:01:02 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1961499
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: xcH8gf6UCzZCc31t3pyUItKZtkwp44tC_h76UFPtabgCAnf_ehpEpA==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
835 B 48ms
14ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/linkedin.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 16 Jul 2021 05:15:44 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2101017
etag: "fa43b4ede18498b114fc7185993f6da7"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 456
x-amz-cf-id: 1jRl9tS03cnKS_MXw2Q53TMkzMhdWiGxP1BwMhubmpVOJwTZEdsg9Q==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 13ms
11ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 15 Jul 2021 01:57:29 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2199312
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: jk4F1084HkFGPfAMN3eQWhgX5SPRZbH-NA_5yqJij-PBGj7J1IwoSg==

GET
H2 200 wechat.svg
platform-cdn.sharethis.com/img/ 3 KB
2 KB 13ms
12ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/wechat.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cae1f4deec515c9bffe53b0fcdc372eb107abae2ec0ad24aca85b460c7ef195

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 15:19:34 GMT
content-encoding: gzip
etag: W/"857e7ba5ca888da30b3fdb02c485cc30"
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1632787
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: R4luL7loFVDl4F3zlZRvClaZPj12Ss-P93kXSxj24gTs6kfMMZcL1A==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
945 B 13ms
12ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 00:50:19 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2462542
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: ZLmsvRv7wLYnHk83GzU2o8AZlVrHyYdgA8Q2MwDGooXf1S9rUDXQsA==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
943 B 14ms
12ms Image
image/svg+xml 2600:9000:2190:4e00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by: Host: www.baiduinenglish.com
URL: https://www.baiduinenglish.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4e00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 20 Jul 2021 14:02:13 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1723828
etag: "9928d025bd5792b718ee0a185f62e67c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: ZekotfYBf2QOJPHaNCS5dMz98ybJMSnnsY5FJA6V3OMe9VATrbG7Vw==

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f741d9e7f0fcbc7f35f54895e8574f69a0e8ae3546f2b1fc6a0db15f54351aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 12:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8600
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 09 Aug 2021 12:52:43 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C340 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.baiduinenglish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.baiduinenglish.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 12:50:07 GMT
expires: Tue, 09 Aug 2022 12:50:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7BF4 783 B
780 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

840f30eb2e98ae6df9b2eee174eb50f179151835a40edc13b8444d86bb06d502

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5eSUed5VM2KQjYD0M/rb1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.baiduinenglish.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.baiduinenglish.com/

Response headers

expires: Mon, 09 Aug 2021 12:52:43 GMT
date: Mon, 09 Aug 2021 12:52:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5eSUed5VM2KQjYD0M/rb1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame C340 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 20:17:54 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=3155335796957088&bg=!_v2l_bnNAAals0SOpbM7ACkAdvg8WpM89ZrRTNI4tWjTKiBpl0Jclvgyxsva3ZHBd_FqIBFJZrl96AIAAABMUgAAAAloAQcKAH3avH4WwbYjjnFQmV0XElb4JpQ1auZVAQN1zLtcbDAzPgJPTaoKbzqjTxyUMcaathN9iMpfTzQqyRAuNk0nb8StYyNe6RHvBOKD6iqZMBa91Ru3aRR2dN_-U5o1fLruG-VFaeOoQjMWEVb8P_3bzAyb6vYg7MM7o0EDpwdAg5kCjSDBBrZGOi05qwJPnSbzg45XK9ACIekrxYGOKI2ba2xQSIrINrnokMSG4FmuzbCS5yxDmOscjix7IwMysGEQ6v7y6jCDEzHRnlzb4qiEsjIFiQzu_CIrJ02B87E6tac52C__Dkt9i1ssQUV3-bZi_d9sPcIJCqFb8tNyPNwMuZTtIFsnznX7Nj3eTmy3tJeMGj0_o5UPPnW24xLOif0TWwiUcbY2EwRwUruIQu0FhIlXCV-BpwHJ4Jd9hfLVZYJY7b4MzTE-ZNCGntwfwfaZZ73zvGvLqt13OElgJOO50ULJzF3SefXC0iRaGJPAaPTbl-67XweArhIGMqCoQ5cZhxqpaa3fKtzWA1Rntiz0wN-C0wUaY7UlFLdvzFhDQUhixL4EZ53-U9Zjrf6Xz0cCE4gCN1bLWE2h0TMcHnQ4bNdThVIaJcY33Btp---iYHOF1egQEdAJHAGlxsIQVyzx3C8S-uUL8Lmvhx3bMkIAEoF2YVHcreI53x41NfIfR_vZNbwkBoiCwyxw5eUhvozoWCqsVxPa4KFF79KOsvFHzlODMtZQuGVO-fJNLaowgUA-CKUVXsMz5tPBF2pLVnwoJy42djRhzmKGRU10WCt62ColCW0QcQvNgMffMPHN9BTs_JnuWDEfeAncUP64onTyQJCY--ViuTPfRwiMvSt6V_eMdwC2Doitu6NIL6Q-bN5W8CHs9f4rAE2LWXqVyTgjsxLS0gfzIbxYjZETr3vZcoUnBkFyysinkDI_JPDQYRP5P4DSPxCwkmCCSh4_K-JOSprk8Ww4J3PvqLNJM66Ojav1MNja7KmxCPAPLXmrpUQFy-2FSrjuvBcnEMnEk_oIq1taZoCw8Yq5D4vLyEjh

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baiduinenglish.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 12:52:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.baiduinenglish.com/	1970-01-20 00:43:58	Name: CNZZDATA1278827440 Value: 571304360-1628512423-%7C1628512423
.doubleclick.net/	1970-01-20 05:43:29	Name: IDE Value: AHWqTUm980tI3_w5ozaRmX3RK0TRHgel4U_2IO2NDjppb0UOPutrohbTlNoQB5x87wg
.baiduinenglish.com/	1970-01-20 00:43:58	Name: UM_distinctid Value: 17b2af8e68ffc-023feaf6a78c65-5771e33-1d4c00-17b2af8e690746
.baiduinenglish.com/	1970-01-20 13:53:05	Name: _ga Value: GA1.2.1545726925.1628513558
.baiduinenglish.com/	1970-01-20 05:43:29	Name: __gads Value: ID=4ab8c1d09ae22777-221dbb279bc90014:T=1628513558:RT=1628513558:S=ALNI_MZul7KkQvIdcyd219PJSb2VT-Gl-Q
.baiduinenglish.com/	1970-01-19 20:21:53	Name: _gat_gtag_UA_165209644_1 Value: 1
.baiduinenglish.com/	1970-01-19 20:23:19	Name: _gid Value: GA1.2.573814878.1628513558

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.cnzz.com
c.sharethis.mgr.consensu.org
cnzz.mmstat.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
icon.cnzz.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
s4.cnzz.com
tpc.googlesyndication.com
www.baiduinenglish.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z3.cnzz.com
104.168.161.91
142.250.185.162
175.6.29.252
203.119.128.195
2600:9000:2057:8e00:c:a9b7:ddc0:93a1
2600:9000:2190:3600:1c:8a07:5e80:93a1
2600:9000:2190:4e00:1d:85c3:6640:93a1
2600:9000:2190:6600:c:abe:f440:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
3.124.181.115
47.88.68.21
07c44003597e9873c9786d1bf9f7c2c6f0f2968e8b355f79922568177a1e21e3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7
431d5da94fe0d246d791d9a051d55993ffa2469ca5897eb0e5e795a4a5c30f24
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52f57d68861e63e85380b20cb93fac2aa8ed7998528ed723a67097f8667a610e
572cc391194c430b6c2d54711336747c61c26caca871bfe881ddb153dcc8c8f7
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d59bb7bfbec20359708609ae5584a20eb622f6b606765dc299d8b3caeb3e014
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7cae1f4deec515c9bffe53b0fcdc372eb107abae2ec0ad24aca85b460c7ef195
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
840f30eb2e98ae6df9b2eee174eb50f179151835a40edc13b8444d86bb06d502
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8f3ce7226e02d79cb450db43476ff089b2fa34e9d1841d8180410d76e8c2f766
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a335923d66de556f45fe8e855728bc9ff757d3c3a045577cc0cf52c84b7465ef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b005e1d909763600a394364a5255d656955104ae7426f86a047c11c6ff5d1f3c
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d96af09146d03a2b3a2024a0301049b994921da4ba85c8445e101fa5cf00549a
e0215e307d882706106125777b3fd060076f69c65908bdad2edc1b11ff6c5c3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e566aae5bab07bead72f21ef03379fa7f3639c4ceef99dd8948120885b8987c4
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ec3bc226a03bf8d3783423640fc64783d6b31608364c5569d6b2c47b2e6f2d56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef56d33001e2622aec0891d856cd696520fec74974fc8a8cf296620e0df2618b
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f741d9e7f0fcbc7f35f54895e8574f69a0e8ae3546f2b1fc6a0db15f54351aff
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

www.baiduinenglish.com Open in urlscan Pro 104.168.161.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

74 %IPv6

15 Domains

24 Subdomains

24 IPs

3 Countries

516 kBTransfer

1298 kBSize

7 Cookies

3 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.baiduinenglish.com Open in urlscan Pro
104.168.161.91 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

24
Subdomains

24
IPs

3
Countries

516 kB
Transfer

1298 kB
Size

7
Cookies

53 HTTP transactions
1 data transactions