urlscan.io logo urlscan.io
SecurityTrails logo

www.edumails.cn Open in urlscan Pro
150.138.39.137  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.edumails.cn/
Submission: On August 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 10 countries across 43 domains to perform 317 HTTP transactions. The main IP is 150.138.39.137, located in China and belongs to CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN. The main domain is www.edumails.cn.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 3rd 2022. Valid for: a year.
This is the only time www.edumails.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 150.138.39.137 139887 (CHINANET-...)
13 2a00:1450:400... 15169 (GOOGLE)
4 103.235.46.191 55967 (BAIDU Bei...)
28 112.74.188.50 37963 (ALIBABA-C...)
2 23 2a00:1450:400... 15169 (GOOGLE)
1 2409:8c54:104... 56040 (CMNET-GUA...)
30 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
4 7 2a00:1450:400... 15169 (GOOGLE)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a02:2638:d::13 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
3 22 142.250.185.130 15169 (GOOGLE)
2 2 3.122.199.127 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3.125.222.20 16509 (AMAZON-02)
3 3 37.157.3.26 198622 (ADFORM)
2 4 23.35.237.56 16625 (AKAMAI-AS)
2 2600:1901:0:7... 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
2 2 35.190.0.66 15169 (GOOGLE)
3 178.250.7.11 44788 (ASN-CRITE...)
2 2 51.38.120.206 16276 (OVH)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 1 151.101.2.49 54113 (FASTLY)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
4 142.250.184.194 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
12 240e:940:e006... 4134 (CHINANET-...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 185.29.132.245 30419 (MEDIAMATH...)
1 1 35.186.193.173 15169 (GOOGLE)
57 120.77.166.57 37963 (ALIBABA-C...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 142.250.185.70 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
2 104.102.45.165 16625 (AKAMAI-AS)
2 35.177.233.254 16509 (AMAZON-02)
4 43.152.26.197 139341 (ACE-AS-AP...)
1 49.51.224.111 132203 (TENCENT-N...)
317 42
18    150.138.39.137 (China)

ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN)
www.edumails.cn
13    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
28    112.74.188.50 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
www.yingyuchat.com
23    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
partner.googleadservices.com
1    2409:8c54:1040:9::120 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
ssl.captcha.qq.com
30    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
24    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
22    142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
2    3.122.199.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-199-127.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    3.125.222.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-222-20.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
8    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2a05:d018:d29:3602:f10a:ace:7b5b:36c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    142.250.184.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
12    240e:940:e006:4:0:5:0:a (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
img.list68.cn
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
57    120.77.166.57 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
kehongnetwork.oss-cn-shenzhen.aliyuncs.com
4    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    142.250.185.70 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
4    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    167.233.13.224 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
2    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    35.177.233.254 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-233-254.eu-west-2.compute.amazonaws.com
track.webgains.com
4    43.152.26.197 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
captcha.gtimg.com
1    49.51.224.111 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
tam.cdn-go.cn
Apex Domain
Subdomains		 Transfer
57 aliyuncs.com
kehongnetwork.oss-cn-shenzhen.aliyuncs.com
166 KB
48 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
ad.doubleclick.net — Cisco Umbrella Rank: 194
210 KB
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
654 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 30452
ad4m.at — Cisco Umbrella Rank: 10726
assets.ad4m.at — Cisco Umbrella Rank: 40955
754 KB
28 yingyuchat.com
www.yingyuchat.com
img.yingyuchat.com Failed
552 KB
19 criteo.net
static.criteo.net — Cisco Umbrella Rank: 617
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9311
csm.eu.criteo.net — Cisco Umbrella Rank: 8962
203 KB
18 edumails.cn
www.edumails.cn
287 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
204 KB
12 list68.cn
img.list68.cn
5 MB
7 google.com
www.google.com — Cisco Umbrella Rank: 3
340 B
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
394 KB
6 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 8917
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10253
dis.criteo.com — Cisco Umbrella Rank: 608
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15643
54 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1216
www.googleadservices.com — Cisco Umbrella Rank: 150
463 B
4 gtimg.com
captcha.gtimg.com — Cisco Umbrella Rank: 53863
161 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 127321
static-de.ad4mat.net — Cisco Umbrella Rank: 154708
8 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1405
900 B
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
4 KB
4 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9388
23 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 841
s.tribalfusion.com — Cisco Umbrella Rank: 1914
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 604
2 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44386
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17077
1 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 69872
3 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 64810
768 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 64401
446 B
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 857
795 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 812
677 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8932
912 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 354
291 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 977
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 921
r.turn.com — Cisco Umbrella Rank: 3853
869 B
1 cdn-go.cn
tam.cdn-go.cn — Cisco Umbrella Rank: 56126
22 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 44105
609 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1190
728 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3044
104 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1876
4 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 777
544 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 818
716 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1661
584 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 363
265 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 245
5 KB
1 qq.com
ssl.captcha.qq.com — Cisco Umbrella Rank: 68776
80 KB
317 43
Domain Requested by
57 kehongnetwork.oss-cn-shenzhen.aliyuncs.com www.yingyuchat.com
kehongnetwork.oss-cn-shenzhen.aliyuncs.com
30 tpc.googlesyndication.com www.edumails.cn
googleads.g.doubleclick.net
tpc.googlesyndication.com
28 www.yingyuchat.com www.edumails.cn
www.yingyuchat.com
22 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
www.edumails.cn
22 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
18 www.edumails.cn www.edumails.cn
13 pagead2.googlesyndication.com www.edumails.cn
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
12 assets.ad4m.at as.ad4m.at
12 img.list68.cn www.edumails.cn
9 static.criteo.net ads.eu.criteo.com
8 fonts.gstatic.com fonts.googleapis.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
7 imageproxy.eu.criteo.net ads.eu.criteo.com
7 www.google.com 4 redirects googleads.g.doubleclick.net
7 www.googletagservices.com googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
4 captcha.gtimg.com ssl.captcha.qq.com
captcha.gtimg.com
4 ad.doubleclick.net 4 redirects
4 www.googleadservices.com www.edumails.cn
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
www.edumails.cn
4 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
4 hm.baidu.com www.edumails.cn
www.yingyuchat.com
3 dis.criteo.com googleads.g.doubleclick.net
3 c1.adform.net 3 redirects
3 csm.eu.criteo.net ads.eu.criteo.com
2 track.webgains.com as.ad4m.at
2 www.awin1.com as.ad4m.at
2 partner.o2online.de as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 static-de.ad4mat.net as.ad4m.at
2 onetag-sys.com 2 redirects
2 ads.travelaudience.com 2 redirects
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 prod-rtb.ad4mat.net googleads.g.doubleclick.net
2 x.bidswitch.net googleads.g.doubleclick.net
2 pm.w55c.net 2 redirects
1 tam.cdn-go.cn captcha.gtimg.com
1 gcm.ctnsnet.com 1 redirects
1 sync.mathtag.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 secure.gravatar.com www.edumails.cn
1 sync-tm.everesttech.net 1 redirects
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 ssl.captcha.qq.com www.edumails.cn
1 partner.googleadservices.com pagead2.googlesyndication.com
0 img.yingyuchat.com Failed www.yingyuchat.com
317 59
Subject Issuer Validity Valid
www.edumails.cn
Encryption Everywhere DV TLS CA - G1		 2022-11-03 -
2023-11-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
www.yingyuchat.com
Encryption Everywhere DV TLS CA - G1		 2022-11-21 -
2023-11-20		 a year crt.sh
*.captcha.qq.com
DigiCert Secure Site CN CA G3		 2022-09-19 -
2023-10-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
img.list68.cn
Encryption Everywhere DV TLS CA - G1		 2022-11-03 -
2023-11-03		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.oss-cn-shenzhen.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-07-07 -
2024-03-02		 8 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.captcha.gtimg.com
DigiCert Secure Site CN CA G3		 2022-12-06 -
2023-12-06		 a year crt.sh
cdn-go.cn
DigiCert Secure Site CN CA G3		 2022-09-05 -
2023-09-15		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.edumails.cn/
Frame ID: F1F1E4F8E425C670F090009C982F5D11
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 1CFB74B8113D87BAF473F5C4025A4878
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&adk=1812271804&adf=3025194257&lmt=1691972396&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.edumails.cn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979595894&bpp=5&bdt=538&idt=107&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1272379635124&frm=20&pv=2&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=125
Frame ID: 24C079397933888F116E2CF66C9AE102
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Frame ID: 0747F30E6EB6D758D51DE03B6F708491
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Frame ID: DCAAFCF310DD05721795CBCF5BFD8588
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Frame ID: AA3367551380C72ADD720A737B2DF05A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Frame ID: 489EEF606F2B6C324187E82CC3439D17
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6EFEA485B876DF755ECBB0664B67BB0C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: AE02D1D2055D1211663DD14BBBEEBD91
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: E9C30DE45BBE2B3461B310247C3F81B7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 8027EE2F0B518A3CA0B3F1D0E1968D1A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 27AD6A1AA947CB0FFBA596A23CE284B4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: D0B8759FDD807B36E233ADABAC13B86E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3948C97896ED9B4E76062FF5D35A248E
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Frame ID: 0FAB9F53EB5B778B50424DA0265F4C74
Requests: 22 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h73fvtjamcm3k01nab4fnmchdddb7r6ntc6r9h614v8wxqg1rjmmqdmytnfg3n3yjj7v3xk6tpzs2nygngbyavcqf5tmahjke406chy0azj32szm4fhtzm0dxdzzs8tdzxpcdhd0gzbm6mhre9n3ar7hbkkze29cq9g3jed6gnjmffb24scn896x52rtzcm40f19mzvctq6f724sgb1rhj6vz0m74aw7hngsxn21s1czvgk2yk6sy0ms13dgxwvvdakz92edj3t0q2959ggv76yx3kwjmp69s9g86ym7g5n076p7g4kh4dxca57ezt7nqrhgtcpkb6xpyk3p3cbn2gtkk96rd3e5a94t4aewnp5s51az56rtszp2dsyxnm5jck3rer7vx4ze5c1jc68dfrjdbcmb4yg8wjmxta36jmxwy0dv4spgtae63ygmh5t56p8e2tnzy7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%26client%3Dca-pub-2375973990023873%26adurl%3D
Frame ID: 1C8774340A78BD43812CFC16DB278785
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Frame ID: 379B92F457988F1BA993833B53DB6024
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C1BEDD43D475FE298EA5F869B7544E65
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g3k83tht687vb174e491v22nrcy7ze57yrvb9jkspmn0tqa6av3wwfa4w0x2793710mz9rdys9jwtxdbd618akv16vmdvg6g4y37xtzzn7w3td1jdszkc0ry84g0j546qpg6wmzs4xcs3th7jdze6deywy4g8qf8q9md4ebc9e2k98nt1m9qbchkhyhsdnjrswtgzq0k0cawkrkadqj2g6qvd02f63n8w7rpg9bz90xnpga029xjfc5xghnzhm30z3hj59c7zvxwzk2c69f2wc2afhr2ztz46wz93fdpmcseq6ka2p4b9359p3y9dnx9151xb8tay5bhj27qs3dkbgf34sh9a6gdprh097pyghyw9086dkqptsq8djpkpgphkqhezt5cys262f60qx2rzdy6vwjptgtsyq295ydcq1xx4q0sh8wre99apqxa7r14sd3tcj1h42g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Frame ID: C2D65421B91EDAD32DC4694861D2F617
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Frame ID: ECBB83382A14C7776234A225383EE821
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4A99DEA8B28CED38A5D1FE343172F347
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2CFB73A0FFC5D59DD9E0452967151991
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B90A8628F1DFF52552BB62039FB0F989
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 05A427E5DF2DA746D8D8A9A994A7EBAE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA2E485394220E60178A9014ED2D0E58
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 41C7CF9F3C8981083D0B19F0D28E6D4A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B1FC8FB6DD8A05DF1C039D9D298DA6BA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: 0C61FC23D6561EFC8603B9F78A48E60E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: 0028CB2CE1353F34CB2E7BAD0B60E4DA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Frame ID: 8B40919484222F8505422AFA8C36070E
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Frame ID: 61CE326B6B2DA3F2BD6DF711CB022CD4
Requests: 11 HTTP requests in this frame

Frame: https://captcha.gtimg.com/1/template/drag_ele.html
Frame ID: EAEA43BECAAF531B28BEA2B2EE6F1798
Requests: 16 HTTP requests in this frame

Frame: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Frame ID: EEA2916153126B79C45217F6D2F6C2AD
Requests: 79 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EDU教育网邮箱注册申请-EDU教育网邮箱官方资讯平台

Detected technologies

Overall confidence: 100%
Detected patterns
  • /TCaptcha\.js
  • captcha\.qq\.com/.*
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

317
Requests

92 %
HTTPS

49 %
IPv6

43
Domains

59
Subdomains

42
IPs

10
Countries

8537 kB
Transfer

14535 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 48
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 100
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB8MIkQCSyIlVOhZVFTn-4w&google_cver=1&google_push=AXcoOmTTizijqJxBsuCA0IlJy28yxhMgNx0eNwZ97qZcf-0wZPC9Iik_dA6595ipvefTKVmG3okUlDup55JiT2BUWeOiaEYDOnXO0Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzM2OTAxNTA5ODE0NjgzNDY1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELEDIEpxG2AK0NNe88btu4A&google_cver=1
Request Chain 101
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&google_cver=1&google_push=AXcoOmT5BSf7ThwhZa6HoT5UzAybs5HHffXFsgulOg_ImKt4BiIlhrQWh9mZd0saikG07YI33iYRAd4oYLd9pcjrDbpeBrvz0sl1Gg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&google_cver=1&google_push=AXcoOmT5BSf7ThwhZa6HoT5UzAybs5HHffXFsgulOg_ImKt4BiIlhrQWh9mZd0saikG07YI33iYRAd4oYLd9pcjrDbpeBrvz0sl1Gg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFRDQkJJclIxUXZuYnY1&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&google_cver=1&google_push=AXcoOmT5BSf7ThwhZa6HoT5UzAybs5HHffXFsgulOg_ImKt4BiIlhrQWh9mZd0saikG07YI33iYRAd4oYLd9pcjrDbpeBrvz0sl1Gg
Request Chain 103
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMcG99inXTcfmRVS97GrwJw&google_cver=1&google_push=AXcoOmQl647DUs3lkh1GWUQ21PXa7RLkB0y6DSBapF3Bc1hpjc-TGM-n_XOai2bO7qlUyTEztToJg4dHS4e_JtIKhZBzScEDYhlV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2Njk5NzAzNDYyMTEzOTA4NA%3D%3D&google_push=AXcoOmQl647DUs3lkh1GWUQ21PXa7RLkB0y6DSBapF3Bc1hpjc-TGM-n_XOai2bO7qlUyTEztToJg4dHS4e_JtIKhZBzScEDYhlV
Request Chain 105
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMHDgXqfZp2uynAVkBeTw78&google_cver=1&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1455rz2OcA7qSVsHTyHMgw20Z2Gg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMHDgXqfZp2uynAVkBeTw78&google_cver=1&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1455rz2OcA7qSVsHTyHMgw20Z2Gg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTgyODYyNzc4NzA5MzczNDc4Mw&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1455rz2OcA7qSVsHTyHMgw20Z2Gg
Request Chain 106
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGscpO0cOuqb7a9tpytwEks&google_cver=1&google_push=AXcoOmQbJXWxrhgMG1ih0ChXL4JSua5tBfJakWg5aISrho5uogwRtLRpXDgqzdmo_2wvOMf3uV3RpZ4t5PVDNjsgvmuAWBzXLKFAig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQbJXWxrhgMG1ih0ChXL4JSua5tBfJakWg5aISrho5uogwRtLRpXDgqzdmo_2wvOMf3uV3RpZ4t5PVDNjsgvmuAWBzXLKFAig HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 129
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOp0OmNBZ3UB9NNLP8WKLpY&google_cver=1&google_push=AXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOp0OmNBZ3UB9NNLP8WKLpY&google_cver=1&google_push=AXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 130
  • https://um.simpli.fi/gp_match?google_gid=CAESEITvD38I8kmqcF_Nu9OP6K4&google_cver=1&google_push=AXcoOmRN89cyDPRT6TgvD1fUbJO0jsuqc3-iSJAu_Ro_peF-Q0es8SKs9wMnj92iTv21XRvs9azuXGCZ79CyaF2PB7tOJJbvax2nBzk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF300C439CDF4E39ACB40DB3D3CC4FA1&google_push=AXcoOmRN89cyDPRT6TgvD1fUbJO0jsuqc3-iSJAu_Ro_peF-Q0es8SKs9wMnj92iTv21XRvs9azuXGCZ79CyaF2PB7tOJJbvax2nBzk
Request Chain 131
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEG0EAwkoa1D3TZfNoiwD2nY&google_cver=1&google_push=AXcoOmQxtr1Dgvv3jc7Nud60JfGeR9aIcpXAZbzOXvX7gfJR0mQn2SQ6GDHnw1221vks101luKW_uHEsArZH13bTFmUKl5s_nV09Uk0 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmQxtr1Dgvv3jc7Nud60JfGeR9aIcpXAZbzOXvX7gfJR0mQn2SQ6GDHnw1221vks101luKW_uHEsArZH13bTFmUKl5s_nV09Uk0
Request Chain 134
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN2C1-3_7hToUuLBSwpaW90&google_cver=1&google_push=AXcoOmT1P410TUKfMragPpDT1TC04o6CmsVU8-ctr4TPuXvTcXa7E8NUatAWiaLiDeTmUmgoLv6bhBz8oH45lLBJZNva_VONe_ukc00 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNzczOTAwNzQ0OTU4ODI5Mw&google_push=AXcoOmT1P410TUKfMragPpDT1TC04o6CmsVU8-ctr4TPuXvTcXa7E8NUatAWiaLiDeTmUmgoLv6bhBz8oH45lLBJZNva_VONe_ukc00
Request Chain 135
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJxyHW8ryYOOmNNRXcgoSJE&google_cver=1&google_push=AXcoOmTLKShNGNgmcfu0HJ_L1Gs8i5jsN47DGAMqBy6uADHKDLWm25VH9eN_vzhf_5GnIXvSCGne6uhv0F2ZauVzgkPmVcRl5ceqRqk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLKShNGNgmcfu0HJ_L1Gs8i5jsN47DGAMqBy6uADHKDLWm25VH9eN_vzhf_5GnIXvSCGne6uhv0F2ZauVzgkPmVcRl5ceqRqk
Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOR3GKbb494JGs6uTuwePX4&google_cver=1&google_push=AXcoOmSKsv0esSi0d2rZmpnuVPdT3hKfgXFZj_4KiKVC_1uXuoQmO5eB4CV7Dy_i84b5jE7LQ5ExiQuFkmk7kgNI9eXnKAIwMzgw8n8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOR3GKbb494JGs6uTuwePX4&google_push=AXcoOmSKsv0esSi0d2rZmpnuVPdT3hKfgXFZj_4KiKVC_1uXuoQmO5eB4CV7Dy_i84b5jE7LQ5ExiQuFkmk7kgNI9eXnKAIwMzgw8n8
Request Chain 162
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGaez4hIazQUzoqNtCWEBmo&google_cver=1&google_push=AXcoOmTV9_-apqjnNEth57k3E3VJraiK3sIcUlqEn7eSXJobazQTpQHuFpOE1eFlRDuyueFRTDje-zDu-XaZwtEVJxV5Wf7sodRSkKU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTV9_-apqjnNEth57k3E3VJraiK3sIcUlqEn7eSXJobazQTpQHuFpOE1eFlRDuyueFRTDje-zDu-XaZwtEVJxV5Wf7sodRSkKU&google_hm=eS13SXkxOS5SRTJwRTNXdlBpOGVsY3l4OXc0S3FEWDlRWn5B
Request Chain 164
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN9AlZY_1DnYf8DuKxEgnxI&google_cver=1&google_push=AXcoOmTsqUKNgyFL1bFmfAwBCuw605J6ElwY_4HBELywcMak6cchVe7PxKGEp88GNpdwLDDYNe6CiFIs1TAdb7rqT0DapVoTKu_kY1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTsqUKNgyFL1bFmfAwBCuw605J6ElwY_4HBELywcMak6cchVe7PxKGEp88GNpdwLDDYNe6CiFIs1TAdb7rqT0DapVoTKu_kY1A
Request Chain 165
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECUtOo_Ohc-Sv504d60PvbE&google_cver=1&google_push=AXcoOmQbeCIvlc90nkWOWzhuoSZjCgwl-6LJvjBP1Io9riDzVz7ZLinViPB1Q_8FHFi_nF6TlWvYBmnuOyCdVW8ofyQDVP1OvsnA6BMi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQbeCIvlc90nkWOWzhuoSZjCgwl-6LJvjBP1Io9riDzVz7ZLinViPB1Q_8FHFi_nF6TlWvYBmnuOyCdVW8ofyQDVP1OvsnA6BMi HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 171
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwOxdTI_ZZMP8LJygxdwPhta-iAbnrr2gbo-rjdC3D8Oj4pm4AhABIOu14HhglYKAgJgHoAHir67TA8gBAakCqD1f4W5esj6oAwHIA8MEqgTeAU_QgBmej-GAwTWHoOvvSAWWZ2Gjly5CxmUQ1VjNfrfsgYyUc3UDhqDPHEqPl590me_BAkF72htrDmNdbiGSAERDVGbwlRTRHtUpukuMoV7QbqGMr37ZrmO8GGH7hmBX1G83MpEd8_gxdYJeq7DD2UPJaCEBMNQkla46ldgeUSycm3iMeAAeDS90j0b7HvscicTGzfmxlrIHIXR2WC8BO1MxPhauCdk-CEo8UX9OQDm7tSfDncaT2GRwlOefX_b_t5H-mlVy0H6EI4xDnsx56FP6-CFMLp_c0av28RmPN8AE_uWY-80DkgUECAQYAZIFBAgFGASgBmaAB4bQ0SyoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxClONIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSNodHRwczovL3d3dy5iZXRyaWVic2VpbnJpY2h0dW5nLmRlL4AKAcgLAaIMCCoGCgTDsLEC2BMKiBQB0BUBmBYBgBcBshccChoIABIUcHViLTIzNzU5NzM5OTAwMjM4NzMYAA&sigh=gRDKVtY70oU&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW6URowsg_vAM7on50zAsW_5cJl8keemOi3JyWpTOEJ850DQLCKcDO_CKQRSutYqkUYls12nDWGAE&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221040932657961982265%22,%22debug_reporting%22:true,%22destination%22:%22https://betriebseinrichtung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980129762%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217967639611164210977%22}&andc=true
Request Chain 172
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 182
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFuS1bf7wo6BRjY3leI-By4&google_cver=1&google_push=AXcoOmQ47vWioH_6-5RSMcGZKxVNWSHPqb3CHiTUtYYfE_LFYgx4r8R5RYC0zp0kTLh5Ndyln3oeTY3TO0KItiLJGHeIBSg26SC1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ47vWioH_6-5RSMcGZKxVNWSHPqb3CHiTUtYYfE_LFYgx4r8R5RYC0zp0kTLh5Ndyln3oeTY3TO0KItiLJGHeIBSg26SC1&google_hm=EaCUoLeeurHx-pJb9BHXBg
Request Chain 184
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOPypHTdM9i3IZrGCZxHQh0&google_cver=1&google_push=AXcoOmRx-cy-vwjLg49Ev787v8oapsDi-DL_QkQCjeLepYCFmy-gnlmvLsqsFxGrnbktvnCXjkaunyZEEduA8YqueeK_SX2Jz9k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRx-cy-vwjLg49Ev787v8oapsDi-DL_QkQCjeLepYCFmy-gnlmvLsqsFxGrnbktvnCXjkaunyZEEduA8YqueeK_SX2Jz9k
Request Chain 185
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA1JhE9Je3VYxUfhcPMwF1I&google_cver=1&google_push=AXcoOmRNQqq2fpL4yEMb8QucrtDwTsrOwcpfJZ75Z6F-xDy95PPFUr1vZEU3FlYI7PEjxMSawhdXEguTM2B9iM2cP6gPocVExi0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRNQqq2fpL4yEMb8QucrtDwTsrOwcpfJZ75Z6F-xDy95PPFUr1vZEU3FlYI7PEjxMSawhdXEguTM2B9iM2cP6gPocVExi0&google_hm=TAD9DL1ZTfuBtmvInXSKJYQ
Request Chain 186
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFppQzzwLglxGmf96b7w1yM&google_cver=1&google_push=AXcoOmRj3N0OMabpqGaX93yCttQe4wV4e4brNEk70H2sXn8vYZqiotoUlJvH5v4H0BLtoPgzSHxFqjZXio1lpwE3t3unVU4oYrnW HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmRj3N0OMabpqGaX93yCttQe4wV4e4brNEk70H2sXn8vYZqiotoUlJvH5v4H0BLtoPgzSHxFqjZXio1lpwE3t3unVU4oYrnW
Request Chain 187
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBPwAemNrvsbYbN3f6wioVI&google_cver=1&google_push=AXcoOmQFUgu7kNDYmacuTqQ2PqZqDZ1pf1IGfjvgK7gVjvTOX2142aewu5_wk2ptVZoonJyzouAiTO7zgNxbeEej-f-ddS8pTQsd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFUgu7kNDYmacuTqQ2PqZqDZ1pf1IGfjvgK7gVjvTOX2142aewu5_wk2ptVZoonJyzouAiTO7zgNxbeEej-f-ddS8pTQsd&google_hm=eS1yeTJFbXUxRTJwSHVzVGZTLkt0Z2ZsYnJKTGZ2b2pZNX5B
Request Chain 190
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CTC31TI_ZZJrzLJqWygWWrYF4i6LrhG3HnKfi6w-2zN3VxQEQASDrteB4YJWCgICYB6ABktni0gPIAQGpAqg9X-FuXrI-qAMByAPLBKoE5AFP0KfC_4R0Tmxp5hV3hnfDYACv6n2bqEqBV8KPfdJ0VUJ5hAUV_JmTsfdKLXv4Q09_pggTaal3vB019FFIUV2kQThE-DZ44YfaHoUa9_ncR7-XMEsK_sq-PfThiPaN99QZIGQxty4jPjIl7MApEy7c-ghn_PYLlsgCfyXFMcSJePFSsVJIsKSBT_GKRRfiCfMUVzrFHByjXD0O4YPjO_16emMNR2Gh5tEBVFonPP_3yOtzO0hI2wh1JL-4q0nlWs2Pl_yeFIusHooND8A8OfCNm6DI_fqFm5eEsBMjKVUqlc14bsrABNGH2ZS5A5IFBAgEGAGSBQQIBRgEgAfWpp0tqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQzjXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk6aHR0cHM6Ly93d3cud2hpdGVzdGFyeWFjaHRpbmcuY29tL3NraXBwZXJ0cmFpbmluZy1ib2RlbnNlZYAKAcgLAaIMCCoGCgTDsLEC2BMK0BUBmBYBgBcBshccChoIABIUcHViLTIzNzU5NzM5OTAwMjM4NzMYAA&sigh=_IlomLEKOv8&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWWugZhLUMBwLz70FVKp4Av0pVvvS5dod_cXksUzVend6RQnCHipi2G4are_6NOU5xqbxdYt-mGAE&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217264247331370083329%22,%22debug_reporting%22:true,%22destination%22:%22https://whitestaryachting.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22978889874%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216869866802751826193%22}&andc=true
Request Chain 192
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 210
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIeXu5eL24ADFbyC_Qcd8I0IoA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Request Chain 219
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COGZu5eL24ADFaHDEQgdXJkCMQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081404195887866190123X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023081404195887866190123X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

317 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.edumails.cn/ 		38 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
c7a429e9c99b672aea4e65ce1284fee227f3d51f5019709846739de0d357680b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 02:19:55 GMT
link
<https://www.edumails.cn/wp-json/>; rel="https://api.w.org/"
server
marco/2.20
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
S.mix-hz-fdi1-214, T.214.D, V.mix-hz-fdi1-214, T.137.D, M.ctn-sd-ynt8-137
x-m-log
QNM:jjh1902;SRCPROXY:jjh1501;SRC:521;SRCPROXY:522;QNM3:536
x-m-reqid
QAQAANI97BB6HnsX
x-qnm-cache
Miss
x-request-id
78b806950ede2f4cca29d5cc1b594135
x-source
C/200
style.min.css
www.edumails.cn/wp-includes/css/dist/block-library/ 		79 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-includes/css/dist/block-library/style.min.css?ver=5.8.7
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-215, T.215.H, V.mix-hz-fdi1-213, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
2514676
x-source
C/200
x-m-reqid
Iq0AABL6-5tkL3IX
x-request-id
a90d3f17887fe0c14e7eac888d09bfaa; a18d6f490cd7ca9fb70aca7c6ddabd91
x-m-log
QNM:jjh2396;QNM3
last-modified
Sun, 12 Sep 2021 00:14:00 GMT
server
marco/2.20
etag
W/"613d4648-13abe"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Wed, 09 Aug 2023 18:56:36 GMT
style.css
www.edumails.cn/wp-content/themes/dux/ 		119 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/style.css?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
2902900dfe115af0a53cc225241370eabccd4f81d545b3b8a2aaad3ecfb30db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-215, T.215.M, V.mix-hz-fdi1-215, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
1781911
x-source
C/200
x-m-reqid
DgcAAHW5-9_WyXQX
x-request-id
2983f9000e58ffcdbdf4de00b17ad4b4; 0a839b2cf690019b712c93a5475e29c0
x-m-log
QNM:jjh1507;SRCPROXY:jjh1495;SRC:18/304;SRCPROXY:18/304;QNM3:28
last-modified
Tue, 01 Nov 2022 09:58:23 GMT
server
marco/2.20
etag
W/"6360edbf-1dba7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
x-qnm-cache
Validate,Hit
expires
Wed, 23 Aug 2023 11:21:24 GMT
style.css
www.edumails.cn/wp-content/plugins/WordPress%E9%97%AE%E7%AD%94%E6%8F%92%E4%BB%B6QAPress%20v2.3.1/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/plugins/WordPress%E9%97%AE%E7%AD%94%E6%8F%92%E4%BB%B6QAPress%20v2.3.1/css/style.css?ver=2.3.1
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
cec5973fbaf1f79188fd106396a7e2572885e34b4ec287e382b3a1eb3b12d3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-215, T.215.M, V.mix-hz-fdi1-215, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
841996
x-source
C/200
x-m-reqid
a2MAAM2zj-SvIHgX
x-request-id
bb354cc9efc16eb65b1297a08d9654a5; 5ab76d3388bb637f9089a190489c0e20
x-m-log
QNM:xs449;QNM3
last-modified
Mon, 05 Jun 2023 10:22:27 GMT
server
marco/2.20
etag
W/"647db763-36fb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Sun, 27 Aug 2023 13:08:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
778af4ba34e05e9dce92d432047da33d1d13bee10e04c76a593c8305b241f307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51328
x-xss-protection
0
server
cafe
etag
10381854472461163774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2375973990023873
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53fd038bdf6ed297c93ab55b44d2daf87f37b068b244208ab05f38c529f6ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Origin
https://www.edumails.cn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51342
x-xss-protection
0
server
cafe
etag
15973506389454521620
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:55 GMT
a595cd1a7a7bbe0.png
www.edumails.cn/wp-content/uploads/2020/04/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.edumails.cn/wp-content/uploads/2020/04/a595cd1a7a7bbe0.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
60dbe421a600a50b5ed5555c5b5bba8e53caac12a108cc6aecdf8f3410fcbaae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-214, T.214.M, V.mix-hz-fdi1-217, T.137.H, M.ctn-sd-ynt8-137
age
1403354
x-source
C/200
content-length
47721
x-m-reqid
TgwAAHDFgYIiInYX
x-request-id
b1b12499385103161e99994208f025e6; 10a769e35366524b7b125ea241c2459d
x-m-log
QNM:jjh1910;QNM3
last-modified
Thu, 02 Apr 2020 10:04:20 GMT
server
marco/2.20
etag
"5e85b8a4-ba69"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-qnm-cache
Hit
expires
Tue, 01 Aug 2023 10:42:47 GMT
thumbnail.png
www.edumails.cn/wp-content/themes/dux/assets/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/img/thumbnail.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
bd81f93661b676fa6a7b3d1a56387dab9bf296eb02e8a88747340301a2f8830b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-213, T.213.H, V.mix-hz-fdi1-216, T.137.H, M.ctn-sd-ynt8-137
age
1528092
x-source
C/200
content-length
7715
x-m-reqid
yy8AAIFZ0pmvsHUX
x-request-id
f1cf649bfb2eadc9d8631bd44f6f7207; 2adb0d7c549e2f235afea8667dc77f52
x-m-log
QNM:jjh1906;QNM3:20
last-modified
Tue, 01 Nov 2022 09:58:34 GMT
server
marco/2.20
etag
"6360edca-1e23"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-qnm-cache
Hit
expires
Mon, 14 Aug 2023 01:56:00 GMT
avatar-default.png
www.edumails.cn/wp-content/themes/dux/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/img/avatar-default.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
c1a85c65cbfa0f7eb6cc2aa3f8def24ccd34621915230a83a69e17e2cf53ad5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
T.217.M, V.mix-hz-fdi1-217, T.137.H, M.ctn-sd-ynt8-137
age
1382307
x-source
C/200
content-length
8535
x-m-reqid
61QAAKjDJkKH-WwX
x-request-id
83ef1807edbd53c6f386b9240228d72d; 6f65e8695e22736f42cfa1c50d199a8d
x-m-log
QNM:xs476;SRCPROXY:xs1751;SRC:25;SRCPROXY:25;QNM3:26
last-modified
Tue, 01 Nov 2022 09:58:32 GMT
server
marco/2.20
etag
"6360edc8-2157"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
x-qnm-cache
Miss
expires
Mon, 28 Aug 2023 02:21:28 GMT
jquery.min.js
www.edumails.cn/wp-content/themes/dux/assets/js/libs/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/js/libs/jquery.min.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
e8a7ca0472134b046f8de7b0e4f6acbba3f02408643e48b568ed30b35fb7f535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-216, T.216.M, V.mix-hz-fdi1-217, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
1403354
x-source
C/200
x-m-reqid
Mo0AABd3lnciInYX
x-request-id
1cd22194ad0ef3eb9cc72eb245719f63; f2af3e80701844263f919a2a713bd952
x-m-log
QNM:jjh1833;QNM3:25
last-modified
Tue, 01 Nov 2022 09:58:41 GMT
server
marco/2.20
etag
W/"6360edd1-18501"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Fri, 04 Aug 2023 00:57:45 GMT
loader.js
www.edumails.cn/wp-content/themes/dux/assets/js/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/js/loader.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
df7859f3a26b13b71058413c49ec8fdcee956f99405c790219ebc7da93cf87c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-213, T.213.M, V.mix-hz-fdi1-213, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
1394506
x-source
C/200
x-m-reqid
wosAAJnkom0uKnYX
x-request-id
c0488457811898a03d642e370a72fe9b; bbe7d33b686d64d97fb17b965f8f95d4
x-m-log
QNM:xs1167;QNM3:26
last-modified
Tue, 01 Nov 2022 09:58:35 GMT
server
marco/2.20
etag
W/"6360edcb-3bb4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Fri, 11 Aug 2023 14:14:56 GMT
scripts.min.js
www.edumails.cn/wp-content/plugins/WordPress%E9%97%AE%E7%AD%94%E6%8F%92%E4%BB%B6QAPress%20v2.3.1/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/plugins/WordPress%E9%97%AE%E7%AD%94%E6%8F%92%E4%BB%B6QAPress%20v2.3.1/js/scripts.min.js?ver=2.3.1
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
12f875607a19eab38744b3ce2e1a7a25051e3e31b8dc1f6ca9aa5a65c92874b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-216, T.216.M, V.mix-hz-fdi1-213, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
841995
x-source
C/200
x-m-reqid
hVYAAL2ineevIHgX
x-request-id
6fd773cfddaf157f61ba069118cc8db2; b4d18717142d199ac3fd38f864f9fbdf
x-m-log
QNM:jjh1874;QNM3:55
last-modified
Mon, 05 Jun 2023 10:22:27 GMT
server
marco/2.20
etag
W/"647db763-332c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Mon, 07 Aug 2023 06:51:41 GMT
wp-embed.min.js
www.edumails.cn/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-includes/js/wp-embed.min.js?ver=5.8.7
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-217, T.217.H, V.mix-hz-fdi1-215, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
2514676
x-source
C/200
x-m-reqid
D58AAOf5dKBkL3IX
x-request-id
df9690f8332c1bf4a264cd98ce3f12ed; 25ac0024681fae1ddb321b958f1e28ae
x-m-log
QNM:jjh1911;QNM3:7
last-modified
Wed, 17 May 2023 01:48:00 GMT
server
marco/2.20
etag
W/"64643250-5c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Sun, 16 Jul 2023 00:48:25 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?911ff1035540bbb86890f5769c5b0352
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c34cfbaaab089d3084733f1874dd554af4eb8f850b727232180db5828dfc6699
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:19:57 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
0818a8bdfdc521e645bddc75c9d50534
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11259
warbler-front.js
www.yingyuchat.com/static/js/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/warbler-front.js
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
493bc4f35c3ae08375b2cfab371846d2b42e7d2247a62a16817399c7dc4bd466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 10:21:38 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:20:56 GMT
iconfont.woff2
www.edumails.cn/wp-content/themes/dux/assets/fonts/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/fonts/iconfont.woff2?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/wp-content/themes/dux/style.css?ver=8.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
cadf66d0cc5f8593a7ab58766ae932a4b49121ef075b8dc176ca51bbf640e8db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.edumails.cn/wp-content/themes/dux/style.css?ver=8.0
Origin
https://www.edumails.cn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-213, T.213.M, V.mix-hz-fdi1-215, T.137.H, M.ctn-sd-ynt8-137
age
192347
x-source
C/200
content-length
5532
x-m-reqid
1mMAAIygC-CJb3oX
x-request-id
916e98aa799200df2083995d3776d002; ce65ca2b69bb3bda9dc9ce6e939d3e3e
x-m-log
QNM:jjh1906;SRCPROXY:jjh1501;SRC:16/304;SRCPROXY:16/304;QNM3:44
last-modified
Tue, 01 Nov 2022 09:58:31 GMT
server
marco/2.20
etag
"6360edc7-159c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
x-qnm-cache
Validate,Hit
expires
Sat, 19 Aug 2023 20:54:08 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 		372 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2375973990023873
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc49effa73378d7f10747fb819e24965c38f783adbbc2246bd833f56600daa88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128607
x-xss-protection
0
server
cafe
etag
6282122410123947356
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 1CFB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2375973990023873
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:24:45 GMT
etag
12368291122986407432
expires
Mon, 28 Aug 2023 01:24:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.js
www.edumails.cn/wp-content/themes/dux/assets/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/js/main.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/wp-content/themes/dux/assets/js/loader.js?ver=8.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
e2a4fe27251e9804ca30c7035f20284ae1b8e1f5b2c8bdf4c00d2a49f7b343d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-216, T.216.H, V.mix-hz-fdi1-215, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
1398261
x-source
C/200
x-m-reqid
STYAADNwQl_EJnYX
x-request-id
277a26061db807089a8bc462452470ea; 8eaa06f42a0fa6aeaf7ec8e62d2d8227
x-m-log
QNM:jjh1503;SRCPROXY:jjh1496;SRC:16/304;SRCPROXY:17/304;QNM3:46
last-modified
Tue, 01 Nov 2022 09:58:35 GMT
server
marco/2.20
etag
W/"6360edcb-535d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Validate,Hit
expires
Sun, 27 Aug 2023 21:55:35 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.edumails.cn&callback=_gfp_s_&client=ca-pub-2375973990023873
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4aeb83c0cdfe7e54adf7eb5340f4ec89d9a45c0686de5058657c8581a5a838da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 24C0 		420 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&adk=1812271804&adf=3025194257&lmt=1691972396&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fwww.edumails.cn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979595894&bpp=5&bdt=538&idt=107&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1272379635124&frm=20&pv=2&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc1e99d07640dcec705790315e2f13b1156c5c80ad28803297b39d38d50b6ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
72332
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:56 GMT
expires
Mon, 14 Aug 2023 02:19:56 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
swiper.min.js
www.edumails.cn/wp-content/themes/dux/assets/js/libs/ 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/js/libs/swiper.min.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/wp-content/themes/dux/assets/js/loader.js?ver=8.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
b07df23697cf1de3e1d1f592726c3615683f688748f98ba6047b58b793db8c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-214, T.214.H, V.mix-hz-fdi1-216, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
1462506
x-source
C/200
x-m-reqid
gxsAALHk0UxW7HUX
x-request-id
7e468f0eb3be55aa77f7e3f5455143cb; c57161561130b5e061558a2a32d29ce5
x-m-log
QNM:xs1182;QNM3:31
last-modified
Tue, 01 Nov 2022 09:58:42 GMT
server
marco/2.20
etag
W/"6360edd2-1f3a1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Fri, 11 Aug 2023 05:15:40 GMT
ias.min.js
www.edumails.cn/wp-content/themes/dux/assets/js/libs/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/js/libs/ias.min.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/wp-content/themes/dux/assets/js/loader.js?ver=8.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
0412354adfbdf46cc72f1c7ed9b81b57ced8e93ea5644f968202017894e7f19c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-214, T.214.M, V.mix-hz-fdi1-216, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
1781448
x-source
C/200
x-m-reqid
ujwAANmfjbpCynQX
x-request-id
84d15b4ce7869348d1a859783924942e; f4c9a161eb6ee02eedbd6cd45c25b423
x-m-log
QNM:jjh1876;QNM3:10
last-modified
Tue, 01 Nov 2022 09:58:41 GMT
server
marco/2.20
etag
W/"6360edd1-13ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Tue, 08 Aug 2023 06:35:29 GMT
lazyload.min.js
www.edumails.cn/wp-content/themes/dux/assets/js/libs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/js/libs/lazyload.min.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/wp-content/themes/dux/assets/js/loader.js?ver=8.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
871f68480c1f8bcd4a4ba3807c21b55d967f77609828191b8abd4e39fe2a7725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
via
S.mix-hz-fdi1-216, T.216.M, V.mix-hz-fdi1-214, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
strict-transport-security
max-age=31536000
age
1404579
x-source
C/200
x-m-reqid
SYsAAOvt25gFIXYX
x-request-id
60c8743a6bd2c01a9227c9cd43533f05; 49f816d41d9ab1a46dff4e7f70f8c352
x-m-log
QNM:jjh1509;SRCPROXY:jjh1535;SRC:78;SRCPROXY:78;QNM3:79
last-modified
Tue, 01 Nov 2022 09:58:42 GMT
server
marco/2.20
etag
W/"6360edd2-fe9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Miss
expires
Sun, 27 Aug 2023 20:10:18 GMT
jquery.cookie.min.js
www.edumails.cn/wp-content/themes/dux/assets/js/libs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.edumails.cn/wp-content/themes/dux/assets/js/libs/jquery.cookie.min.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/wp-content/themes/dux/assets/js/loader.js?ver=8.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
d8f416d1eaba66983deb862a842a1d11d7e94df04a0222900b3519c201495e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-214, T.214.H, V.mix-hz-fdi1-217, T.137.H, M.ctn-sd-ynt8-137
content-encoding
br
age
1429886
x-source
C/200
x-m-reqid
8QkAALjrGokBCnYX
x-request-id
45f3ff53f847c63ab8e0b0ec12740f2e; 0825235dc8a573794e27069ca1d366e2
x-m-log
QNM:xs471;QNM3:4
last-modified
Tue, 01 Nov 2022 09:58:41 GMT
server
marco/2.20
etag
W/"6360edd1-918"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-qnm-cache
Hit
expires
Fri, 11 Aug 2023 14:14:57 GMT
TCaptcha.js
ssl.captcha.qq.com/ 		79 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.captcha.qq.com/TCaptcha.js?ver=8.0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/wp-content/themes/dux/assets/js/loader.js?ver=8.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2409:8c54:1040:9::120 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Trpc httpd, tencent http server /
Resource Hash
1c8ca55b35a56205ca7aad436341b3ebed9fe786402b8709a29d98e72461138b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:19:57 GMT
Server
Trpc httpd, tencent http server
P3P
CP=CAO PSA OUR
Content-Type
text/javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81311
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b016d52f088b0a59dce32faecd32958e9cde6d75abd089111cdde83685efd41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53701
x-xss-protection
0
server
cafe
etag
14370607814604864934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:56 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0747 		45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96a708798be8bc0bdcf8a18e51a56e5cb3ed5d01c50dc7e4664411bd08596ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16772
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
Mon, 14 Aug 2023 02:19:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DCAA 		45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5643343b540ad3319b62dc95149945a275b9c89cde19c5dcb377ef66ed27f69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16635
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
Mon, 14 Aug 2023 02:19:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AA33 		116 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1933657c21788ad185a3a7d94e94e92f14fc03bed6e6d55abc30115932978815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
Mon, 14 Aug 2023 02:19:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 489E 		116 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9da9fdc75d27da69760815e397be92fb3def8a714b72185a1d9ed9c2d67429d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42157
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
Mon, 14 Aug 2023 02:19:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 6EFE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:02:56 GMT
etag
12368291122986407432
expires
Mon, 28 Aug 2023 01:02:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame AE02 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:02:56 GMT
etag
12368291122986407432
expires
Mon, 28 Aug 2023 01:02:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame E9C3 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2375973990023873&plah=www.edumails.cn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:02:56 GMT
etag
12368291122986407432
expires
Mon, 28 Aug 2023 01:02:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Responsive_listing.html
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 8027 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
1016
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:34:41 GMT
etag
11900953634711111692
expires
Mon, 14 Aug 2023 06:34:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 6EFE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 05:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
74298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 05:41:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 27AD 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 6EFE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 6EFE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 07:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
67828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 07:29:28 GMT
Responsive_listing.html
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame D0B8 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71115
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
1016
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 06:34:41 GMT
etag
11900953634711111692
expires
Mon, 14 Aug 2023 06:34:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame AE02 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 05:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
74298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 05:41:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3948 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame AE02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame AE02 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 07:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
67828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 07:29:28 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0FAB 		160 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3df6de3d7fa4dcf2256244f1891c553a1df4d0d50c15b2290919536da02fb170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:56 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=FHlGCMRg5hgT99BU2g9csoQ-V8uHfzTBmPe-_6MMfEHSg1X_1PFDAHa-W8irTszDY4dUvsbNnSjG4Crr4QUoukhIgu2zCPDscNpUTIN7qJiFbcJQgfcGg-SidKHyptSFOQ-YCcJvx4G5X9c4MzXOGCoo_8TTQXuKOoQDfk2J54aWaeCwHZJRswwVOlZSA2c6jmO3X1apwX-Fh2KfPgoWONmnMDOJ3uBDqbHQBD3ZGYXoyAAee7vTOU5lhgJvsR5J8Zb_2A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
49145821
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E9C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame E9C3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 07:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
67828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 07:29:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9C3 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:56 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 27AD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:56 GMT
expires
Mon, 14 Aug 2023 02:19:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:56 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3948
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:56 GMT
expires
Mon, 14 Aug 2023 02:19:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:56 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EFE 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AE02 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:56 GMT
Configurable_01_122.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8027 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:56:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
69802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25356
x-xss-protection
0
server
cafe
etag
15511454539072389427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 06:56:34 GMT
Responsive_listing.js
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 8027 		199 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 11:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
52550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66166
x-xss-protection
0
server
cafe
etag
5199203132765013944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 11:44:06 GMT
Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 8027 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
70390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1758
x-xss-protection
0
server
cafe
etag
15825927903621683888
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 06:46:46 GMT
Configurable_01_122.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D0B8 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:56:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
69802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25356
x-xss-protection
0
server
cafe
etag
15511454539072389427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 06:56:34 GMT
Responsive_listing.js
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame D0B8 		199 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 11:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
52550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66166
x-xss-protection
0
server
cafe
etag
5199203132765013944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 11:44:06 GMT
Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame D0B8 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
70390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1758
x-xss-protection
0
server
cafe
etag
15825927903621683888
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 06:46:46 GMT
truncated
/ Frame E9C3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbc3f1f126d058423a9315641efbe40f0e85a23fccc9f63890fff56ab10578ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8027 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 19:42:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 19:42:25 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0FAB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 02:19:57 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0FAB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 02:19:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0FAB 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 08 Aug 2024 02:19:57 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0FAB 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 08 Aug 2024 02:19:57 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0FAB 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Cxb_FHsnO68UYrYiDu2RaQt1qczqL6gPVP6dbfPU4C_xsB0l-g3SmzYsbcQlzrvewZHdCJg5eh2E4unjlI2q8sTFBwiChF3qST2xjErrLnGL8yliS0JqWWDOEMFb_ghjSnn_Y-jF0hh0VrBKBOYDfVOtGuDMrDl-N4d43LGfORaUEZPiSe_496C7RxIRP3iVdSBEPoEgjJmdCYPxez_s6uFn1ZvbWf-nMdj6_okvvAw_Hy1Bv7eMPU-S3pJgxcaxtf3W0Qebg9JH60JIS_NOfUtwfVXVKMxdpH0IxVJw3h78GOBRb-_AMN-J8aiB1IkZciB3vyAaGq3TnuOufWmfkg_4_C-JxnLsiBHdqI95tIC_NCfwd3ReOJHgbn6kiwtCZohotQ11xwpPjCeopzdE4YkHxWzSzs2-xs8HexN60zWAzTHnnXSlTs3M0oRiMmVtF9bboytRic42WeEIaIx0n-fINo8
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1836178
expires
Mon, 26 Jul 1997 05:00:00 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D0B8 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 19:42:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 14 Aug 2023 19:42:25 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 0FAB 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 02:19:57 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 0FAB 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 02:19:57 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0FAB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2090149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUMxydvm6Ih%2FV34Ey%2BDZNC2rZSbaGaEEhbGtkliQTlgJe0otViOCoJ9NAEu3p4ilGNVCIiLF%2B%2BK1AQG32ODkHHCvhto%2FFyK60d2MqyFZLAKFtou%2BgYgzwlJeuLzBgnciR6a7QFIBJcUBE7GXwJ9X7kM0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f65b7427fd6996c-FRA
expires
Sat, 03 Aug 2024 02:19:57 GMT
animejs.js
static.criteo.net/animejs/ Frame 0FAB 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 02:19:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame 0FAB 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&s=Ackyfm9upFnGEXtt_9SCLcID
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
3552
expires
Thu, 01 Aug 2024 13:27:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 0FAB 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4837267%2Fd2f99b26a5134d288032a3a72fddcdbe_img_horizontal_1.jpg&v=3&w=1200&s=e7LatTMD_Oe6F9snv6g6JSbH
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e18f6a7c2d05889a7f2b3ce54cda384cf39404abb214dab450253037e57af2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
33034
expires
Mon, 05 Aug 2024 07:38:22 GMT
img
imageproxy.eu.criteo.net/img/ Frame 0FAB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1686085205%2F23095720-HCXXgSAU.jpg&v=3&w=800&s=5uyGgejSaftO3kRfXnHKb7JR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
52da3b43712f9b1c872003b37bb4be42e623f429e9a0fe4cb3b5f6a2a97799a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
14062
expires
Fri, 18 Aug 2023 07:37:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 0FAB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=LMbwVQqqZkIT_OqRJg0FwumN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
1366
expires
Thu, 01 Aug 2024 18:19:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame 0FAB 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21173641-p3TlLIDx.jpg&v=3&w=800&s=XCPQ7HaOOYsHJMhCQh9oQMra&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a7ee1a92010322c6ba06ad1769bb2f6fcda5b4969677dc6efe2ec0ed32eb5e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
29050
expires
Wed, 16 Aug 2023 19:25:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 0FAB 		361 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=u4d8gANmsyX95m5QENytTHgL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
361
expires
Mon, 29 Jul 2024 20:21:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame 0FAB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19261789-v1A0MmnN.jpg&v=3&w=800&s=KTuXsNzfH3qKk3u-f9ysbzxc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dd26dc0ba98277ba6a29a3ff3b785fae04720bcdf0f955afe1012d78d802cfb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
content-length
25478
expires
Thu, 17 Aug 2023 20:09:25 GMT
all
csm.eu.criteo.net/ Frame 0FAB 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=FHlGCMRg5hgT99BU2g9csoQ-V8uHfzTBmPe-_6MMfEHSg1X_1PFDAHa-W8irTszDY4dUvsbNnSjG4Crr4QUoukhIgu2zCPDscNpUTIN7qJiFbcJQgfcGg-SidKHyptSFOQ-YCcJvx4G5X9c4MzXOGCoo_8TTQXuKOoQDfk2J54aWaeCwHZJRswwVOlZSA2c6jmO3X1apwX-Fh2KfPgoWONmnMDOJ3uBDqbHQBD3ZGYXoyAAee7vTOU5lhgJvsR5J8Zb_2A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0FAB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 02:19:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0FAB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 02:19:57 GMT
dr
as.ad4m.at/ad/ Frame 1C87 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h73fvtjamcm3k01nab4fnmchdddb7r6ntc6r9h614v8wxqg1rjmmqdmytnfg3n3yjj7v3xk6tpzs2nygngbyavcqf5tmahjke406chy0azj32szm4fhtzm0dxdzzs8tdzxpcdhd0gzbm6mhre9n3ar7hbkkze29cq9g3jed6gnjmffb24scn896x52rtzcm40f19mzvctq6f724sgb1rhj6vz0m74aw7hngsxn21s1czvgk2yk6sy0ms13dgxwvvdakz92edj3t0q2959ggv76yx3kwjmp69s9g86ym7g5n076p7g4kh4dxca57ezt7nqrhgtcpkb6xpyk3p3cbn2gtkk96rd3e5a94t4aewnp5s51az56rtszp2dsyxnm5jck3rer7vx4ze5c1jc68dfrjdbcmb4yg8wjmxta36jmxwy0dv4spgtae63ygmh5t56p8e2tnzy7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%26client%3Dca-pub-2375973990023873%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4576653c32a1124e0f1cef8995767a2e75dcb97852f7db9eec8691bcdacf8597
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f65b7430a5c9128-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 379B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C1BE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Mon, 14 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 379B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 07:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
67829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 07:29:28 GMT
l
www.google.com/ads/measurement/ Frame 379B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfkfAmXs9CKULEk1hXzfQqg8DURPWh238Pyof92ygO8d9myHELh90xqEtktaYRzznPJFqPMoq-QcvhL84q-qmZfdmOzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 379B 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:57 GMT
12e0c0bbc282de0324fc2c716af124fb.js
www.gstatic.com/mysidia/ Frame AA33 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3920
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 13:58:53 GMT
17b11504dbe358eca20ea232cf228787.js
www.gstatic.com/mysidia/ Frame AA33 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/17b11504dbe358eca20ea232cf228787.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4169
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 21:00:48 GMT
css
fonts.googleapis.com/ Frame AA33 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 00:28:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 02:19:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame AA33 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 05:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
74300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 05:41:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame AA33 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 05:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
74299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 05:41:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame AA33 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame AA33 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 07:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
67829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 07:29:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA33 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:57 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame AA33 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 07:16:49 GMT
dr
as.ad4m.at/ad/ Frame C2D6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g3k83tht687vb174e491v22nrcy7ze57yrvb9jkspmn0tqa6av3wwfa4w0x2793710mz9rdys9jwtxdbd618akv16vmdvg6g4y37xtzzn7w3td1jdszkc0ry84g0j546qpg6wmzs4xcs3th7jdze6deywy4g8qf8q9md4ebc9e2k98nt1m9qbchkhyhsdnjrswtgzq0k0cawkrkadqj2g6qvd02f63n8w7rpg9bz90xnpga029xjfc5xghnzhm30z3hj59c7zvxwzk2c69f2wc2afhr2ztz46wz93fdpmcseq6ka2p4b9359p3y9dnx9151xb8tay5bhj27qs3dkbgf34sh9a6gdprh097pyghyw9086dkqptsq8djpkpgphkqhezt5cys262f60qx2rzdy6vwjptgtsyq295ydcq1xx4q0sh8wre99apqxa7r14sd3tcj1h42g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b320720004b62b418ffdd97f0e559316c1e5a57fd2fe2245b8a1431aeb3afcf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f65b7430a609128-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame ECBB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4A99 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Mon, 14 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame ECBB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 07:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
67829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 07:29:28 GMT
l
www.google.com/ads/measurement/ Frame ECBB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpdn-xBiVrmlCr8qASCgwSUNKcZMq0-GNU4-NCruX1LHyaVYrAE58o3_471rSGA01bsoDeaJGgaVJ8XGFopHBhjYoEHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECBB 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:57 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C1BE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB8MIkQCSyIlVOhZVFTn-4w&google_cver=1&google_push=AXcoOmTTizijqJxBsuCA0IlJy28yxhMgNx0eNwZ97qZcf-0wZPC9Iik_dA6595ipvefTKVmG3okUlDup55JiT2BUWeOiaEYDOnXO0Q
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzM2OTAxNTA5ODE0NjgzNDY1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELEDIEpxG2AK0NNe88btu4A&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELEDIEpxG2AK0NNe88btu4A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 02:19:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELEDIEpxG2AK0NNe88btu4A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C1BE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFRDQkJJclIxUXZuYnY1&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&google_cver=1&google_push=AXcoOmT5BSf7ThwhZa6HoT5UzAybs5HHffXFsgulOg_ImKt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFRDQkJJclIxUXZuYnY1&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&google_cver=1&google_push=AXcoOmT5BSf7ThwhZa6HoT5UzAybs5HHffXFsgulOg_ImKt4BiIlhrQWh9mZd0saikG07YI33iYRAd4oYLd9pcjrDbpeBrvz0sl1Gg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 02:19:56 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFRDQkJJclIxUXZuYnY1&google_gid=CAESEAnLCo-t1okVHmbL3aPQx4E&google_cver=1&google_push=AXcoOmT5BSf7ThwhZa6HoT5UzAybs5HHffXFsgulOg_ImKt4BiIlhrQWh9mZd0saikG07YI33iYRAd4oYLd9pcjrDbpeBrvz0sl1Gg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame C1BE 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEClHEmobz8TDGIakd6M68Kc&google_cver=1&google_push=AXcoOmRRVJ2laP0ylrm19zA8KD5zqVzoHw6RFp5z3iouC4ae_6BXJYuKsYuhlIr8-q6LpV0IEFF4hn7BCIxrZYVjlrtwrrwzRAReiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C1BE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMcG99inXTcfmRVS97GrwJw&google_cver=1&google_push=AXcoOmQl647DUs3lkh1GWUQ21PXa7RLkB0y6DSBapF3Bc1hpjc-TGM-n_XOai2bO7qlUyTEztToJg4dHS4e_Jt...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2Njk5NzAzNDYyMTEzOTA4NA%3D%3D&google_push=AXcoOmQl647DUs3lkh1GWUQ21PXa7RLkB0y6DSBapF3Bc1hpjc-TGM-n_XOai2bO7qlUyTEztToJg4dHS4e_JtIKhZ...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2Njk5NzAzNDYyMTEzOTA4NA%3D%3D&google_push=AXcoOmQl647DUs3lkh1GWUQ21PXa7RLkB0y6DSBapF3Bc1hpjc-TGM-n_XOai2bO7qlUyTEztToJg4dHS4e_JtIKhZBzScEDYhlV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2Njk5NzAzNDYyMTEzOTA4NA%3D%3D&google_push=AXcoOmQl647DUs3lkh1GWUQ21PXa7RLkB0y6DSBapF3Bc1hpjc-TGM-n_XOai2bO7qlUyTEztToJg4dHS4e_JtIKhZBzScEDYhlV
Date
Mon, 14 Aug 2023 02:19:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame C1BE 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAdEcBO55AHyGHxABjnHHKs&google_cver=1&google_push=AXcoOmR1tpfNbKbhgcsQYUg5yqTqiQRCYsBZop6YlGYfFSylwi86z8SMauhUcOMy15aowPT6zI5sq6y7hK2MrCdkwYn5qEoquP1lHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.222.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-222-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame C1BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMHDgXqfZp2uynAVkBeTw78&google_cver=1&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1455rz...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMHDgXqfZp2uynAVkBeTw78&google_cver=1&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTgyODYyNzc4NzA5MzczNDc4Mw&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1455...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTgyODYyNzc4NzA5MzczNDc4Mw&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1455rz2OcA7qSVsHTyHMgw20Z2Gg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTgyODYyNzc4NzA5MzczNDc4Mw&google_push=AXcoOmSTqpqws3TE02mg3lsowT4wQovzX7F0OgfwQctOoNJ5NtblX6GpmbvH6p0A5IYGqaG9GT1455rz2OcA7qSVsHTyHMgw20Z2Gg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame C1BE
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGscpO0cOuqb...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQbJXWxrhgMG1ih0ChXL4JSua5tBfJakWg5aISrho5uogwRtLRpXDgqzdmo_2wvOMf3uV3RpZ4t5PVDNjsgvmuAWBzXLKFAig
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 14 Aug 2023 02:19:57 GMT
pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C1BE 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4FRVUJZYaCunOt3WCJZ2TUINw0wJS6G47K1_Vs-WK3hsqfQCPY_J5W4fz643kUm2xrARouw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 8027 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 00:31:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 02:19:57 GMT
truncated
/ Frame 379B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8438ad9201ec2d6834ac773b6f01a6884f74348ff8c65ef13a727c88ad1b5f2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 379B 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClPPNTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTWAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICHkVMR3ByX-Gk8-gTq_yzP-FtjvM2i8noLBFaAebjy2G9zlexDkSABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzc1OTczOTkwMDIzODczGAA&sigh=3CGmoOBaO7o&uach_m=[UACH]&cid=CAQSOwBpAlJW5e0Y7J2AqZuzRqWvdX3-O6iSGK4Exs0TqrgIfPbp3-7HLv-bLzeCZPDnNaeerNmyZSGqO0XEGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 02:19:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 379B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k17rdcxhz6jr41qdjf9wr6z86r6hgr842snk3ehxzm285qthxbamcfn8nyyg2w8qgncs7zyyf1225wgpevzwdrqdhky8tqr5am2e1mv9zkv77pd0f4nt7t7482hpm2c6j2rqdmhexpfjb9pq3rdxat30qvt6q59czwphgc5y88wsbskq20hwf0mnw150t6bttepfkdg8dtj8ynt49h7knsbepvne02xwz4tqzqz48cpwyzgxxzdwsjmw8wvw9k7becvb6caswe1rfzzs6xdeagtapsjdtjrpf9me8vgzwzgwm85ckjgksv9xcras0zxccnbqb6qcf2bzkksgqbx76te2g4ecb4mqm890b3fn40v6g8vmdcgbtaty1p2vf0hv6d2ywk384ajqt0d&b=ZNmPTAALJRMFkUyjAAxi4A80WIPHpQafi_tEDg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=3571645867&adf=1756222653&pi=t.aa~a.103411126~rp.2&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280&nras=3&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7mvLoW6nbM&p=https%3A//www.edumails.cn&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
truncated
/ Frame ECBB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bad1c96b215238310d50ec76d40e862e41424779d7d74a1ac708ca28c40ea62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
pagead2.googlesyndication.com/bg/ Frame 8027 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Aug 2024 18:53:36 GMT
css
fonts.googleapis.com/ Frame D0B8 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 02:09:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 02:19:57 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame C2D6 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g3k83tht687vb174e491v22nrcy7ze57yrvb9jkspmn0tqa6av3wwfa4w0x2793710mz9rdys9jwtxdbd618akv16vmdvg6g4y37xtzzn7w3td1jdszkc0ry84g0j546qpg6wmzs4xcs3th7jdze6deywy4g8qf8q9md4ebc9e2k98nt1m9qbchkhyhsdnjrswtgzq0k0cawkrkadqj2g6qvd02f63n8w7rpg9bz90xnpga029xjfc5xghnzhm30z3hj59c7zvxwzk2c69f2wc2afhr2ztz46wz93fdpmcseq6ka2p4b9359p3y9dnx9151xb8tay5bhj27qs3dkbgf34sh9a6gdprh097pyghyw9086dkqptsq8djpkpgphkqhezt5cys262f60qx2rzdy6vwjptgtsyq295ydcq1xx4q0sh8wre99apqxa7r14sd3tcj1h42g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g3k83tht687vb174e491v22nrcy7ze57yrvb9jkspmn0tqa6av3wwfa4w0x2793710mz9rdys9jwtxdbd618akv16vmdvg6g4y37xtzzn7w3td1jdszkc0ry84g0j546qpg6wmzs4xcs3th7jdze6deywy4g8qf8q9md4ebc9e2k98nt1m9qbchkhyhsdnjrswtgzq0k0cawkrkadqj2g6qvd02f63n8w7rpg9bz90xnpga029xjfc5xghnzhm30z3hj59c7zvxwzk2c69f2wc2afhr2ztz46wz93fdpmcseq6ka2p4b9359p3y9dnx9151xb8tay5bhj27qs3dkbgf34sh9a6gdprh097pyghyw9086dkqptsq8djpkpgphkqhezt5cys262f60qx2rzdy6vwjptgtsyq295ydcq1xx4q0sh8wre99apqxa7r14sd3tcj1h42g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%26client%3Dca-pub-2375973990023873%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
400008
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avra7JL1ApzR95ByqUm7iY5ub5CkqFmY8C1UNtz3IvbEi%2FHhJbgcGY9uL7fJ%2Fo2npQ7C83D9fDqzxAHkOg3ENTYCC58uqnytUxrkVylbujamNkMJO0BngBG5vR0nWM6jSW9lkedEEYQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f65b743cb089128-FRA
expires
Mon, 14 Aug 2023 03:19:57 GMT
r62eglto.js
ad4m.at/ Frame C2D6 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g3k83tht687vb174e491v22nrcy7ze57yrvb9jkspmn0tqa6av3wwfa4w0x2793710mz9rdys9jwtxdbd618akv16vmdvg6g4y37xtzzn7w3td1jdszkc0ry84g0j546qpg6wmzs4xcs3th7jdze6deywy4g8qf8q9md4ebc9e2k98nt1m9qbchkhyhsdnjrswtgzq0k0cawkrkadqj2g6qvd02f63n8w7rpg9bz90xnpga029xjfc5xghnzhm30z3hj59c7zvxwzk2c69f2wc2afhr2ztz46wz93fdpmcseq6ka2p4b9359p3y9dnx9151xb8tay5bhj27qs3dkbgf34sh9a6gdprh097pyghyw9086dkqptsq8djpkpgphkqhezt5cys262f60qx2rzdy6vwjptgtsyq295ydcq1xx4q0sh8wre99apqxa7r14sd3tcj1h42g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
467371
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9IsV%2FNLrro1NNRQPqWXCdhZ5bHk%2BlWbNV6hFpbk2xpO0XLlhwThnyeoB94uag2AtKtmHXjvzMzgAWT8iDCIjV9RPCTHHh9yVtZS47VpmzqvjwMnQLWlyCoRJmrfAbE0KN4Soq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f65b743db139128-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 16:30:16 GMT
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 1C87 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h73fvtjamcm3k01nab4fnmchdddb7r6ntc6r9h614v8wxqg1rjmmqdmytnfg3n3yjj7v3xk6tpzs2nygngbyavcqf5tmahjke406chy0azj32szm4fhtzm0dxdzzs8tdzxpcdhd0gzbm6mhre9n3ar7hbkkze29cq9g3jed6gnjmffb24scn896x52rtzcm40f19mzvctq6f724sgb1rhj6vz0m74aw7hngsxn21s1czvgk2yk6sy0ms13dgxwvvdakz92edj3t0q2959ggv76yx3kwjmp69s9g86ym7g5n076p7g4kh4dxca57ezt7nqrhgtcpkb6xpyk3p3cbn2gtkk96rd3e5a94t4aewnp5s51az56rtszp2dsyxnm5jck3rer7vx4ze5c1jc68dfrjdbcmb4yg8wjmxta36jmxwy0dv4spgtae63ygmh5t56p8e2tnzy7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h73fvtjamcm3k01nab4fnmchdddb7r6ntc6r9h614v8wxqg1rjmmqdmytnfg3n3yjj7v3xk6tpzs2nygngbyavcqf5tmahjke406chy0azj32szm4fhtzm0dxdzzs8tdzxpcdhd0gzbm6mhre9n3ar7hbkkze29cq9g3jed6gnjmffb24scn896x52rtzcm40f19mzvctq6f724sgb1rhj6vz0m74aw7hngsxn21s1czvgk2yk6sy0ms13dgxwvvdakz92edj3t0q2959ggv76yx3kwjmp69s9g86ym7g5n076p7g4kh4dxca57ezt7nqrhgtcpkb6xpyk3p3cbn2gtkk96rd3e5a94t4aewnp5s51az56rtszp2dsyxnm5jck3rer7vx4ze5c1jc68dfrjdbcmb4yg8wjmxta36jmxwy0dv4spgtae63ygmh5t56p8e2tnzy7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%26client%3Dca-pub-2375973990023873%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
400008
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qpx9POMNJfWreHrm8rFPmuNySLUDlbZb5stoqocyKQkqBZfUl%2Fc4dm4qCdNPMoGfgnR9HJg1%2FoEAz07M2c4HnKh%2BpzcL3h6fUtjYa3QCflLa%2Fpk4AfIuV3LhMBTjnoDMx1wngQzBi9A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f65b7440ed29bdd-FRA
expires
Mon, 14 Aug 2023 03:19:57 GMT
r62eglto.js
ad4m.at/ Frame 1C87 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h73fvtjamcm3k01nab4fnmchdddb7r6ntc6r9h614v8wxqg1rjmmqdmytnfg3n3yjj7v3xk6tpzs2nygngbyavcqf5tmahjke406chy0azj32szm4fhtzm0dxdzzs8tdzxpcdhd0gzbm6mhre9n3ar7hbkkze29cq9g3jed6gnjmffb24scn896x52rtzcm40f19mzvctq6f724sgb1rhj6vz0m74aw7hngsxn21s1czvgk2yk6sy0ms13dgxwvvdakz92edj3t0q2959ggv76yx3kwjmp69s9g86ym7g5n076p7g4kh4dxca57ezt7nqrhgtcpkb6xpyk3p3cbn2gtkk96rd3e5a94t4aewnp5s51az56rtszp2dsyxnm5jck3rer7vx4ze5c1jc68dfrjdbcmb4yg8wjmxta36jmxwy0dv4spgtae63ygmh5t56p8e2tnzy7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
467371
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEuMgiuZgUDe7F66IKSxAI3t1ODXR0ptCPoPNpuZEiq0TA1UiIcrbPLw2Mlp3OVIl1Sk7U%2Fqt2nUvATLl93J5ndWu5fxCMAm0CjvK79vc4Ry3GiNUPaqAOouRuC5zYh4eMoiKZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7f65b7440b299128-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 16:30:16 GMT
CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
pagead2.googlesyndication.com/bg/ Frame D0B8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Aug 2024 18:53:36 GMT
12e0c0bbc282de0324fc2c716af124fb.js
www.gstatic.com/mysidia/ Frame 489E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3920
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 13:58:53 GMT
17b11504dbe358eca20ea232cf228787.js
www.gstatic.com/mysidia/ Frame 489E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/17b11504dbe358eca20ea232cf228787.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4169
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 16:01:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 09 Nov 2023 21:00:48 GMT
css
fonts.googleapis.com/ Frame 489E 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 02:05:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 02:19:57 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 489E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 05:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
74299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 05:41:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 489E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26781
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 18:53:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 489E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 07:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
67829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 07:29:28 GMT
l
www.google.com/ads/measurement/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSw4A8kUio8JM16_zbqNJ9ysbROGwBAi6t9LklACFAt-G79nqR_tOinlybbtHGRf1kt_M25z9ReyWq7BBoM6leHcuonpA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 489E 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 02:19:57 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame 489E 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 07:16:49 GMT
i.match
s.tribalfusion.com/z/ Frame 4A99
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOp0OmNBZ3UB9NNLP8WKLpY&google_cver=1&google_push=AXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOp0OmNBZ3UB9NNLP8WKLpY&google_cver=1&google_push=AXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgp...
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOp0OmNBZ3UB9NNLP8WKLpY&google_cver=1&google_push=AXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f65b746ace2bbfe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
896
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOp0OmNBZ3UB9NNLP8WKLpY&google_cver=1&google_push=AXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8qfBuoPLjZADzFA1eFTPoKN48jA9OfuE0EpRW_pApsAinUiPuOya1SAma4qG-myxAN3TeyZTWE-iNdZxJiNmBD7a2kgpq0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f65b7448ba8bbfe-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4A99
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEITvD38I8kmqcF_Nu9OP6K4&google_cver=1&google_push=AXcoOmRN89cyDPRT6TgvD1fUbJO0jsuqc3-iSJAu_Ro_peF-Q0es8SKs9wMnj92iTv21XRvs9azuXGCZ79CyaF2PB7tOJJbvax2nBzk
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF300C439CDF4E39ACB40DB3D3CC4FA1&google_push=AXcoOmRN89cyDPRT6TgvD1fUbJO0jsuqc3-iSJAu_Ro_peF-Q0es8SKs9wMnj92iTv21XRvs9azuXGCZ79CyaF2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF300C439CDF4E39ACB40DB3D3CC4FA1&google_push=AXcoOmRN89cyDPRT6TgvD1fUbJO0jsuqc3-iSJAu_Ro_peF-Q0es8SKs9wMnj92iTv21XRvs9azuXGCZ79CyaF2PB7tOJJbvax2nBzk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF300C439CDF4E39ACB40DB3D3CC4FA1&google_push=AXcoOmRN89cyDPRT6TgvD1fUbJO0jsuqc3-iSJAu_Ro_peF-Q0es8SKs9wMnj92iTv21XRvs9azuXGCZ79CyaF2PB7tOJJbvax2nBzk
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 13 Aug 2023 02:19:57 GMT
pixel
cm.g.doubleclick.net/ Frame 4A99
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEG0EAwkoa1D3TZfNoiwD2nY&google_cver=1&google_push=AXcoOmQxtr1Dgvv3jc7Nud60JfGeR9aIcpXAZbzOXvX7gfJR0mQn2SQ6GDHnw1221vks101luKW_uHEsArZH13bT...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmQxtr1Dgvv3jc7Nud60JfGeR9aIcpXAZbzOXvX7gfJR0mQn2SQ6GDHnw1221vks101luKW_uHEsArZH13bTFmUKl5s_nV09Uk0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmQxtr1Dgvv3jc7Nud60JfGeR9aIcpXAZbzOXvX7gfJR0mQn2SQ6GDHnw1221vks101luKW_uHEsArZH13bTFmUKl5s_nV09Uk0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 14 Aug 2023 02:19:57 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmQxtr1Dgvv3jc7Nud60JfGeR9aIcpXAZbzOXvX7gfJR0mQn2SQ6GDHnw1221vks101luKW_uHEsArZH13bTFmUKl5s_nV09Uk0
x-host
tde-deliveryengine-production-6ffbf575ff-jh7v6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 4A99 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJDTzJqYENn0o2-PbzVMrQM&google_cver=1&google_push=AXcoOmTq3C27lk9spn_BYudfmFjY_L4zSEoFU-mOTeJ-vrbcK8eRJQiRgxnnM145rDCY1L7lMC7LOdczsESIgqHxJZVwFT6sdRs1qpI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.222.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-222-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 4A99 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSJOCnHk5JY-njLJAqyu0EUFOEBlPu4Kor3RlTMCWHel5t6gDBYG34mPss-1RKgASsyhlAAVWLpxXtzG9nIx88tBz0KwcJ2cw&google_gid=CAESEMW-m3oODd7E4RkmLH9hZxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
173374
expires
Mon, 14 Aug 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4A99
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN2C1-3_7hToUuLBSwpaW90&google_cver=1&google_push=AXcoOmT1P410TUKfMragPpDT1TC04o6CmsVU8-ctr4TPuXvTcXa7E8NUatAWiaLiDeTmUmgoLv6bhBz8...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNzczOTAwNzQ0OTU4ODI5Mw&google_push=AXcoOmT1P410TUKfMragPpDT1TC04o6CmsVU8-ctr4TPuXvTcXa7E8NUatAWiaLiDeTmUmgoLv6bhB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNzczOTAwNzQ0OTU4ODI5Mw&google_push=AXcoOmT1P410TUKfMragPpDT1TC04o6CmsVU8-ctr4TPuXvTcXa7E8NUatAWiaLiDeTmUmgoLv6bhBz8oH45lLBJZNva_VONe_ukc00
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNzczOTAwNzQ0OTU4ODI5Mw&google_push=AXcoOmT1P410TUKfMragPpDT1TC04o6CmsVU8-ctr4TPuXvTcXa7E8NUatAWiaLiDeTmUmgoLv6bhBz8oH45lLBJZNva_VONe_ukc00
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4A99
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJxyHW8ryYOOmNNRXcgoSJE&google_cver=1&google_push=AXcoOmTLKShNGNgmcfu0HJ_L1Gs8i5jsN47DGAMqBy6uADHKDLWm25VH9eN_vzhf_5GnIXvSCGne6uhv0F2Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLKShNGNgmcfu0HJ_L1Gs8i5jsN47DGAMqBy6uADHKDLWm25VH9eN_vzhf_5GnIXvSCGne6uhv0F2ZauVzgkPmVcRl5ceqRqk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLKShNGNgmcfu0HJ_L1Gs8i5jsN47DGAMqBy6uADHKDLWm25VH9eN_vzhf_5GnIXvSCGne6uhv0F2ZauVzgkPmVcRl5ceqRqk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLKShNGNgmcfu0HJ_L1Gs8i5jsN47DGAMqBy6uADHKDLWm25VH9eN_vzhf_5GnIXvSCGne6uhv0F2ZauVzgkPmVcRl5ceqRqk
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 4A99 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNzXAH0N9FpmhDv4zDiipZwURHv_5XCT8y6HC-Vr0w19Ql0pl5DerYZ5u17FYd-Ggq2MSP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame E9C3 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXAJzTI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNEBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPHBFbF6JzwBKe-KSo4Sfgu1emTZesnfvALq1oTQVoWQqJyOzwD9KABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjM3NTk3Mzk5MDAyMzg3MxgA&sigh=eWXUoLv29uE&uach_m=[UACH]&cid=CAQSGwBpAlJWW5DJXIFUxRznW70GNE2JeXnaZDHGXBgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 02:19:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame E9C3 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EMz6RO0HfJ2DYgICAAAACVax43uFIK3auPfrHkkp6xBLj9lk6LBfyQ-NnX6J7AAAEgAACgpBUVVCRHdFQkR3&wp=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
137346
server
Kestrel
content-length
0
warbler-front.css
www.yingyuchat.com/static/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/css/warbler-front.css?v=1
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/warbler-front.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
6982fdede29570144239731ac5ef6943223353eebfc788e6813bb35a6241883f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
last-modified
Sun, 25 Jun 2023 09:56:53 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:20:57 GMT
functions.js
www.yingyuchat.com/static/js/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/functions.js?v=1
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/warbler-front.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
7a7bdba64fa839119e62681bc2b34b1d123a518eb177bf66f5cbf2484e53b383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
last-modified
Tue, 27 Jun 2023 04:35:00 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:20:57 GMT
warblerjquery.js
www.yingyuchat.com/static/js/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/warblerjquery.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/warbler-front.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 13:38:21 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:20:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8027 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options
nosniff
age
252785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8027 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 13:37:19 GMT
x-content-type-options
nosniff
age
132158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8027 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 15:22:55 GMT
x-content-type-options
nosniff
age
212222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 15:22:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2CFB 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B90A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Mon, 14 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AA33 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16e4ba31eba31fb5119634a555c012f1733397fdca714207976d00f0c4a67b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0B8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options
nosniff
age
252785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0B8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 13:37:19 GMT
x-content-type-options
nosniff
age
132158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D0B8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 15:22:55 GMT
x-content-type-options
nosniff
age
212222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 15:22:55 GMT
zoompage.css
www.yingyuchat.com/static/css/ 		2 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/css/zoompage.css
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/css/warbler-front.css?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ec212dd130b218b5216b181848f836e476f89aa36f7925c8f07bdc2f64330e7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/static/css/warbler-front.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
content-encoding
gzip
last-modified
Fri, 05 May 2023 10:53:51 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:20:58 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AA33 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
age
162956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 05:04:01 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13577164511864841576/ Frame 489E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13577164511864841576/14763004658117789537?w=100&h=100&tw=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9df5098ac435f84283cb5867fbcde0cd730de3a0a488e81d3293a1df2b5191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1810
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 03:08:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 02:19:57 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 489E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
age
162956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 05:04:01 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C2D6 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2846
x-guploader-uploadid
ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjCPNetl1XU5s%2BozXdBKYYFcvG9dVhXeCVp1H24u1sZmZsJ9xwTv9Qg35sfPooS%2FhRd07aWz3ZOBPyyg2Gw6y7Ec27HSxNqsmbSWd059BAS%2FCvicPG9KH3iZLj5H6ZC3A63i5MSr4pWE20HYXiv8S4%2By"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7f65b7479ea4912a-FRA
expires
Mon, 14 Aug 2023 01:55:31 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1C87 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2846
x-guploader-uploadid
ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMNtzfGQLfaCalcoFPwaq97Ut%2FhKOgV6VGjwpQ%2F552KOjoSna%2BIYuRH5NJKqsTdhw1FF7tdbKifoJsfk3HkXm5HmX4sBEAD%2BeErkobyAMQ%2B7NxBmn%2BAWZezm5tZYSnoEqbGbo0Rtubc2iBuJODld18ph"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7f65b7479ea5912a-FRA
expires
Mon, 14 Aug 2023 01:55:31 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 05A4 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 01:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DA2E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Mon, 14 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame B90A 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP2K9205tfK6JXz2RDGjRhE&google_cver=1&google_push=AXcoOmSv9swdVlJSjINgX_hyi6j7i0kINdxMvp-uJtPEIae0qlMrM62iZObVTzifx0Ib7DYyGWl5xkhzeXfthjvzit1CgbRA8DD1g2Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame B90A 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEIfb42vaa63gecCc9A78tMk&google_cver=1&google_push=AXcoOmQm1cAGns0ZPb1ZAwxUrnJhu9l1BI67XBryW0iA0Qc66k0UYguRcNfSj2zDmfNGvWP1U8WrC2_eigGPeyRjiOkyoMTYs4XeLg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQm1cAGns0ZPb1ZAwxUrnJhu9l1BI67XBryW0iA0Qc66k0UYguRcNfSj2zDmfNGvWP1U8WrC2_eigGPeyRjiOkyoMTYs4XeLg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f65b7475d4bbbfe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B90A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOR3GKbb494JGs6uTuwePX4&google_push=AXcoOmSKsv0esSi0d2rZmpnuVPdT3hKfgXFZj_4KiKVC_1uXuoQmO5eB4C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOR3GKbb494JGs6uTuwePX4&google_push=AXcoOmSKsv0esSi0d2rZmpnuVPdT3hKfgXFZj_4KiKVC_1uXuoQmO5eB4CV7Dy_i84b5jE7LQ5ExiQuFkmk7kgNI9eXnKAIwMzgw8n8
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220116-FRA
pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1691979598.039360,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOR3GKbb494JGs6uTuwePX4&google_push=AXcoOmSKsv0esSi0d2rZmpnuVPdT3hKfgXFZj_4KiKVC_1uXuoQmO5eB4CV7Dy_i84b5jE7LQ5ExiQuFkmk7kgNI9eXnKAIwMzgw8n8
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B90A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGaez4hIazQUzoqNtCWEBmo&google_cver=1&google_push=AXcoOmTV9_-apqjnNEth57k3E3VJraiK3sIcUlqEn7eSXJobazQTpQHuFpOE1eFlRDuyueFRTDje-zDu-XaZwtEVJxV5Wf7...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTV9_-apqjnNEth57k3E3VJraiK3sIcUlqEn7eSXJobazQTpQHuFpOE1eFlRDuyueFRTDje-zDu-XaZwtEVJxV5Wf7sodRSkKU&google_hm=eS13SXkxOS5SRTJwRTN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTV9_-apqjnNEth57k3E3VJraiK3sIcUlqEn7eSXJobazQTpQHuFpOE1eFlRDuyueFRTDje-zDu-XaZwtEVJxV5Wf7sodRSkKU&google_hm=eS13SXkxOS5SRTJwRTNXdlBpOGVsY3l4OXc0S3FEWDlRWn5B
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 14 Aug 2023 02:19:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTV9_-apqjnNEth57k3E3VJraiK3sIcUlqEn7eSXJobazQTpQHuFpOE1eFlRDuyueFRTDje-zDu-XaZwtEVJxV5Wf7sodRSkKU&google_hm=eS13SXkxOS5SRTJwRTNXdlBpOGVsY3l4OXc0S3FEWDlRWn5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame B90A 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR2LpO-O-gfRFnLstwTIwcj_tXB9vvansKWUb_3c8lJmgmpxVE_7ymXranF1rGf0Hi8CER4Tt16AyFqDh9phyDW3QWoMGjwTb8&google_gid=CAESEDgfNphhlSzUA-TudULVxFk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
579104
expires
Mon, 14 Aug 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B90A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN9AlZY_1DnYf8DuKxEgnxI&google_cver=1&google_push=AXcoOmTsqUKNgyFL1bFmfAwBCuw605J6ElwY_4HBELywcMak6cchVe7PxKGEp88GNpdwLDDYNe6CiFIs1TAd...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTsqUKNgyFL1bFmfAwBCuw605J6ElwY_4HBELywcMak6cchVe7PxKGEp88GNpdwLDDYNe6CiFIs1TAdb7rqT0DapVoTKu_kY1A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTsqUKNgyFL1bFmfAwBCuw605J6ElwY_4HBELywcMak6cchVe7PxKGEp88GNpdwLDDYNe6CiFIs1TAdb7rqT0DapVoTKu_kY1A
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTsqUKNgyFL1bFmfAwBCuw605J6ElwY_4HBELywcMak6cchVe7PxKGEp88GNpdwLDDYNe6CiFIs1TAdb7rqT0DapVoTKu_kY1A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame B90A
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECUtOo_Ohc-S...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQbeCIvlc90nkWOWzhuoSZjCgwl-6LJvjBP1Io9riDzVz7ZLinViPB1Q_8FHFi_nF6TlWvYBmnuOyCdVW8ofyQDVP1OvsnA6BMi
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 14 Aug 2023 02:19:58 GMT
pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B90A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHzd--meRDx6jfJH3zvN12222UTEvfFWikMKCl3E85kjUeeXH6YsEK6WgdivaYZfhvBKajQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=328624650&si=911ff1035540bbb86890f5769c5b0352&v=1.3.0&lv=1&sn=62503&r=0&ww=1600&u=https%3A%2F%2Fwww.edumails.cn%2F&tt=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 02:19:58 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
truncated
/ Frame 489E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b06b1925b2b68bb0573a2504978711b7f23ece0370b454f044676fbe5c8ad2a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame 41C7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1955644
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f65b74769119bdd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5kue0ZnLqRRN90vH6s%2FE2K2rlPwxvetxWQ5KeCi983EqSM%2BmRNs8NFTwuP6NfJ2PeK1oHpuGy898nk42Vxs%2FmLi0sslB537ksLcijv8vWywJTlcWnLoLT9JVvw7fTmYmEKNU9I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame B1FC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1955644
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7f65b74779139bdd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 02:19:57 GMT
expires
Sun, 09 Jul 2023 00:24:59 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYEa3DCe2l%2BpeU7uOztE%2Bbevu8vbQWNXRG3cee2MkZy1wr0pJdZDvA2D0imrZrio2ot37jNf%2FICIcPcdsFh2fFlPRARvFwcyJX2gKnEoJIBNW3N5r8uEmxtDNms3SJbRtW31TCI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
www.googleadservices.com/pagead/ar-adview/ Frame AA33
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwOxdTI_ZZMP8LJygxdwPhta-iAbnrr2gbo-rjdC3D8Oj4pm4AhABIOu14HhglYKAgJgHoAHir67TA8gBAakCqD1f4W5esj6oAwHIA8MEqgTeAU_QgBmej-GAwTWHoOvvSAWWZ2Gjly5CxmU...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221040932657961982265%22,%22debug_reporting%22:true,%22destination%22:%22https://betriebseinrichtung.de%22,%22event_report_w...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221040932657961982265%22,%22debug_reporting%22:true,%22destination%22:%22https://betriebseinrichtung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980129762%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217967639611164210977%22}&andc=true
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1040932657961982265","debug_reporting":true,"destination":"https://betriebseinrichtung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980129762"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"17967639611164210977"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 02:19:58 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1040932657961982265","debug_reporting":true,"destination":"https://betriebseinrichtung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980129762"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"17967639611164210977"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2CFB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:58 GMT
expires
Mon, 14 Aug 2023 02:19:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
pagead2.googlesyndication.com/bg/ Frame 0C61 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.2564033500~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yRNOZZqa1U&p=https%3A//www.edumails.cn&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Aug 2024 18:53:36 GMT
22f89c0ba362efe63cb375d190471f89
secure.gravatar.com/avatar/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/22f89c0ba362efe63cb375d190471f89?s=96&r=g
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
615b5aa81912c298d45080aa6cf8affef989937edd41d4721c3109608f604930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 14 Aug 2023 02:19:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="22f89c0ba362efe63cb375d190471f89.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/22f89c0ba362efe63cb375d190471f89?s=96&r=g>; rel="canonical"
content-length
3318
expires
Mon, 14 Aug 2023 02:24:58 GMT
EDU.jpg
www.edumails.cn/wp-content/uploads/2018/05/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.edumails.cn/wp-content/uploads/2018/05/EDU.jpg
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.138.39.137 , China, ASN139887 (CHINANET-YANTAI-IDC ChinaNet Shandong Yantai IDC network, CN),
Reverse DNS
Software
marco/2.20 /
Resource Hash
800f98691dab466c8441ac8ea7fdcf8211b3a60f0d0cabc86b2c063f2feed852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
strict-transport-security
max-age=31536000
via
S.mix-hz-fdi1-217, T.217.M, V.mix-hz-fdi1-213, T.137.H, M.ctn-sd-ynt8-137
age
1382309
x-source
C/200
content-length
57362
x-m-reqid
uwgAAFynEwpHNXYX
x-request-id
e3c02788e1e6df4c4de3f6fe494f6f18; 8bbed172a296c6395c70eeec97deb99c
x-m-log
QNM:jjh1911;QNM3:49
last-modified
Sat, 05 May 2018 04:43:42 GMT
server
marco/2.20
etag
"5aed367e-e012"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
x-qnm-cache
Hit
expires
Sat, 05 Aug 2023 19:09:00 GMT
logo.jpg
img.list68.cn/2023/planet/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/planet/logo.jpg
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
8b1ebb4ac4db72ae3a86dd59135c3cb1466dae2930db579e9afff4d3256740a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:75;BOOTS-PROXY:76;BOOTS-PROXY:77;BOOTS-PIPE:77;BOOTS-PROXY:78;BOOTS-PROXY:78;X-Log;FUSIONGATE:84;DORA-PROXY:85
date
Mon, 14 Aug 2023 02:20:00 GMT
x-svr
IO
age
234049
x-reqid
cyMWBvRXb
content-transfer-encoding
binary
content-disposition
inline; filename="logo.jpg"; filename*=utf-8''logo.jpg
content-length
129749
x-m-reqid
xJLsofCW1
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-4;QNM3:2
server
openresty
etag
"AEUqSd-4yqtvgJcIzk99dLkgXh4a"
access-control-max-age
2592000
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
logo.png
img.list68.cn/2023/bbc/ 		733 KB
734 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/bbc/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
92db0d69c514c7ed3f15f3ff8c899acc42bf7f2d1336481a3b27d0e9c0f7db83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:1933;BOOTS-PROXY:1934;BOOTS-PROXY:1935;BOOTS-PIPE:1936;BOOTS-PROXY:1937;BOOTS-PROXY:1938;X-Log;FUSIONGATE:1944;DORA-PROXY:1946
date
Mon, 14 Aug 2023 02:20:00 GMT
x-svr
IO
age
1375493
x-reqid
Z5xEKjnTF
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
750345
x-m-reqid
6AeFECuUG
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-11;QNM3:1
server
openresty
etag
"AJq4i8y_rmZu5Y9Ld2fGQTrwUYK_"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
logo.png
img.list68.cn/2023/xiaomi/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/xiaomi/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
438ecd49972c7e32500f40258f48bf66beade677a9c015dac30f96c325acf7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:324;BOOTS-PROXY:324;BOOTS-PROXY:325;BOOTS-PIPE:325;BOOTS-PROXY:325;BOOTS-PROXY:326;X-Log;FUSIONGATE:331;DORA-PROXY:331
date
Mon, 14 Aug 2023 02:20:00 GMT
x-svr
IO
age
2456338
x-reqid
LqJ76nED2
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
157718
x-m-reqid
2qcZnibio
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-11;QNM3:2
server
openresty
etag
"AB4xUIWYSs7rNiWJng0I-lEA9Lqx"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
365.png
img.list68.cn/2023/bwu.edu.pl/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/bwu.edu.pl/365.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
3c3e1e29c02b1c02ae5e8f2f0fe4f9ffbffbe4c9131d3f97873064af0488f33e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:722;BOOTS-PROXY:723;BOOTS-PROXY:724;BOOTS-PIPE:725;BOOTS-PROXY:725;BOOTS-PROXY:726;X-Log;FUSIONGATE:733;DORA-PROXY:734
date
Mon, 14 Aug 2023 02:20:00 GMT
x-svr
IO
age
2223650
x-reqid
2qx7Qaokt
content-transfer-encoding
binary
content-disposition
inline; filename="365.png"; filename*=utf-8''365.png
content-length
285241
x-m-reqid
CrVCvlKrV
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-4;QNM3:1
server
openresty
etag
"AEdzFJ-vIYYvRXdzpnfMUHdb-yvU"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
logo.png
img.list68.cn/2023/live2d/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/live2d/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
937c9c69e487b45a39823806fc18d9c74587d4959cff9f0f8474b17b92fbe4ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:617;BOOTS-PROXY:618;BOOTS-PROXY:618;BOOTS-PIPE:657;BOOTS-PROXY:658;BOOTS-PROXY:659;X-Log;FUSIONGATE:664;DORA-PROXY:665
date
Mon, 14 Aug 2023 02:20:00 GMT
x-svr
IO
age
208507
x-reqid
j9Zi1NCgg
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
406930
x-m-reqid
xEzFrh1BM
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-7;QNM3:1
server
openresty
etag
"APNpvD37IG4c_2WLTKqF-TvC6Cz0"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
logo.png
img.list68.cn/2023/lenovo/ 		678 KB
679 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/lenovo/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
82ec0f1dd1f7c9e5a2c25a5cdd291b3fa4722ba003ec225992cfa067f7225765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:1546;BOOTS-PROXY:1547;BOOTS-PROXY:1547;BOOTS-PIPE:1548;BOOTS-PROXY:1549;BOOTS-PROXY:1549;X-Log;FUSIONGATE:1557;DORA-PROXY:1558
date
Mon, 14 Aug 2023 02:20:00 GMT
x-svr
IO
age
756684
x-reqid
XoO2yCswI
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
694199
x-m-reqid
Zb9hIgAm6
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-2;QNM3:38
server
openresty
etag
"AIfJ8T7Snj_7c--nOY7JSQYBmSlR"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
pixel
cm.g.doubleclick.net/ Frame DA2E
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFuS1bf7wo6BRjY3leI-By4&google_cver=1&google_push=AXcoOmQ47vWioH_6-5RSMcGZKxVNWSHPqb3CHiTUtYYfE_LFYgx4r8R5RY...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ47vWioH_6-5RSMcGZKxVNWSHPqb3CHiTUtYYfE_LFYgx4r8R5RYC0zp0kTLh5Ndyln3oeTY3TO0KItiLJGHeIBSg26SC1&google_hm=EaCUoLeeurHx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ47vWioH_6-5RSMcGZKxVNWSHPqb3CHiTUtYYfE_LFYgx4r8R5RYC0zp0kTLh5Ndyln3oeTY3TO0KItiLJGHeIBSg26SC1&google_hm=EaCUoLeeurHx-pJb9BHXBg
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQ47vWioH_6-5RSMcGZKxVNWSHPqb3CHiTUtYYfE_LFYgx4r8R5RYC0zp0kTLh5Ndyln3oeTY3TO0KItiLJGHeIBSg26SC1&google_hm=EaCUoLeeurHx-pJb9BHXBg
pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame DA2E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENLTJa7pLW5ZwBDcNX8H8jw&google_cver=1&google_push=AXcoOmSKJdUwwvuTDqz4fW3xetbay5zQb79pDixkzpYuuijJaaimi2Otp0rnunH4x6r49GVlAA-NXSLPmHxrPDrQks-2_h7XO80k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame DA2E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOPypHTdM9i3IZrGCZxHQh0&google_cver=1&google_push=AXcoOmRx-cy-vwjLg49Ev787v8oapsDi-DL_QkQCjeLepYCFmy-gnlmvLsqsFxGrnbktvnCXjkaunyZEEduA8Yqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRx-cy-vwjLg49Ev787v8oapsDi-DL_QkQCjeLepYCFmy-gnlmvLsqsFxGrnbktvnCXjkaunyZEEduA8YqueeK_SX2Jz9k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRx-cy-vwjLg49Ev787v8oapsDi-DL_QkQCjeLepYCFmy-gnlmvLsqsFxGrnbktvnCXjkaunyZEEduA8YqueeK_SX2Jz9k
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 14 Aug 2023 02:19:58 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x12 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRx-cy-vwjLg49Ev787v8oapsDi-DL_QkQCjeLepYCFmy-gnlmvLsqsFxGrnbktvnCXjkaunyZEEduA8YqueeK_SX2Jz9k
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Aug 2023 02:19:57 GMT
pixel
cm.g.doubleclick.net/ Frame DA2E
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA1JhE9Je3VYxUfhcPMwF1I&google_cver=1&google_push=AXcoOmRNQqq2fpL4yEMb8QucrtDwTsrOwcpfJZ75Z6F-xDy95PPFUr1vZEU3FlYI7PEjxMSawhdXEguTM2B...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRNQqq2fpL4yEMb8QucrtDwTsrOwcpfJZ75Z6F-xDy95PPFUr1vZEU3FlYI7PEjxMSawhdXEguTM2B9iM2cP6gPocVExi0&google_hm=TAD9DL1ZTfuBtmvInXSKJYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRNQqq2fpL4yEMb8QucrtDwTsrOwcpfJZ75Z6F-xDy95PPFUr1vZEU3FlYI7PEjxMSawhdXEguTM2B9iM2cP6gPocVExi0&google_hm=TAD9DL1ZTfuBtmvInXSKJYQ
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRNQqq2fpL4yEMb8QucrtDwTsrOwcpfJZ75Z6F-xDy95PPFUr1vZEU3FlYI7PEjxMSawhdXEguTM2B9iM2cP6gPocVExi0&google_hm=TAD9DL1ZTfuBtmvInXSKJYQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA2E
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFppQzzwLglxGmf96b7w1yM&google_cver=1&google_push=AXcoOmRj3N0OMabpqGaX93yCttQe4wV4e4brNEk70H2sXn8vYZqiotoUlJvH5v4H0BLtoPgzSHxFqjZXio1lpwE3...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmRj3N0OMabpqGaX93yCttQe4wV4e4brNEk70H2sXn8vYZqiotoUlJvH5v4H0BLtoPgzSHxFqjZXio1lpwE3t3unVU4oYrnW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmRj3N0OMabpqGaX93yCttQe4wV4e4brNEk70H2sXn8vYZqiotoUlJvH5v4H0BLtoPgzSHxFqjZXio1lpwE3t3unVU4oYrnW
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 14 Aug 2023 02:19:58 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qHjZxAhpTPaT6ajeBGhKEQ2&google_push=AXcoOmRj3N0OMabpqGaX93yCttQe4wV4e4brNEk70H2sXn8vYZqiotoUlJvH5v4H0BLtoPgzSHxFqjZXio1lpwE3t3unVU4oYrnW
x-host
tde-deliveryengine-production-6ffbf575ff-42dnz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame DA2E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBPwAemNrvsbYbN3f6wioVI&google_cver=1&google_push=AXcoOmQFUgu7kNDYmacuTqQ2PqZqDZ1pf1IGfjvgK7gVjvTOX2142aewu5_wk2ptVZoonJyzouAiTO7zgNxbeEej-f-ddS8...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFUgu7kNDYmacuTqQ2PqZqDZ1pf1IGfjvgK7gVjvTOX2142aewu5_wk2ptVZoonJyzouAiTO7zgNxbeEej-f-ddS8pTQsd&google_hm=eS1yeTJFbXUxRTJwSHVzVG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFUgu7kNDYmacuTqQ2PqZqDZ1pf1IGfjvgK7gVjvTOX2142aewu5_wk2ptVZoonJyzouAiTO7zgNxbeEej-f-ddS8pTQsd&google_hm=eS1yeTJFbXUxRTJwSHVzVGZTLkt0Z2ZsYnJKTGZ2b2pZNX5B
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 14 Aug 2023 02:19:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFUgu7kNDYmacuTqQ2PqZqDZ1pf1IGfjvgK7gVjvTOX2142aewu5_wk2ptVZoonJyzouAiTO7zgNxbeEej-f-ddS8pTQsd&google_hm=eS1yeTJFbXUxRTJwSHVzVGZTLkt0Z2ZsYnJKTGZ2b2pZNX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame DA2E 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTE1RQKMlzo3TgTwuXBmxT1F2sYAjbgswmDBYZWkGHneNWy8Mth1E5HQVw0I4UTaHpdamq4PPGsTuj1rQ5W1R_87lIXvEJr&google_gid=CAESEBdDHeJoBhZh_PuHknSkWjE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
225222
expires
Mon, 14 Aug 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DA2E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KrL3t0zyJj5bK8pxEvKneGGq6Y5MufKzSbPDRmK1RLZ_RfvEjwSZcyNvg76Xc0ZKtImkTt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.googleadservices.com/pagead/ar-adview/ Frame 489E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CTC31TI_ZZJrzLJqWygWWrYF4i6LrhG3HnKfi6w-2zN3VxQEQASDrteB4YJWCgICYB6ABktni0gPIAQGpAqg9X-FuXrI-qAMByAPLBKoE5AFP0KfC_4R0Tmxp5hV3hnfDYACv6n2bqEqBV8K...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217264247331370083329%22,%22debug_reporting%22:true,%22destination%22:%22https://whitestaryachting.com%22,%22event_report_w...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217264247331370083329%22,%22debug_reporting%22:true,%22destination%22:%22https://whitestaryachting.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22978889874%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216869866802751826193%22}&andc=true
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H3
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"17264247331370083329","debug_reporting":true,"destination":"https://whitestaryachting.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["978889874"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"16869866802751826193"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 14 Aug 2023 02:19:58 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17264247331370083329","debug_reporting":true,"destination":"https://whitestaryachting.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["978889874"],"4":["08-14"],"6":["true"]},"priority":"500","source_event_id":"16869866802751826193"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221040932657961982265%22,%22debug_reporting%22:true,%22destination%22:%22https://betriebseinrichtung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980129762%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217967639611164210977%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 02:19:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 05A4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:58 GMT
expires
Mon, 14 Aug 2023 02:19:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame ECBB 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFTzWTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTWAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtT4q-h8j0UTONo-XaPmhkQtnXMMJnXuGqcelfxkSYi9mD0tTENxaWABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMzc1OTczOTkwMDIzODczGAA&sigh=sT1FxAS9EaQ&uach_m=[UACH]&cid=CAQSOwBpAlJW1KKU9du6VLqvxWwWrkZHu3uk2Tv8TN0SToK8tVKzbZAiM14vqwL-i-IsHY9rwkaunu95II4MGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame ECBB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hc7xrkm28zajpqaqvn5wy65hr3hdgwxcntnnks2bzq9gn2aw94q8ezcw56j0ycymmzefgcfr6cemmw92wspntfzrqx7z5zxaecmtwa3cn7a463k7ptnajtrqaabyzp9qt52w1b32p8mcsh7zweegmhfwpsdkv2c80a48vknh4znf84e9ejz2g2wbybtb6wjnyed8xynsga3p253e72vt94as89j6zhbzyt86s1f6m12x6rrxybktrgkva6kt9ey0y9k5b1cj6cbjf5c2sb9zg11ae43ahg8m8s9cgb7zd1b5cr3agrrmt6x2vx0pyk9sadc5ryg959s8fre86tangrrpbxzyk8k39b5f6142f5emytg5nf0pk3b43dpjgj9jw3xx3fd01aj660s&b=ZNmPTAALCV8FkVahAAmRihwdh1BN181FJxn5Zw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=280&adk=1278086041&adf=2095743049&pi=t.aa~a.1422825002~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=360x280&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=2&bdt=1325&idt=-M&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0&nras=2&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ZIBMMkC3eG&p=https%3A//www.edumails.cn&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 02:19:58 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
pagead2.googlesyndication.com/bg/ Frame 0028 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2375973990023873&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691972396&rafmt=1&to=qs&pwprc=7447672059&format=1200x90&url=https%3A%2F%2Fwww.edumails.cn%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691979596680&bpp=1&bdt=1324&idt=1&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D17dd39639fd1cf57-227e3b714fde00b2%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ&gpic=UID%3D00000c5fdb378cce%3AT%3D1691979596%3ART%3D1691979596%3AS%3DALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA&prev_fmts=0x0%2C360x280%2C360x280%2C1200x90&nras=5&correlator=1272379635124&frm=20&pv=1&ga_vid=1789157694.1691979596&ga_sid=1691979596&ga_hid=1893680136&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076733%2C31076924&oid=2&pvsid=1808899637876902&tmod=1841544692&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=JqOKA0RoVR&p=https%3A//www.edumails.cn&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 18:53:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
26782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Aug 2024 18:53:36 GMT
warblerui.js
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/warblerui.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/warbler-front.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1a1dffccbc87b343d835a43d1312a9d284ddab64a2fdf17bc60b7359f1ce3321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Mon, 14 Aug 2023 02:19:59 GMT
Content-Encoding
gzip
x-oss-request-id
64D98F4F8A5A1439321D2706
Last-Modified
Wed, 10 May 2023 14:32:38 GMT
Server
AliyunOSS
Content-MD5
3INXj+GUaNO2wh6qpAYwHQ==
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
3597595612281473787
x-oss-server-time
1
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217264247331370083329%22,%22debug_reporting%22:true,%22destination%22:%22https://whitestaryachting.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22978889874%22],%224%22:[%2208-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216869866802751826193%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 14 Aug 2023 02:19:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f65b74918a2912a-FRA
content-length
24
content-type
text/plain
date
Mon, 14 Aug 2023 02:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yF0wZr0Rh7iMC5hlsIYAxNnOS%2BU2VL4UhtpBtbf6y%2FapARepCxSzxyG6QH8dXpEKzRemQmnznsmqhWWo02Pd8DLcHJXsGoeWBl0a%2B9a6%2BMkN8Oc99u6eFmrK1lLUAlbPO1o%2FSfY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-r5j6
rs
ad4m.at/ Frame C2D6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8413bb52682fc3331c4c3bdae1537f421e613ffaf9790e5ed5baa085194edba7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzc%2FtdxSxcEAUhb0CAyf%2BjlKuQdZWxnFH3dM8ZXsGGr4zx1OTr3RPfDcfTVfdFuLnrM7CZ5I6E44AAqmdW0JQP1ymBf9Kp3SaI0%2Buyt0wQBwr9rrOu89QxEWzhhwhc4TrUYdZZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f65b74958e7912a-FRA
x-backend-server
aa-reachservice-group-europe-west1-r5j6
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f65b74918a6912a-FRA
content-length
24
content-type
text/plain
date
Mon, 14 Aug 2023 02:19:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqXfQOF%2FWVwEGqJ%2BeBdn5yGDwEdruQ3q%2Fo4mU9cmG8TW38AgJIT3LgufgBkf2lck1C%2BDuNWbZMmOe0VgHi2P4jR7bnFN8OPX5I8DJdvIAkwUQiCd%2F1lBmXrU8tDQ4c1SFj0IqfE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-r5j6
rs
ad4m.at/ Frame 1C87 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95fdda23a705cdc3889c5391a9da40037ef0c00de7f8003024eacc902c9bcc30

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI9eTuZi0uKJ9CuoQ%2FVX1YbuQ87%2Fq93pCZS5lj%2FbeEFHl%2Fk7tLHVzWfxjN5%2B9GJRT7XX6Ml8IFcy%2FDq9VYT0dP5zJst9fPGz0Z%2FVloLSlgtY1vpZPR8Se9sxXUH%2BOWueFWzf%2FxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7f65b74958e8912a-FRA
x-backend-server
aa-reachservice-group-europe-west1-r5j6
alt-svc
h3=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame E9C3 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGk7Jp3ik9wi1lMnsTaUeBuWIbrEIltwWirgfxpl8v8vK9tAS0AaV4NRfM1ddgZOKVpnT-Q5mbLY6MTE3qNkhHT37bzhkpWh-kJMc&sig=Cg0ArKJSzIl4FtmMpPB7EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=160,798,1000,1148,1148&tos=160,638,202,148,0&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691979596737&rpt=336&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 8B40 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e48acc96d18ca7523d753e2c22735c29e773cb56cb3e3cdfe54067b361bc63b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h73fvtjamcm3k01nab4fnmchdddb7r6ntc6r9h614v8wxqg1rjmmqdmytnfg3n3yjj7v3xk6tpzs2nygngbyavcqf5tmahjke406chy0azj32szm4fhtzm0dxdzzs8tdzxpcdhd0gzbm6mhre9n3ar7hbkkze29cq9g3jed6gnjmffb24scn896x52rtzcm40f19mzvctq6f724sgb1rhj6vz0m74aw7hngsxn21s1czvgk2yk6sy0ms13dgxwvvdakz92edj3t0q2959ggv76yx3kwjmp69s9g86ym7g5n076p7g4kh4dxca57ezt7nqrhgtcpkb6xpyk3p3cbn2gtkk96rd3e5a94t4aewnp5s51az56rtszp2dsyxnm5jck3rer7vx4ze5c1jc68dfrjdbcmb4yg8wjmxta36jmxwy0dv4spgtae63ygmh5t56p8e2tnzy7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%26client%3Dca-pub-2375973990023873%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f65b7499a589bdd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:58 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 61CE 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48ef5c8ed0d39070574d491746eeb41e2610e6e1f791cb4f68cb60e95fd30694
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g3k83tht687vb174e491v22nrcy7ze57yrvb9jkspmn0tqa6av3wwfa4w0x2793710mz9rdys9jwtxdbd618akv16vmdvg6g4y37xtzzn7w3td1jdszkc0ry84g0j546qpg6wmzs4xcs3th7jdze6deywy4g8qf8q9md4ebc9e2k98nt1m9qbchkhyhsdnjrswtgzq0k0cawkrkadqj2g6qvd02f63n8w7rpg9bz90xnpga029xjfc5xghnzhm30z3hj59c7zvxwzk2c69f2wc2afhr2ztz46wz93fdpmcseq6ka2p4b9359p3y9dnx9151xb8tay5bhj27qs3dkbgf34sh9a6gdprh097pyghyw9086dkqptsq8djpkpgphkqhezt5cys262f60qx2rzdy6vwjptgtsyq295ydcq1xx4q0sh8wre99apqxa7r14sd3tcj1h42g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f65b749aa5a9bdd-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 14 Aug 2023 02:19:58 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 8B40 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
400009
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThiaBBt8o%2BqD762WFjW8I7qiWvqzekK%2FgN4BlAJNys9KnNzouvqjeXjgN5KZ%2F%2BP7hXC66q%2B2Z0h9s72Xj9zWMmVcOjnJmNoNmHdxq2K8y6LACwvtsqzGvTKuCN8yh3veRQycebTZz24%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f65b749ea7f9bdd-FRA
expires
Mon, 14 Aug 2023 03:19:58 GMT
807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 8B40 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537400
cf-polished
origFmt=png, origSize=11357
alt-svc
h3=":443"; ma=86400
content-length
5848
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 08:41:46 GMT
server
cloudflare
etag
"ccfbd2e3feb27487a1f6d1f6b03866aa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA6VRMuTWhK9Buv%2BP6IAeUUFpsr%2BstXqs%2BMdA9aJfSCIlUk4tM6a4zrAcIGlfqwlVEkE7y4Z1zY2UPeRWctQtbrYBHFTOiqssZHxkEvUkVtH8GjO%2BBvLufT3PjL4OrpG0fePnGka8xKOWSU%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e149128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 8B40 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536666
cf-polished
origFmt=png, origSize=289744
alt-svc
h3=":443"; ma=86400
content-length
187558
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 11:11:49 GMT
server
cloudflare
etag
"17decb4f4cab809ec8159433a7f13627"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37Lzg2IxsDT1m5eDMMUqrc%2FjLrQnatSUuuJuTN0fdGlj0hOCpOnr6aiLIb9W0R88B9Y1EQDpXcxoDdnl3Ins113ISWOxBcySiwSYaYK3mpJjbLUTTNqZ6B1pFRWesd2hBdO4fT7NUR1ZecsT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a2e289128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 8B40 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2192956
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojqn92lGSxU73moxejcttT6hXAPIwXnjKAxjORiZI02g%2FBfZgZwZVE3lFt1OM7RAUOjTxBfZI2ibrUTK5TpeTOZy0dU5%2Fq1m6qZOfgwzrRU4ZUan2lHaS3ihZ8FhYTUm0DKHW%2FyVCBcQ23kp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e129128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
assets.ad4m.at/ Frame 8B40 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2350186
cf-polished
qual=85, origFmt=jpeg, origSize=50645
alt-svc
h3=":443"; ma=86400
content-length
21720
cf-bgj
imgq:85,h2pri
last-modified
Tue, 16 May 2023 07:15:13 GMT
server
cloudflare
etag
"c73080cea7b29464f4dd0b5558645ab6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukPQubLg7foG1VRgh7waV%2FdquskpKeBGk%2BtF44KVyxDTqKSQ5ywY7pbc36LAWILgWZN2139fKS2ipGHV5U9EgOtwlz7kP4s%2F%2BAuWeE%2BAKzm7W2yBYwKPvJB0dmRWEtGtq%2BsBWXW9HZTpDD8b"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e1b9128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
/
partner.o2online.de/a/ Frame 8B40
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIeXu5eL24ADFbyC_Qcd8I0IoA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:19:58 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218
date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 8B40 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1143747
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiEumW2MVP2JFF4tjtDaaVddSnHqHEcLNjevrTqvOl2HoSkzjs79JQHaGC1shsOGq1c1rlVcRONSzk78OxaeD4VtflpfQs59Z%2Bw2AF3DawlgtKk0nkI9A%2BUQMvPdLcyD6AZ2dDxz3v24Plbn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e159128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 8B40 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2358143
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5SOKdFlqP4kuy7%2B12rKNj1I6mtt9ngZT%2B0bT03WRDO4rRQZqmQtkAw3qljV58K7F%2BFK5BGkaEFqWBFQhvNvOc6oPbj6RA6lwW0K3bIrwGa%2B2pJa9zPaE80UQ%2FVFf%2FI5FTulTqrXkp1%2F0RLU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a2e279128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
cshow.php
www.awin1.com/ Frame 8B40 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 02:19:58 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 61CE 		114 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
400009
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9niQ2UZ3Bv4W3KCwflxNi8rI9cmZZLQIa9SSFbzFLdp2bt6PcPiL0ZwTSZg2l28rOw%2FZqjXY3Dru%2FpyK8XS8dDA045E4M9SrPangVhgWADXrQHH8VoRhkDa6z1a6sYpx78Mb6AviO8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7f65b749ea819bdd-FRA
expires
Mon, 14 Aug 2023 03:19:58 GMT
807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 61CE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537400
cf-polished
origFmt=png, origSize=11357
alt-svc
h3=":443"; ma=86400
content-length
5848
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Jun 2023 08:41:46 GMT
server
cloudflare
etag
"ccfbd2e3feb27487a1f6d1f6b03866aa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OXZGLaV58n72GnuzOxOy33kMD2HzAtXFPHwz39dNHRq%2BQ1tLTIeYwlmpYldXvuRKW1oMb%2FCdhAlHaeqMi0LG%2FDhRszxXQ3o17fuwCUXUygL9g0JkRUXE8TqFTkt6S4EPXwRJWJs5aHjYZ3T"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e199128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 61CE 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536666
cf-polished
origFmt=png, origSize=289744
alt-svc
h3=":443"; ma=86400
content-length
187558
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 11:11:49 GMT
server
cloudflare
etag
"17decb4f4cab809ec8159433a7f13627"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuCKZlo9W1saOIng1ayCEF11dEjQvxlSBpBeVDm1ZOMYzijXjjBo9Y%2BakShWiayI1tFF4jrbkBgs0hGCPhbTzk42LmuYE2oMgdAG%2FeJ69bHmK6oNTCkvM%2BphcTN1Ogc0iegF9f6nMaYsP7Ke"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e189128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 61CE 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2192956
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uwDpe7SrQGTraj4A5vNXmAGXeQ7JNB1QET4joisC9sR4fCpKFHbZkuqSTkVtJf7wmRNL2rDbmnly5PnlBMVW6A429K9nP%2FAe0dnlnGgTwTmwbxgkybynSppJZtA0qSUOi3gzPJ6YZb7nAot"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e1c9128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 61CE 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1740487
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:26:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITT9I%2BWHAwqmDxVUF%2FsbZPhVeUBNdY0fGuq9iBb2P5uC4IqKgzh%2FxaGA9Yo4MgRViLtu7d11YNEn16UCOtb9wzoNpYkD4j0JRDZazUlZrDF5yJOlwU4eeAia1APHs2Tss7bqiVtv9f9Bre89"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e169128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
/
partner.o2online.de/a/ Frame 61CE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COGZu5eL24ADFaHDEQgdXJkCMQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081404195887866190123X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202308...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081404195887866190123X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023081404195887866190123X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:19:58 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023081404195887866190123X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023081404195887866190123X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Mon, 14 Aug 2023 02:19:58 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 61CE 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1143747
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOTAYrx%2F6%2B%2FaU13YxPD3NaO77Skxpl1evPaFZ%2B52R5M%2FtRRB2bQGHoVIRBf30bP6DMjf4UzEklzvtwZTEv1kOdOW%2BSzAMQRhg6TIXb%2FjKbHSmUhqDU%2FH4ZQzk7a3EDdN9mBUUYzcUAPkG%2F8I"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e179128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 61CE 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2358143
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDNd4Qgc6gJXnRJR3lCnd7ydKCkl0HUd91M%2BrSNrb6JypQ1euUOtZGcScjTkThUPvP1Bh5Y16NpZ7ZUoiaJGMTVxIZlSNOETtM2VP53L6Ivw%2Baexdv3YhQYbvMY0fAAE6bsC%2FQ1r8%2F9b5hPZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f65b74a0e1a9128-FRA
expires
Tue, 15 Aug 2023 02:19:58 GMT
cshow.php
www.awin1.com/ Frame 61CE 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 02:19:58 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame 8B40 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g6jjb00061bpjq18r5yhbwc39vn6y77z2g9c24mpeykme55f5ez1f6h5nxbyqebkkawz96prrayvak237pw04710w762yn4zghjkhnp5sgk9y9r2t3vddfvx6dpeqf0zxa43q5dt10kfk7jz2zf6xtjbq3gtc4wat6td7vfxzhwedhnrg4en5xnnv35e2c2epraa52cfp60s4mkxg0z2ewajaxcgzht3z9hv563gbqccje565cz87e7ywz1z4awxe0jy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%252526client%25253Dca-pub-2375973990023873%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.233.254 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-233-254.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
server
awselb/2.0
content-length
45
content-type
text/html
tcaptcha-frame.7f61d9f7.js
captcha.gtimg.com/1/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/tcaptcha-frame.7f61d9f7.js
Requested by
Host: ssl.captcha.qq.com
URL: https://ssl.captcha.qq.com/TCaptcha.js?ver=8.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
2967a3d18973ffd6ecbc78b2328f04721572d3b40b6e18d673e2047ac9a98161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 09:17:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-cosindex-replication-status
Complete
x-cos-storage-class
MAZ_STANDARD
x-cos-request-id
NjRjY2MyMmJfODhlM2MwYl80MmU0XzQyMDE0MDY=
x-cos-version-id
MTg0NDUwNTM4ODMxOTYwNTAyMjA
content-length
52564
x-cos-hash-crc64ecma
6357908089560038204
last-modified
Mon, 24 Jul 2023 09:21:53 GMT
server
tencent-cos
etag
"4735be8fe0ffd6d65183ac6be9da1d4b"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17919905920037350986
accept-ranges
bytes
link.html
track.webgains.com/ Frame 61CE 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jygx7eatjzsj4zbyh310bbkrqzvn0gwxdzc0n6990rnfxmwqhfrm7q136d9dfczqgwmvagx5bj9wd1vphgapb5jqn94wt447kvvxvs4rngce9g7n67gt6q0twtf5wgwcfydjnff8fmx5cpn5wz5q0v7gzzby5xbzge7b7mw2jd8jbg8r1a3d0mvzzs35mfhjsyvv98cte649553454pcyfxkr5909g24dj84qznhyxfc6cxgvdmxjft77w12s94erxg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%252526client%25253Dca-pub-2375973990023873%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.233.254 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-233-254.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:19:58 GMT
server
awselb/2.0
content-length
45
content-type
text/html
all
csm.eu.criteo.net/ Frame 0FAB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=FHlGCMRg5hgT99BU2g9csoQ-V8uHfzTBmPe-_6MMfEHSg1X_1PFDAHa-W8irTszDY4dUvsbNnSjG4Crr4QUoukhIgu2zCPDscNpUTIN7qJiFbcJQgfcGg-SidKHyptSFOQ-YCcJvx4G5X9c4MzXOGCoo_8TTQXuKOoQDfk2J54aWaeCwHZJRswwVOlZSA2c6jmO3X1apwX-Fh2KfPgoWONmnMDOJ3uBDqbHQBD3ZGYXoyAAee7vTOU5lhgJvsR5J8Zb_2A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 02:19:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
kflayer.css
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/kflayer.css?v=3.5.1
Requested by
Host: kehongnetwork.oss-cn-shenzhen.aliyuncs.com
URL: https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/warblerui.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
791203fee69a9613e4f337149e5cc74c64999c9ce6bc19e9cca64fa5aaa8236a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Mon, 14 Aug 2023 02:19:59 GMT
Content-Encoding
gzip
x-oss-request-id
64D98F4F8A5A1439321D2806
Last-Modified
Fri, 21 Apr 2023 15:30:52 GMT
Server
AliyunOSS
Content-MD5
TQqmdX4vPfwlbLDFF2TICQ==
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
814094015009610123
x-oss-server-time
1
kefustyle
www.yingyuchat.com/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/kefustyle?ent_id=6376
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/warblerjquery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ee38f44a6b53caa917e98b07096e396d15cfefbc55ebdb543c85cec8085e45f6

Request headers

Accept
*/*
Referer
https://www.edumails.cn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:00 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Length, X-CSRF-Token, Token,session
drag_ele.html
captcha.gtimg.com/1/template/ Frame EAEA 		62 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/template/drag_ele.html
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/tcaptcha-frame.7f61d9f7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Trpc httpd tencent http server /
Resource Hash
34424598867aa65a5c3b3a1c46ab17539e152f934549056ee145ef7471f239e5

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=0
content-encoding
gzip
content-length
23402
content-type
text/html
date
Thu, 03 Aug 2023 14:09:32 GMT
p3p
CP=CAO PSA OUR
pragma
No-cache
server
Trpc httpd tencent http server
x-cache-lookup
Cache Hit
x-nws-log-uuid
4211467695346292392
aegis.min.js
tam.cdn-go.cn/aegis-sdk/latest/ Frame EAEA 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tam.cdn-go.cn/aegis-sdk/latest/aegis.min.js?max_age=3600
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/template/drag_ele.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.51.224.111 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
7255ac0ac369e228a0784ee195d701c0044263efe955a8cd58a996c928bcd19f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://captcha.gtimg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
x-cache-lookup
Hit From MemCache Gz
last-modified
Wed, 05 Jul 2023 07:00:25 GMT
server
NWSs
is-immutable-in-the-future
false
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-nws-log-uuid
943372f6-979a-4281-8c0e-63e172481811
accept-ranges
bytes
timing-allow-origin
*
content-length
21792
expires
Mon, 14 Aug 2023 03:20:01 GMT
dy-jy.js
captcha.gtimg.com/1/ Frame EAEA 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/dy-jy.js
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/template/drag_ele.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://captcha.gtimg.com/1/template/drag_ele.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 19:10:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-cosindex-replication-status
Complete
x-cos-storage-class
MAZ_STANDARD
x-cos-request-id
NjRjYWFhMDlfMTYzNjQwMGJfNzhhYV8zZTMyZmZk
x-cos-version-id
MTg0NDUwNzA3MzQ0OTUxODA5Mjk
content-length
33841
x-cos-hash-crc64ecma
17706959839496341509
last-modified
Tue, 10 Jan 2023 08:26:54 GMT
server
tencent-cos
etag
"303dbb4b8a1e11044ed428151f047b12"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14815425428250126559
accept-ranges
bytes
dy-ele.fac794d4.js
captcha.gtimg.com/1/ Frame EAEA 		163 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/dy-ele.fac794d4.js
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/template/drag_ele.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
8e306ee93097b3853758faf84b071b65242f73d17bb890059d07891ed91ceb61

Request headers

Referer
https://captcha.gtimg.com/1/template/drag_ele.html
Origin
https://captcha.gtimg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 00:55:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-cosindex-replication-status
Complete
x-cos-storage-class
MAZ_STANDARD
x-cos-request-id
NjRjYzRjNzhfOGIxMzc2MGJfMjA1ODVfNDJiZjEwMQ==
x-cos-version-id
MTg0NDUwNTM4ODMxOTYwMzE1NTY
content-length
53573
x-cos-hash-crc64ecma
3431301066766039078
last-modified
Mon, 24 Jul 2023 09:21:53 GMT
server
tencent-cos
etag
"dce521115529c56c2dfbc12ecff529c8"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3714336975321487949
accept-ranges
bytes
iconfont.woff2
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/font/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/font/iconfont.woff2?v=256
Requested by
Host: kehongnetwork.oss-cn-shenzhen.aliyuncs.com
URL: https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/kflayer.css?v=3.5.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09

Request headers

Referer
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/kflayer.css?v=3.5.1
Origin
https://www.edumails.cn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:01 GMT
x-oss-request-id
64D98F519B920230371D0BBA
Content-MD5
2MIUyJ4zp76pPWVr2GXoaQ==
Connection
keep-alive
Content-Length
25964
x-oss-object-type
Normal
Last-Modified
Sat, 11 Sep 2021 10:24:10 GMT
Server
AliyunOSS
ETag
"D8C214C89E33A7BEA93D656BD865E869"
Access-Control-Max-Age
0
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
10906717841764957061
x-oss-server-time
1
chatIndex
www.yingyuchat.com/ Frame EEA2 		34 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/warblerjquery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
eb6fd2a2516074e6d64ab1a389b6d473cca43556bd4eace445b74da5ed9f6243

Request headers

Referer
https://www.edumails.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Length, X-CSRF-Token, Token,session
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Aug 2023 02:20:01 GMT
server
nginx
vary
Accept-Encoding
loading-1.gif
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/ 		701 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/loading-1.gif
Requested by
Host: kehongnetwork.oss-cn-shenzhen.aliyuncs.com
URL: https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/kflayer.css?v=3.5.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7c6380e9985c8e4982f41f8dba64d6b1c4a7997d0aa635d9f4bb7643ab815248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/warblerfrontui/css/kflayer.css?v=3.5.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:00 GMT
x-oss-request-id
64D98F508A5A143932822A06
Content-MD5
EUC8XHhj+OVKPCsXnmQHWA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
701
x-oss-object-type
Normal
Last-Modified
Sat, 11 Sep 2021 10:23:49 GMT
Server
AliyunOSS
ETag
"1140BC5C7863F8E54A3C2B179E640758"
Content-Type
image/gif
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3320625081498956497
x-oss-server-time
1
index.min.css
www.yingyuchat.com/static/css/ Frame EEA2 		269 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/css/index.min.css
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8ec27218a62f8c0f88295765360da8ce151823dab3f014a3da181a5398bbcd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 04:05:02 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
vue.min.js
www.yingyuchat.com/static/js/ Frame EEA2 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/vue.min.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a5f5d6ce6d4c44834c1820d9b69f7894edbe398345162438a198a17f9f856a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 08:28:22 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
elindex.js
www.yingyuchat.com/static/js/ Frame EEA2 		1 MB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/elindex.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
5542bd3f018b86258868c048acf34f1550eeb2f27c7a3d61cb19bff735f8605b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 08:28:21 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
jquery.min.js
www.yingyuchat.com/static/js/ Frame EEA2 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/jquery.min.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 08:28:21 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
ua-parser.min.js
www.yingyuchat.com/static/js/ Frame EEA2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/ua-parser.min.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d2880c3ec9ed4180826d6be7f1cded7559a0718c5d3cbd2f5eee3076e3a8699e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 09:40:05 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
chat-lang.js
www.yingyuchat.com/static/js/ Frame EEA2 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/chat-lang.js?v=0.4.5
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e9b5d69b4091e858f636abe1011988f1df46930fb4ecc68520e228e7d2d9aee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 04:32:44 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
functions.js
www.yingyuchat.com/static/js/ Frame EEA2 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/functions.js?v=0.4.1
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
7a7bdba64fa839119e62681bc2b34b1d123a518eb177bf66f5cbf2484e53b383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Tue, 27 Jun 2023 04:35:00 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
front.css
www.yingyuchat.com/static/css/ Frame EEA2 		1 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/css/front.css?v=1.0.0
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
306e708cb9501327670df844d7ef530183377e4ad18f33a1566340155bb54d92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 10 May 2023 13:48:14 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
common.css
www.yingyuchat.com/static/css/ Frame EEA2 		74 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/css/common.css?v=0.4.3
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a9441ced4d055172796757bd9fe430373a22871206c5d6cf7ad53fcbcb69bcf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 04:05:04 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
icono.min.css
www.yingyuchat.com/static/css/ Frame EEA2 		47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/css/icono.min.css
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
235718aaec8d9d1c4eb17df41c323be460c3d55a18c9a91f177abb76a604a53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 08:28:25 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
reconnecting-websocket.min.js
www.yingyuchat.com/static/js/ Frame EEA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/reconnecting-websocket.min.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
f3382cc987cf2705fc70304ad01fee4a41a1dceeff0045d50b87e9cdc99294fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 08:28:22 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
recoder.js
www.yingyuchat.com/static/js/ Frame EEA2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/recoder.js
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a2c162c6665b162a14402bb85691357b92a7d61fd21e8c3a52c14d212947f337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 08:28:22 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
chat-page.js
www.yingyuchat.com/static/js/ Frame EEA2 		181 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/js/chat-page.js?v=0.8.5
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ac8850b81948ad9b9420aba1398695a8bf279d39bce2bf7a14168576a12f3edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 05:31:26 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:01 GMT
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		894 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ba8a44c192bf4c1574f1cb702b9284c538930087c723f48da1a070c3e311060

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f31e465fb35136b2c3f7b0536a0a9e53de6ba909cba8ec3a71e96b3ac2efa160

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42d681b5f02d2dabf923cbae61fc345c20de79978e81facb76bff8ce48be9b0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef73275cc4315120438d0603c951e7e95b073be2826522230b5c7f081718e8b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a27081a215b719163e28a0a91f27baa4f92b00db98a61759be6d96fe34467fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c85785b7d535905a50d441e982daa1333674e62924772b4ae5bc502ef47e98b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aee3757d527819580fb523a50c93fa9bda00f8238844a4d79c1c5c37ce2a4104

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAEA 		396 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
logo.jpg
img.list68.cn/2023/planet/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/planet/logo.jpg
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
8b1ebb4ac4db72ae3a86dd59135c3cb1466dae2930db579e9afff4d3256740a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:75;BOOTS-PROXY:76;BOOTS-PROXY:77;BOOTS-PIPE:77;BOOTS-PROXY:78;BOOTS-PROXY:78;X-Log;FUSIONGATE:84;DORA-PROXY:85
date
Mon, 14 Aug 2023 02:20:02 GMT
x-svr
IO
age
234051
x-reqid
cyMWBvRXb
content-transfer-encoding
binary
content-disposition
inline; filename="logo.jpg"; filename*=utf-8''logo.jpg
content-length
129749
x-m-reqid
wSSi5fXSV
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-4;QNM3:2
server
openresty
etag
"AEUqSd-4yqtvgJcIzk99dLkgXh4a"
access-control-max-age
2592000
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
zoompage.css
www.yingyuchat.com/static/css/ Frame EEA2 		2 KB
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/css/zoompage.css
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/css/common.css?v=0.4.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ec212dd130b218b5216b181848f836e476f89aa36f7925c8f07bdc2f64330e7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/static/css/common.css?v=0.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:02 GMT
content-encoding
gzip
last-modified
Fri, 05 May 2023 10:53:51 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=60
expires
Mon, 14 Aug 2023 02:21:02 GMT
logo.png
img.list68.cn/2023/lenovo/ 		678 KB
679 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/lenovo/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
82ec0f1dd1f7c9e5a2c25a5cdd291b3fa4722ba003ec225992cfa067f7225765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:1546;BOOTS-PROXY:1547;BOOTS-PROXY:1547;BOOTS-PIPE:1548;BOOTS-PROXY:1549;BOOTS-PROXY:1549;X-Log;FUSIONGATE:1557;DORA-PROXY:1558
date
Mon, 14 Aug 2023 02:20:02 GMT
x-svr
IO
age
756686
x-reqid
XoO2yCswI
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
694199
x-m-reqid
SK99h2knD
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-2;QNM3:6
server
openresty
etag
"AIfJ8T7Snj_7c--nOY7JSQYBmSlR"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
hm.js
hm.baidu.com/ Frame EEA2 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?82938760e00806c6c57adee91f39aa5e
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/chat-page.js?v=0.8.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
de7fd2c63b6895afe9cb50a6904a48d7aebe535e4c4833c07b7a6882c8632c41
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5b7a622a00099d24930f223ff1e0c029
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11264
visitor_login
www.yingyuchat.com/ Frame EEA2 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/visitor_login
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
6070c6110f8c5332e72fed3afaa520220db808bee8f1d0bc1e7b2f12b53a3ce2

Request headers

Accept
*/*
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 14 Aug 2023 02:20:03 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Length, X-CSRF-Token, Token,session
smalllogo.png
www.yingyuchat.com/static/images/ Frame EEA2 		504 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yingyuchat.com/static/images/smalllogo.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0a55cd532d530b32a718ffa4feaaec7437dc21cc567ed3dc6e4a39df5b0403c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:03 GMT
last-modified
Wed, 15 Sep 2021 08:28:28 GMT
server
nginx
x-cache
MISS
content-type
image/png
cache-control
max-age=60
accept-ranges
bytes
content-length
504
expires
Mon, 14 Aug 2023 02:21:03 GMT
emoji_3@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_3@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e58dea6eb770c2ca421681d396d1238e8ae5cf836827815f6139857d48b4da6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F538A5A143932EB2E06
Content-MD5
DPzBmXoKgWAoUXG4lgXp2A==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1961
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:06 GMT
Server
AliyunOSS
ETag
"0CFCC1997A0A8160285171B89605E9D8"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14563776650623166224
x-oss-server-time
1
emoji_4@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_4@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
43232b375bdb0b736ec48f46223f9aec1a7fc987300dfb871734e4ca8efbb4a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F531344D13933AA1910
Content-MD5
oziBjKpXBpY10VEA4klDig==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1414
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:06 GMT
Server
AliyunOSS
ETag
"A338818CAA57069635D15100E249438A"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
1807012580441204549
x-oss-server-time
2
emoji_124@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_124@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a11f6194fc0494d7851d807cbd56cbb748f54e38faf245218bf2be6c4776a45e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F538A5A143932852F06
Content-MD5
CiuFoHzRaO0IFx091azFQA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1817
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"0A2B85A07CD168ED08171D3DD5ACC540"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
18379379618221016648
x-oss-server-time
1
emoji_75@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_75@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
8acf30cd0791e8fa39aae48d97cd3b6d71c20bfdad2f13265d8d3dba992867fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F531344D13933621A10
Content-MD5
NlIzx70JlE/eJ6SIZMHurQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1914
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"365233C7BD09944FDE27A48864C1EEAD"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16320669670197561383
x-oss-server-time
1
emoji_76@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_76@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
faafee9ef0ce2cc001b7b48e76bd55ae1c75280a3402c45093cad12fbb155499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F531A83213239D7FC0F
Content-MD5
Wklpa4rAfQFjFfGd6/4tSQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2115
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"5A49696B8AC07D016315F19DEBFE2D49"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
5946898387350344730
x-oss-server-time
1
emoji_7@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_7@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
2c23a5d7b6a807b4f93769dc58e3246df2ff810d2ea30c07529f5a533d4fb813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F542612B03133C93C14
Content-MD5
wcMHJs/QAoKlP1x4StBHyQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2147
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"C1C30726CFD00282A53F5C784AD047C9"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7357067469554039748
x-oss-server-time
3
emoji_8@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_8@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
2c31ec325f09dde09677274d87d1c55ff0a0ddee72fe16b4616ba23263e6cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F531344D139330A1B10
Content-MD5
KEuc3mXsCPvI3LtvhaaUwQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2005
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"284B9CDE65EC08FBC8DCBB6F85A694C1"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
15406397339887723615
x-oss-server-time
1
emoji_48@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_48@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
54676e6d05bae49cbe7aebcae49b260e838a2fec9c37d02eb33b691591febcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F538A5A143932163006
Content-MD5
hwvq9cm7usk9DnnWdg/+Lw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1924
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"870BEAF5C9BBBAC93D0E79D6760FFE2F"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
5428604446002017248
x-oss-server-time
1
emoji_49@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_49@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c4ac6564d57b5245ce9c39afed781c43a51897f91aacc3a753d202e615dcd99a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F5381477F373430AAD9
Content-MD5
wN03q9j0tMWtAz6IbBPtAw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1920
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"C0DD37ABD8F4B4C5AD033E886C13ED03"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
10202402007516157093
x-oss-server-time
1
emoji_50@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_50@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7f19405980c558c957f5b861030341d42383e9a6a2482819621bf6523a41df88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F531A832132396EFD0F
Content-MD5
i2RaFRbvhWxqxY1lNmjAAw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1402
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"8B645A1516EF856C6AC58D653668C003"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
17556394766602789717
x-oss-server-time
1
emoji_51@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_51@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
cd21c21244bc3b23ca256a4b8ecb51d3572618a7d3250ead9c65a2502030a00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F558A5A143932683206
Content-MD5
VHo+XxQKRp6N5jFMA5F+XA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1958
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"547A3E5F140A469E8DE6314C03917E5C"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
18018337953033523285
x-oss-server-time
1
emoji_1@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_1@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a3c9c08d043dbda5e88727b37f4847ecad4243c7ba768e8a6312d60c8e6146cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:03 GMT
x-oss-request-id
64D98F5381477F3734CAAAD9
Content-MD5
yPotSYa1akTUAABsraA+dg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1509
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:06 GMT
Server
AliyunOSS
ETag
"C8FA2D4986B56A44D400006CADA03E76"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
18445932940766226691
x-oss-server-time
2
emoji_14@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_14@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
16e26fd89f72daf23d01e8ec98e816eae20e94ed827856c55d7dc2916b0c3909

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F541A832132391AFE0F
Content-MD5
KCYjCEDkNhVoaUMFru6tGw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1356
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"2826230840E4361568694305AEEEAD1B"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14231290925842175331
x-oss-server-time
2
emoji_15@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_15@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
43360f25f7fd7c931e85d94b4e29dac41904cdf472993279e5901f4257199662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F5481477F373473ABD9
Content-MD5
ekVGoWINhD0Q9T/wGERQRg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2057
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"7A4546A1620D843D10F53FF018445046"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13286284437404332163
x-oss-server-time
1
emoji_17@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_17@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7f5c8350567104e96dc8fc70cc8049b19f7faf07e0964acd8aed12aa07af9c8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F54732F66353547EC04
Content-MD5
VUa+th2bGRiKCHXR0HBBRw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2296
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"5546BEB61D9B19188A0875D1D0704147"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
17743740004865681192
x-oss-server-time
1
emoji_18@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_18@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
646ff3ee7a025e07cfe396ca407064026a62b616b210c55563486cb06dc4297c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F541A83213239E3FE0F
Content-MD5
EzYR5y+Hg41r2gTy7GgSpA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1957
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"133611E72F87838D6BDA04F2EC6812A4"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
2573794821338871018
x-oss-server-time
1
emoji_19@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_19@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d7c60b914e9ec5daa9c70c7ddcab2ab1ce5f80df03d8d1c7d08ebb92f821a3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F5481477F37343FACD9
Content-MD5
+58n+d35lFtsd255SyqIdQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1480
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"FB9F27F9DDF9945B6C776E794B2A8875"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16840626009984100409
x-oss-server-time
1
emoji_20@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_20@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b62e812c33d1bebd89d62889be73b76ad9f40c7d410eb3ab870803aa9c7d4816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F54732F663535C4EC04
Content-MD5
VGEQ61FIlH1BFK7MUhYhCA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1875
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"546110EB5148947D4114AECC52162108"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16839091649312371116
x-oss-server-time
1
emoji_16@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_16@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
62db587b3c42a521778d5d66f7014c0eb57bad14295d724d424dacffa1b5f0b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F541A832132397EFF0F
Content-MD5
FoWJNyD9vVegmwN28V/KuQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2190
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"1685893720FDBD57A09B0376F15FCAB9"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
1499384251419549315
x-oss-server-time
1
emoji_77@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_77@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1eab2862e80780854c00126c432aa75b71cbd66f64725f2314361794b85ca835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F5481477F3734E1ACD9
Content-MD5
FF3mEPHCJ3lvoSAbkUMEWQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2252
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"145DE610F1C227796FA1201B91430459"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16063737447416941100
x-oss-server-time
1
emoji_23@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_23@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
367464d49fc1a9c5cd69bc47fbbac0e5b12de0ede0c578b3b4aa1ebcd80ee3f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F541344D13933441D10
Content-MD5
Tt3IBvW+HgbOTQwv/+wJgA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1902
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"4EDDC806F5BE1E06CE4D0C2FFFEC0980"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
9000403734898889795
x-oss-server-time
6
emoji_25@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_25@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f2b773dbb6411f1a7180a1aad604dbb30d0de8a73d79aaa9d406596623612219

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F552612B03133C03E14
Content-MD5
Vxk853c/ubSY+pK9n8tO7Q==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1934
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"57193CE7773FB9B498FA92BD9FCB4EED"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
4752613963375005222
x-oss-server-time
1
emoji_26@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_26@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4b1957c6f36b3d710ee116fe8bd840d38b92332e6ca19fcd4c70eb0bd1d25bbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:04 GMT
x-oss-request-id
64D98F54732F6635354EED04
Content-MD5
+SfW4diAd1xEQsuSgXVo1Q==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2028
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"F927D6E1D880775C4442CB92817568D5"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13569338604560855226
x-oss-server-time
1
emoji_27@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_27@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
605005ec1e99b3cf7e3ead4114a411439897a476ac704e1ddf23b6451b355393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F551A83213239110010
Content-MD5
u65O7Qt6KWGWDBoycDtcyw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2101
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"BBAE4EED0B7A2961960C1A32703B5CCB"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
2946288269827672459
x-oss-server-time
1
emoji_28@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_28@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e4c5f8607fe8e8f7fbbbb7d70dc55920ee45d5472ae0cded45890a49c966c8da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F5581477F37347BADD9
Content-MD5
4X8nGj94lOD+9pb3pYvjmw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1615
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"E17F271A3F7894E0FEF696F7A58BE39B"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
9384548739764619816
x-oss-server-time
1
emoji_29@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_29@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
8063de02b49387d289bb253707500ae50eff9ee461c35e97d90ac5c61681d78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F551344D13933D51D10
Content-MD5
rzKLXysQTJQaVYh457/G5g==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2156
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"AF328B5F2B104C941A558878E7BFC6E6"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
15938266402549909472
x-oss-server-time
2
emoji_30@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_30@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
270082ef41c4f6675d6c7007b9b3dd26003531c75d62ec0d70fd1fd8022068cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F55732F663535D5ED04
Content-MD5
mWDKGLVtynKE/aIha12YSQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1885
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"9960CA18B56DCA7284FDA2216B5D9849"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3432852540059601476
x-oss-server-time
2
emoji_32@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_32@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
64bc22c1ca1b3fcc2826914d64301e8f1b997c935c07d7fc6798e86d889b9b1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F551A83213239AF0010
Content-MD5
2GJnVHs3J7hJnkibkMmP1w==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1963
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"D86267547B3727B8499E489B90C98FD7"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
9011835280688217230
x-oss-server-time
1
emoji_33@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_33@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
90d2205f1a5e38583c2671c7194e948a832fd7ab4f3a18a9644e372ed62e61a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F558A5A143932153306
Content-MD5
nKisXCnwQ/gAdBg2qe2sog==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1794
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"9CA8AC5C29F043F800741836A9EDACA2"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
11266636697507976963
x-oss-server-time
1
emoji_34@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_34@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e1877d5407f1e450fe72aa5ac10e5e2208a1e8bb3c9faa19164e0c77d3946451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F5581477F37341FAED9
Content-MD5
l4bUNF8/HI4weGNfVmF11g==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2101
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"9786D4345F3F1C8E3078635F566175D6"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16107020934892093717
x-oss-server-time
1
emoji_35@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_35@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
177ec7f61c4d96a6c7f17672e6ec7ca651e7ec169afd771df5ca91df490907eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F551344D13933931E10
Content-MD5
T6ESNrfyQF+XGPadBzQm4g==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1749
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"4FA11236B7F2405F9718F69D073426E2"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7230125614684059088
x-oss-server-time
2
emoji_37@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_37@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
af7cce67e215cac3ffa2558de8ee8158b33a51a08fd07985863d36a6dbb19e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F55732F66353576EE04
Content-MD5
FHJMDnTQtQA/YAYIPEGdAA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2136
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"14724C0E74D0B5003F6006083C419D00"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3070383995599976410
x-oss-server-time
1
emoji_38@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_38@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
12028871057d027cc662daa797118c7ad4e9c16083c9dc6e3c4ffe77eaf02fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F551A83213239510110
Content-MD5
01KbrykQbVIPzqIH/0DMNA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1982
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"D3529BAF29106D520FCEA207FF40CC34"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3577926717956538923
x-oss-server-time
1
emoji_39@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_39@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
ec23f1afe8b266700e76e4a2f14b4003e50828e5e85e7e29b27f2259ebec1775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F558A5A143932C53306
Content-MD5
wXe+Km4J1rIuRYGUbXyt6Q==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1770
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"C177BE2A6E09D6B22E4581946D7CADE9"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
5648594400840406645
x-oss-server-time
2
emoji_44@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_44@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0b53c5aeaf32664239fa9feeee2dbf5d3a6ae81251694ad727745a6aa2360aa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F5581477F3734C0AED9
Content-MD5
CdXmY8C5ehNvcz+Riokn1w==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1277
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"09D5E663C0B97A136F733F918A8927D7"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
8739873695083835142
x-oss-server-time
1
emoji_45@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_45@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
52ae0a9aca7816e867061b46c10da11fa1f7c3c2da81f8eab533dbebf764f135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F551344D139334C1F10
Content-MD5
39buzELFFWXKq37ZYAUmgg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1314
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"DFD6EECC42C51565CAAB7ED960052682"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
11089078338293135118
x-oss-server-time
1
emoji_54@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_54@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
684f15ef6c3ce1033fb89f1a467dffec537b4d3b6b76793a4bc7d8ec7565a410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F55732F66353542EF04
Content-MD5
kadodujelSog8/cYKzp98A==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1948
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:05 GMT
Server
AliyunOSS
ETag
"91A76876E8DE952A20F3F7182B3A7DF0"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
17809787347594065510
x-oss-server-time
1
emoji_55@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_55@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1cbe93123392943ac6342efaad490e238d52bd7ada7bd0c0ff1219f6589f87fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F551A83213239F40110
Content-MD5
bD3EBE9EY0Kqq6Cx1AABUA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1972
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"6C3DC4044F446342AAABA0B1D4000150"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
5267393702573371261
x-oss-server-time
1
emoji_56@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_56@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
89e1bc9eb96caebf29bcddaf06becb68f444faa6183e6382d57aa0ca72967f07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F5581477F373452AFD9
Content-MD5
llopHwv3XEeNDabz5+MS1Q==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2026
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"965A291F0BF75C478D0DA6F3E7E312D5"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
5817386541017278399
x-oss-server-time
8
emoji_62@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_62@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d197ed3a2ed24e5cd226218b4bf80aefd2e7cfb9fafa63d0a1cb0f1054a00109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F568A5A1439327A3506
Content-MD5
4BAj5D4xYqo+6Jlv82wiGA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1730
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"E01023E43E3162AA3EE8996FF36C2218"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
15748623763133940817
x-oss-server-time
1
emoji_63@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_63@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
525cef8a18b746fbdcc07bc4542d7738acb3d63ddb60476c4221b66050f1b75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:05 GMT
x-oss-request-id
64D98F552612B03133113F14
Content-MD5
pDT0akUlRpdKoQJpsWtJ4g==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1445
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"A434F46A452546974AA10269B16B49E2"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
6763026662344783930
x-oss-server-time
1
emoji_64@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_64@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
30873b8a565ad9aeea50e05ba692ee342c1846991cf8825d0bf78db716195b1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F56732F663535DEEF04
Content-MD5
XsITXCMHP+xhCkME/1HacQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1334
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"5EC2135C23073FEC610A4304FF51DA71"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
8093956703116619538
x-oss-server-time
1
emoji_65@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_65@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
8de8fdcb40b055a32be5615fd94ef0b22e3f53127a34f45275090a08388917fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F561A83213239870210
Content-MD5
jfjhlLCOG81UP1a6O2w/og==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1960
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"8DF8E194B08E1BCD543F56BA3B6C3FA2"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16446429795095081868
x-oss-server-time
1
emoji_66@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_66@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
650e7969805ce8b5fb5068fca79dc3254a2fedf180a2c610a8c273359bc1f6ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F5681477F3734E8AFD9
Content-MD5
xOeVynZ/mM6UC53MCh4yNA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1445
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"C4E795CA767F98CE940B9DCC0A1E3234"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
5969846313730997963
x-oss-server-time
1
emoji_67@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_67@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
62fc4947d8a1b4fe9e8d9b1c62b7d5ee2fd6eb02a64902c8fe362995ec53d53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F562612B03133773F14
Content-MD5
uRd9quwMF15Rd+fOKoSTZw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2083
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"B9177DAAEC0C175E5177E7CE2A849367"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
17620759574594276350
x-oss-server-time
1
emoji_68@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_68@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
442ab3c18242e82da9e087ae4453bab1cfba8de530a84c4fc53ee77f79803c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F56732F6635359FF004
Content-MD5
iIKVa419EYx2T7JUTS3YWg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2203
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"8882956B8D7D118C764FB2544D2DD85A"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
11769422758251240037
x-oss-server-time
0
emoji_69@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_69@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4dd25b771a29651919b74a4035c30acca072bbaf7b69bd04ad4e1f4a475a8aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F561344D13933B62010
Content-MD5
35WSfpVomDgvgHLCEXhEzQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1997
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"DF95927E956898382F8072C2117844CD"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
10688320257701437961
x-oss-server-time
1
emoji_70@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_70@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e188ceb893e2c2acc650931eecf54f0d71124d6783d03a7102faf527e4cf5687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F5681477F3734AAB1D9
Content-MD5
/Dd3p1oB4QdStB7HgnRetA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2095
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"FC3777A75A01E10752B41EC782745EB4"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13771385030421522479
x-oss-server-time
2
emoji_88@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_88@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9af4dd4e8b0e4a6ad4b4bcd03951678a684b6f3b03266e144e6f69b91a34a1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F561A832132391F0310
Content-MD5
+CdVg5xbmkTdTa0+VT/llg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1054
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"F82755839C5B9A44DD4DAD3E553FE596"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
15974618930009826546
x-oss-server-time
1
emoji_104@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_104@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
2b5c778f31699c76bf4f543d78159cf98b4b65c2ffde40795508d818aedd7143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F562612B03133F93F14
Content-MD5
X0TG9YHIJAY2bGy85pbolg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1807
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"5F44C6F581C82406366C6CBCE696E896"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
10765284933702806822
x-oss-server-time
1
emoji_105@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_105@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c61174650ddc3122db4a52e31f221fe68d9baa22bfcdeefbe2c1b41049852a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F56732F6635354FF104
Content-MD5
ZDpaxziEoTyDlZ7Kqs5lZw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2079
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"643A5AC73884A13C83959ECAAACE6567"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
5139460216513437247
x-oss-server-time
2
emoji_111@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_111@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d9a26825d0571733057f2cdc5070df1182fe5aa54fa616d891eaf51459f7d422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F561A83213239B90310
Content-MD5
YdJr/XxoT4z0fISPqbHTTg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1600
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"61D26BFD7C684F8CF47C848FA9B1D34E"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
12454539255813743368
x-oss-server-time
1
emoji_113@2x.png
kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/ Frame EEA2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kehongnetwork.oss-cn-shenzhen.aliyuncs.com/yingyuchat/face/qqface/emoji_113@2x.png
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.77.166.57 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
2f57e3ed13d5f32e9c7582f63d2d6919c342621f0a5615fc4f6c83c5b350f30b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 14 Aug 2023 02:20:06 GMT
x-oss-request-id
64D98F568A5A143932133606
Content-MD5
mT2j2vFujAmVaDCkKhQKhQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2082
x-oss-object-type
Normal
Last-Modified
Mon, 28 Feb 2022 10:31:04 GMT
Server
AliyunOSS
ETag
"993DA3DAF16E8C09956830A42A140A85"
Content-Type
image/png
x-oss-ec
0048-00000103
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
15681615294063265030
x-oss-server-time
1
logo.png
img.list68.cn/2023/bbc/ 		733 KB
734 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/bbc/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
92db0d69c514c7ed3f15f3ff8c899acc42bf7f2d1336481a3b27d0e9c0f7db83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:1933;BOOTS-PROXY:1934;BOOTS-PROXY:1935;BOOTS-PIPE:1936;BOOTS-PROXY:1937;BOOTS-PROXY:1938;X-Log;FUSIONGATE:1944;DORA-PROXY:1946
date
Mon, 14 Aug 2023 02:20:03 GMT
x-svr
IO
age
1375496
x-reqid
Z5xEKjnTF
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
750345
x-m-reqid
bGZZ5lVHO
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-11;QNM3:1
server
openresty
etag
"AJq4i8y_rmZu5Y9Ld2fGQTrwUYK_"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
365.png
img.list68.cn/2023/bwu.edu.pl/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/bwu.edu.pl/365.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
3c3e1e29c02b1c02ae5e8f2f0fe4f9ffbffbe4c9131d3f97873064af0488f33e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:722;BOOTS-PROXY:723;BOOTS-PROXY:724;BOOTS-PIPE:725;BOOTS-PROXY:725;BOOTS-PROXY:726;X-Log;FUSIONGATE:733;DORA-PROXY:734
date
Mon, 14 Aug 2023 02:20:03 GMT
x-svr
IO
age
2223653
x-reqid
2qx7Qaokt
content-transfer-encoding
binary
content-disposition
inline; filename="365.png"; filename*=utf-8''365.png
content-length
285241
x-m-reqid
UwIHICARh
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-4;QNM3
server
openresty
etag
"AEdzFJ-vIYYvRXdzpnfMUHdb-yvU"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
logo.png
img.list68.cn/2023/xiaomi/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/xiaomi/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
438ecd49972c7e32500f40258f48bf66beade677a9c015dac30f96c325acf7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:324;BOOTS-PROXY:324;BOOTS-PROXY:325;BOOTS-PIPE:325;BOOTS-PROXY:325;BOOTS-PROXY:326;X-Log;FUSIONGATE:331;DORA-PROXY:331
date
Mon, 14 Aug 2023 02:20:03 GMT
x-svr
IO
age
2456341
x-reqid
LqJ76nED2
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
157718
x-m-reqid
dysXME7QG
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-11;QNM3:3
server
openresty
etag
"AB4xUIWYSs7rNiWJng0I-lEA9Lqx"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
logo.png
img.list68.cn/2023/live2d/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.list68.cn/2023/live2d/logo.png
Requested by
Host: www.edumails.cn
URL: https://www.edumails.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:940:e006:4:0:5:0:a , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
937c9c69e487b45a39823806fc18d9c74587d4959cff9f0f8474b17b92fbe4ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.edumails.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-log
X-Log;IMAGESLIM:617;BOOTS-PROXY:618;BOOTS-PROXY:618;BOOTS-PIPE:657;BOOTS-PROXY:658;BOOTS-PROXY:659;X-Log;FUSIONGATE:664;DORA-PROXY:665
date
Mon, 14 Aug 2023 02:20:03 GMT
x-svr
IO
age
208510
x-reqid
j9Zi1NCgg
content-transfer-encoding
binary
content-disposition
inline; filename="logo.png"; filename*=utf-8''logo.png
content-length
406930
x-m-reqid
dptPBtpRM
x-m-log
QNM:cdn-cache-dls-hbsjz-sjz-7;QNM3:2
server
openresty
etag
"APNpvD37IG4c_2WLTKqF-TvC6Cz0"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
1
x-qnm-cache
Hit
x-slim-origin
0
hm.gif
hm.baidu.com/ Frame EEA2 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=0&et=0&ja=0&ln=en-us&lo=0&rnd=744174133&si=82938760e00806c6c57adee91f39aa5e&su=https%3A%2F%2Fwww.edumails.cn%2F&v=1.3.0&lv=1&sn=62508&r=0&ww=0&u=https%3A%2F%2Fwww.yingyuchat.com%2FchatIndex%3Fkefu_id%3Dedumail123%26layopen%3D2%26dialogcolor%3Dundefined%26dialogfontcolor%3Dundefined%26lang%3Dcn%26refer%3DEDU%25E6%2595%2599%25E8%2582%25B2%25E7%25BD%2591%25E9%2582%25AE%25E7%25AE%25B1%25E6%25B3%25A8%25E5%2586%258C%25E7%2594%25B3%25E8%25AF%25B7-EDU%25E6%2595%2599%25E8%2582%25B2%25E7%25BD%2591%25E9%2582%25AE%25E7%25AE%25B1%25E5%25AE%2598%25E6%2596%25B9%25E8%25B5%2584%25E8%25AE%25AF%25E5%25B9%25B3%25E5%258F%25B0%26url%3Dhttps%253A%252F%252Fwww.edumails.cn%252F%26ent_id%3D6376%26inrefer%3D%25E6%2597%25A0&tt=%E5%9C%A8%E7%BA%BF%E5%AE%A2%E6%9C%8D
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yingyuchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Aug 2023 02:20:03 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
messages_page
www.yingyuchat.com/2/ Frame EEA2 		87 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/2/messages_page?pagesize=5&ent_id=6376&page=1&visitor_id=09653f49-262f-466f-b8a1-62b9c1b0084f
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
224026cb96d262bb7a196891546b3d5a332589a94d3e68557fe19747ef8543a7

Request headers

Accept
*/*
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:03 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Length, X-CSRF-Token, Token,session
content-length
87
autoreply
www.yingyuchat.com/ Frame EEA2 		37 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/autoreply?ent_id=6376
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
f2924d43c535726c9c50e7e10569f865abaff71fbd346890d90d66a3ac4e7713

Request headers

Accept
*/*
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:03 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Length, X-CSRF-Token, Token,session
content-length
37
c1b2646b5a111fcbe458bfa095af7898.jpg
img.yingyuchat.com/img/2023July/edumail123/2023July/ Frame EEA2 		0
0
notice
www.yingyuchat.com/ Frame EEA2 		745 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/notice?ent_id=6376&kefu_id=edumail123
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
3cf3456b2f970fda2f30c45ce9404710e8aacdcd296c7f456f8cfc1c41488dba

Request headers

Accept
*/*
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 02:20:03 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Length, X-CSRF-Token, Token,session
content-length
745
all
csm.eu.criteo.net/ Frame 0FAB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=FHlGCMRg5hgT99BU2g9csoQ-V8uHfzTBmPe-_6MMfEHSg1X_1PFDAHa-W8irTszDY4dUvsbNnSjG4Crr4QUoukhIgu2zCPDscNpUTIN7qJiFbcJQgfcGg-SidKHyptSFOQ-YCcJvx4G5X9c4MzXOGCoo_8TTQXuKOoQDfk2J54aWaeCwHZJRswwVOlZSA2c6jmO3X1apwX-Fh2KfPgoWONmnMDOJ3uBDqbHQBD3ZGYXoyAAee7vTOU5lhgJvsR5J8Zb_2A&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZNmPTAAA6g8K5gDyAA-G9Yg2C9dMWfSv0rL7Yg&u=%7CIfWD1IXn9S5sbNJRDo5ztep7O%2B50Idx30amW5n06YO0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi63yJd6UDtiaVRgSShcczuR77YZvcO1GVD0I-9Lu8JI_jk9GBArUCjdB5Ua11zaqbrB-KWotLWIX2XisGAsdP1Gc7q-z-B0ZMSuWlTiQwN-Vy5vFlviKHjlZKLU2XxmpIGYCTvza_CPRBOGDAMWOIY_pRtiRsTXr6uEzPqiO35aMXMTiFR7q8dyPO2PWW0gU9fKN6MF4pZykifsaxjG3dB_WvB0UgeFEEBCFKezG9N6Ure2rvAmnyAOU27lb0kMwR99hwhf1wVCJmlUhuWz8Xf5SfzWwfja0g5TS5PHZRB1O5vlDrLOjmyQu9YJlVW4wPlCf-wc8RFMKhgXK8Cv3jehxeu3rVEXN3O03_3CeP9wsBPcw0kI34QNHJ0RrStVyc0TwWkxxwsSzSuSzg1W1fG8bAFIYMJc84PJDqf2on4WaGJDLjA1f4mjxXNmaBExaFb-Rw1CpcnsazEU8Qj6sIB49CS-pePYJtOwNmMkfdf-ayn2IBKB1UmGZhfZqNcdAEnf15LMO8K3stOdzpQVVZT6HpUqi9qSaWStuWthtyp6Zfblz0_eg-SyqJCDsFxI7lA25Y75j2IpxAZ9etojNB25I&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr6e9TI_ZZI_UA_KBmAf1jb7YC8me0rFc9dqW93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItMjM3NTk3Mzk5MDAyMzg3M8gBCakCqD1f4W5esj6oAwHIAwKqBNQBT9AIoXB8csNZUnMp61076cG5fAfgEifZbQoKapDJy7i_vpw1mcTysGVbmKkLAgVJIOFkpHY_B-_Nqvrnf5WSaIfoV1TcDcBsDdlR63r___x0scmiJN94oNbP-cCwywbt_rGuX2L08p_wGzk7dx8MgVbF-vyVV-lQ5ZDzZcdsDT9qD4KtKGCiGkhzapPmOHD-Ca7CuApZWg_rBhdzJOYnshkCGuKZmQqFepJPXhN6hSX8XAEhZLALMRpGQ16yRyGms-NCmmVV6_fXRyaRTUZ0HG260riABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3kf7fgIo2YTCXXFdWuPLZAFPjQAQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 14 Aug 2023 02:20:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
message_notice
www.yingyuchat.com/2/ Frame EEA2 		264 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/2/message_notice
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/static/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b7abba6b6eddc450341b99ac3cf2d97e35ad7bdd66c9dd5f9b18f28835ef8bc1

Request headers

Accept
*/*
Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 14 Aug 2023 02:20:05 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE,UPDATE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Length, X-CSRF-Token, Token,session
content-length
264
c1b2646b5a111fcbe458bfa095af7898.jpg
img.yingyuchat.com/img/2023July/edumail123/2023July/ Frame EEA2 		0
0
alert2.ogg
www.yingyuchat.com/static/images/ Frame EEA2 		14 KB
14 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.yingyuchat.com/static/images/alert2.ogg
Requested by
Host: www.yingyuchat.com
URL: https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
112.74.188.50 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
2c786cdbb61c6d28301121fe03c9ce151353b30517b3529e3ec81b5531fe9e98

Request headers

Referer
https://www.yingyuchat.com/chatIndex?kefu_id=edumail123&layopen=2&dialogcolor=undefined&dialogfontcolor=undefined&lang=cn&refer=EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E6%B3%A8%E5%86%8C%E7%94%B3%E8%AF%B7-EDU%E6%95%99%E8%82%B2%E7%BD%91%E9%82%AE%E7%AE%B1%E5%AE%98%E6%96%B9%E8%B5%84%E8%AE%AF%E5%B9%B3%E5%8F%B0&url=https%3A%2F%2Fwww.edumails.cn%2F&ent_id=6376&inrefer=%E6%97%A0
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-14279/14280
date
Mon, 14 Aug 2023 02:20:06 GMT
cache-control
no-cache
last-modified
Wed, 15 Sep 2021 08:28:27 GMT
server
nginx
Content-Length
14280
content-type
audio/ogg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.yingyuchat.com
URL
https://img.yingyuchat.com/img/2023July/edumail123/2023July/c1b2646b5a111fcbe458bfa095af7898.jpg
Domain
img.yingyuchat.com
URL
https://img.yingyuchat.com/img/2023July/edumail123/2023July/c1b2646b5a111fcbe458bfa095af7898.jpg

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| advanced_ads_ready object| advanced_ads_ready_queue function| addLink object| _hmt object| TBUI object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery function| tbquirejs function| tbquire function| tbfine object| QAPress_js function| notice function| comments_list object| timer object| wp function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp number| google_lpabyc function| Swiper object| googletag function| yywarblerjquery object| WARBLER function| clickwToSmallImg function| showorginbigpic function| towBigImg function| zoomPage boolean| _bdhm_loaded_911ff1035540bbb86890f5769c5b0352 object| mini_tangram_log_fibmxi function| getBaseUrl function| getWsBaseUrl function| notify number| focusems number| titleTimer number| titleNum string| originTitle function| flashTitle function| clearFlashTitle object| emojiCodeMap string| emojiUrl object| emojiMap object| emojiName object| faceTitles function| placeFace function| removeHtmlTags function| replaceContent function| replacedemourllinkContent function| chatpagereplaceContent function| keepLastIndex function| moveEnd function| replaceSpecialTag function| chatpagereplaceSpecialTag function| Big function| clickToSmallImg function| replaceImgSrc function| urlToBase64 function| replaceImgSrcAsync function| purlToBase64 function| showbigpic function| getTimeString function| loadbigpic function| toBigImg function| kefutoBigImg function| imgShow function| bigPic function| dynamicLoadJs function| ifisIe function| filter function| sleep function| ReplaceChina function| checkLang function| getQuery function| utf8ToB64 function| b64ToUtf8 function| setLocalStorage function| addCookie function| addYyCookie function| getCookie function| getLocalStorage object| imgs function| getTop function| lazyLoad function| loadImage function| image2Canvas function| canvas2DataUrl function| dataUrl2Image function| dateTableFormat function| dateTableKefuListFormat function| dateTableTimeFormat function| dateTableListFormatTs function| dateprechattimeTableListFormatTs function| dateTableListFormatTsNy function| dateTableListFormatC function| dateTableListFormatC2 function| messagecount function| dateAnaTableListFormatTs function| dateTableKefuListUpdateFormat function| dateTableKefuListEndFormat function| dateTableKefuListWebEndFormat function| dateTableKefuListWebEndFirefoxFormat function| padStart function| dateFormat function| getDay function| doHandleMonth function| safe_add function| rol function| cmn function| ff function| gg function| hh function| ii function| coreMD5 function| binl2hex function| binl2b64 function| str2binl function| strw2binl function| hexMD5 function| hexMD5w function| b64MD5 function| b64MD5w function| calcMD5 object| lcs boolean| __TencentCaptchaExists__ boolean| TCaptchaGlobal string| AqSCodeCapDomain string| AqSCodeCdnDomain boolean| TCaptchaPreload function| TencentCaptcha function| TCapMsg function| AqSCode object| laykfui object| kflayer object| jQuery1124013926391827465778 object| patterns object| metaChars

32 Cookies

Domain/Path Name / Value
.edumails.cn/ Name: __gads
Value: ID=17dd39639fd1cf57-227e3b714fde00b2:T=1691979596:RT=1691979596:S=ALNI_MZ-f8G29m9F1GiG6rsVZAoZsHJhmQ
.edumails.cn/ Name: __gpi
Value: UID=00000c5fdb378cce:T=1691979596:RT=1691979596:S=ALNI_MYJLiI_MIlyyI-MXZdOTXZOo4ZqKA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: E5BE4824455D6E5B
.adfarm1.adition.com/ Name: UserID1
Value: 7266997034621139084
.doubleclick.net/ Name: IDE
Value: AHWqTUkYq4pii3j0lZX94FSvEUp205ILquEf1Gjy61Jv2Jx28iz9l8-E2_aafJkcp3s
.w55c.net/ Name: wfivefivec
Value: TTCBBIrR1Qvnbv5
.turn.com/ Name: uid
Value: 7369015098146834657
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 1828627787093734783
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A878D9C4-0869-4CF6-93E9-A8DE04684A11%22%7D
.simpli.fi/ Name: suid
Value: FF300C439CDF4E39ACB40DB3D3CC4FA1
.edumails.cn/ Name: Hm_lvt_911ff1035540bbb86890f5769c5b0352
Value: 1691979598
.edumails.cn/ Name: Hm_lpvt_911ff1035540bbb86890f5769c5b0352
Value: 1691979598
.quantserve.com/ Name: d
Value: EGsBCQHaKYEA
.quantserve.com/ Name: mc
Value: 64d98f4e-073b6-e5a61-79e0f
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A878D9C4-0869-4CF6-93E9-A8DE04684A11%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBE6P2WQCEBwb_a_tVcFs-ND8cCbxkZ0FEgEBAQHg2mTjZAAAAAAA_eMAAA&S=AQAAAt-AiF3uFjMNMRCXCXUB0Pw
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZNmPTgAAAC9y4ABV
.ctnsnet.com/ Name: cid_4c00fd0cbd594dfb81b66bc89d748a25
Value: 1
.ctnsnet.com/ Name: gid_CAESEA1JhE9Je3VYxUfhcPMwF1I
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aFnt6ZarZcAQ9BqEr72it9ZcJdj0hkiMScOCji1ZcEtTeBHHEESSGA1TIt5DHO2UGwvRZa5h05wqWiZc4MyF4sTpZbcjMSbD3bQ
.mathtag.com/ Name: mt_mop
Value: 4:1691979599
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi6BLe5c1Ndb71c46vNvNPiHhSbD0TOYn4smdsKPngLWT1wlrA
.awin1.com/ Name: AWSESS
Value: 365825:2531885
.awin1.com/ Name: awpv14702
Value: 412871|1691979598|10e375f0-3a49-11ee-9f65-22389f6b057d
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MTk3OTU5OHZsZWExZGUyMDIzMDgxNDA0MTk1ODg3ODY2MTkwMTIxWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWR4MnFGUWZBZjN4RVNQSGRIenRRdFJSZ2M3UzZUS0QxQ0I5YnpvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTI4X1dFQkdBSU5TTU9TVExZMTE3Njc5
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023081404195887866190121X117679V1226132702MSviewoneidx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bzoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY5MTk3OTU5OHZsZWExZGUyMDIzMDgxNDA0MTk1ODg3ODY2MTkwMTIxWDExNzY3OVYxMjI2MTMyNzAyT
www.edumails.cn/ Name: visitor_notice_6376
Value: 1

13 Console Messages

Source Level URL
Text
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://as.ad4m.at/ad/dr?ed=1g3k83tht687vb174e491v22nrcy7ze57yrvb9jkspmn0tqa6av3wwfa4w0x2793710mz9rdys9jwtxdbd618akv16vmdvg6g4y37xtzzn7w3td1jdszkc0ry84g0j546qpg6wmzs4xcs3th7jdze6deywy4g8qf8q9md4ebc9e2k98nt1m9qbchkhyhsdnjrswtgzq0k0cawkrkadqj2g6qvd02f63n8w7rpg9bz90xnpga029xjfc5xghnzhm30z3hj59c7zvxwzk2c69f2wc2afhr2ztz46wz93fdpmcseq6ka2p4b9359p3y9dnx9151xb8tay5bhj27qs3dkbgf34sh9a6gdprh097pyghyw9086dkqptsq8djpkpgphkqhezt5cys262f60qx2rzdy6vwjptgtsyq295ydcq1xx4q0sh8wre99apqxa7r14sd3tcj1h42g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%26client%3Dca-pub-2375973990023873%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1h73fvtjamcm3k01nab4fnmchdddb7r6ntc6r9h614v8wxqg1rjmmqdmytnfg3n3yjj7v3xk6tpzs2nygngbyavcqf5tmahjke406chy0azj32szm4fhtzm0dxdzzs8tdzxpcdhd0gzbm6mhre9n3ar7hbkkze29cq9g3jed6gnjmffb24scn896x52rtzcm40f19mzvctq6f724sgb1rhj6vz0m74aw7hngsxn21s1czvgk2yk6sy0ms13dgxwvvdakz92edj3t0q2959ggv76yx3kwjmp69s9g86ym7g5n076p7g4kh4dxca57ezt7nqrhgtcpkb6xpyk3p3cbn2gtkk96rd3e5a94t4aewnp5s51az56rtszp2dsyxnm5jck3rer7vx4ze5c1jc68dfrjdbcmb4yg8wjmxta36jmxwy0dv4spgtae63ygmh5t56p8e2tnzy7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%26client%3Dca-pub-2375973990023873%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=175059%2C19877%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2Cx2qFQfAf3xESPHdHztQtRRgc7S6TKD1CB9bz%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CYpYarf3fYm5SVH9HetgCRR8ckS1TdWACJ53b%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=01fcb02e36fbcb1d86c5f9879c1186f1%2F15569617641406028707&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598311&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=175059%2C195016%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CdqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2CKgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=300&d=250&e=&g=bc6354ce77968dad56690cbcb0826a3c%2F3439641662403014710&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691979598313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%2526client%253Dca-pub-2375973990023873%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network error URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jygx7eatjzsj4zbyh310bbkrqzvn0gwxdzc0n6990rnfxmwqhfrm7q136d9dfczqgwmvagx5bj9wd1vphgapb5jqn94wt447kvvxvs4rngce9g7n67gt6q0twtf5wgwcfydjnff8fmx5cpn5wz5q0v7gzzby5xbzge7b7mw2jd8jbg8r1a3d0mvzzs35mfhjsyvv98cte649553454pcyfxkr5909g24dj84qznhyxfc6cxgvdmxjft77w12s94erxg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0zqfmqkc2ar2mzhx1taj1t03ex7yarkqxy1tv06kc1jnqacvpx4sd7s69d0c3mdrcb9h6b0hx2s0xgsn28661yk6mxpj7dm3xx8jarrxtnf8ake96ksww04953kvjbavb07xw5n6ydd9dw78tx4rtyb6x592mvwx6j29yy893yeyzt4nzyh1m655z7crsyd0jccdymjmnh2xqnrx26pehjrr8t3hd0s0b786tw04qcqmy34xckvgz4wt6gtbvybqrt258p30wtcrj272drervkx4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCIzejTI_ZZN-SLKGtxdwPiqOmCJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QevBF5wnr6WyZXlHtkcvUOVe3Fu67IpdE_FlN-meoCkJHfWrVyNtfF9KiV3GzmDi5EeqEZVmAKsS9KAa8bPYmB8nrCFm8wsIVVMw0EbgFtGckEB8ZQCBVLirB9YZoCiKee6-HP5jhbL7_bUSKNLDzeAnwjOFMeoXsBeXnOMsnOj-HOGhFTrpfJ5v2i0XARjG38ESx0qoW4sXqki2PshN5KMzbBA-pFlRX8Fc-8MtToK2AYOrty6Ogfj4ZQFCCREzYOjTdlnJB-pW4A9626EzsYO2ShW2InV6ABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2_jh8GwpYLN3K5pLqkt071f5LPRQ%252526client%25253Dca-pub-2375973990023873%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g6jjb00061bpjq18r5yhbwc39vn6y77z2g9c24mpeykme55f5ez1f6h5nxbyqebkkawz96prrayvak237pw04710w762yn4zghjkhnp5sgk9y9r2t3vddfvx6dpeqf0zxa43q5dt10kfk7jz2zf6xtjbq3gtc4wat6td7vfxzhwedhnrg4en5xnnv35e2c2epraa52cfp60s4mkxg0z2ewajaxcgzht3z9hv563gbqccje565cz87e7ywz1z4awxe0jy%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ktsv5e6pszqhf1tt9vasj0ge0zymb7ce460r6g98s80cr6b895vcez4y57tpkstsxsk1dnv5d1nrz356yv7eyvkycqp08y2tdtby9ayr7xrc66x6gyvhhq4d0j07qqnmxdwx52v4q7gzcqxdhjpreh0d0d5b21m1zcjjzm2vm6yygcaf6cdftqtjt40kjr9bhjh7vs5zt8darckt293kjtce4agtejghz2fks7fpxh5kyzrm4f6srn9kx8565ffb70yp2v5y9m07dngw5kbrzt4nr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_tPcTI_ZZJPKLKOZxdwP4MWxGJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTIzNzU5NzM5OTAwMjM4NzPIAQmpAqg9X-FuXrI-qAMByAMCqgTZAU_QdiWP0LLfn0ANXGFPHxbgfcMCVZk1tcoBObPLh4bcg7tq7NiJYpZoav1OWAqqzfMzuIiqD52UZJ9aAybvNCqIz1aVUfABhp12Yj7-nQ4LYBNce9ITUuYCCBlaWrjshf-zOenIOmqRJjck-iT1cAdMoGkAhN2PVVYVGA8Utd0izkU4A9Yszkg8yuJxGBR3N5_XPVObcJXBiSfeIHjAF6x8tq5Ajqk3gp2rns3aEtICXEdt1aeL2KFsdKCFcbUhzdh5hF48pdE1rNMTkx531U2lG4suToztIeOABtyHrq-QxZTacqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2o20qVJAG560RkEl6p1Qn48r5gLw%252526client%25253Dca-pub-2375973990023873%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
captcha.gtimg.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
hm.baidu.com
imageproxy.eu.criteo.net
img.list68.cn
img.yingyuchat.com
kehongnetwork.oss-cn-shenzhen.aliyuncs.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
secure.gravatar.com
ssl.captcha.qq.com
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tam.cdn-go.cn
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.edumails.cn
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.yingyuchat.com
x.bidswitch.net
img.yingyuchat.com
103.235.46.191
104.102.45.165
112.74.188.50
120.77.166.57
142.250.184.194
142.250.185.130
142.250.185.70
15.197.193.217
150.138.39.137
151.101.2.49
167.233.13.224
178.250.1.6
178.250.7.11
185.29.132.245
2001:678:cb4:bbbb::11
23.35.237.56
2409:8c54:1040:9::120
240e:940:e006:4:0:5:0:a
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2004
2a00:1450:4001:803::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::13
2a02:2638:d::c
2a02:fa8:8806:12::1400
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3602:f10a:ace:7b5b:36c
3.122.199.127
3.125.222.20
35.177.233.254
35.186.193.173
35.190.0.66
35.204.158.49
37.157.3.26
43.152.26.197
49.51.224.111
51.38.120.206
84.200.5.215
85.114.159.118
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0412354adfbdf46cc72f1c7ed9b81b57ced8e93ea5644f968202017894e7f19c
05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a55cd532d530b32a718ffa4feaaec7437dc21cc567ed3dc6e4a39df5b0403c9
0b53c5aeaf32664239fa9feeee2dbf5d3a6ae81251694ad727745a6aa2360aa0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
12028871057d027cc662daa797118c7ad4e9c16083c9dc6e3c4ffe77eaf02fb5
12f875607a19eab38744b3ce2e1a7a25051e3e31b8dc1f6ca9aa5a65c92874b9
16e26fd89f72daf23d01e8ec98e816eae20e94ed827856c55d7dc2916b0c3909
16e4ba31eba31fb5119634a555c012f1733397fdca714207976d00f0c4a67b72
177ec7f61c4d96a6c7f17672e6ec7ca651e7ec169afd771df5ca91df490907eb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1933657c21788ad185a3a7d94e94e92f14fc03bed6e6d55abc30115932978815
1a1dffccbc87b343d835a43d1312a9d284ddab64a2fdf17bc60b7359f1ce3321
1c8ca55b35a56205ca7aad436341b3ebed9fe786402b8709a29d98e72461138b
1cbe93123392943ac6342efaad490e238d52bd7ada7bd0c0ff1219f6589f87fb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1eab2862e80780854c00126c432aa75b71cbd66f64725f2314361794b85ca835
224026cb96d262bb7a196891546b3d5a332589a94d3e68557fe19747ef8543a7
235718aaec8d9d1c4eb17df41c323be460c3d55a18c9a91f177abb76a604a53d
270082ef41c4f6675d6c7007b9b3dd26003531c75d62ec0d70fd1fd8022068cd
2902900dfe115af0a53cc225241370eabccd4f81d545b3b8a2aaad3ecfb30db0
2967a3d18973ffd6ecbc78b2328f04721572d3b40b6e18d673e2047ac9a98161
2b5c778f31699c76bf4f543d78159cf98b4b65c2ffde40795508d818aedd7143
2c23a5d7b6a807b4f93769dc58e3246df2ff810d2ea30c07529f5a533d4fb813
2c31ec325f09dde09677274d87d1c55ff0a0ddee72fe16b4616ba23263e6cbd7
2c786cdbb61c6d28301121fe03c9ce151353b30517b3529e3ec81b5531fe9e98
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f57e3ed13d5f32e9c7582f63d2d6919c342621f0a5615fc4f6c83c5b350f30b
306e708cb9501327670df844d7ef530183377e4ad18f33a1566340155bb54d92
30873b8a565ad9aeea50e05ba692ee342c1846991cf8825d0bf78db716195b1e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34424598867aa65a5c3b3a1c46ab17539e152f934549056ee145ef7471f239e5
367464d49fc1a9c5cd69bc47fbbac0e5b12de0ede0c578b3b4aa1ebcd80ee3f2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c3e1e29c02b1c02ae5e8f2f0fe4f9ffbffbe4c9131d3f97873064af0488f33e
3cf3456b2f970fda2f30c45ce9404710e8aacdcd296c7f456f8cfc1c41488dba
3df6de3d7fa4dcf2256244f1891c553a1df4d0d50c15b2290919536da02fb170
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
42d681b5f02d2dabf923cbae61fc345c20de79978e81facb76bff8ce48be9b0f
43232b375bdb0b736ec48f46223f9aec1a7fc987300dfb871734e4ca8efbb4a6
43360f25f7fd7c931e85d94b4e29dac41904cdf472993279e5901f4257199662
438ecd49972c7e32500f40258f48bf66beade677a9c015dac30f96c325acf7ab
442ab3c18242e82da9e087ae4453bab1cfba8de530a84c4fc53ee77f79803c93
4576653c32a1124e0f1cef8995767a2e75dcb97852f7db9eec8691bcdacf8597
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ef5c8ed0d39070574d491746eeb41e2610e6e1f791cb4f68cb60e95fd30694
493bc4f35c3ae08375b2cfab371846d2b42e7d2247a62a16817399c7dc4bd466
4aeb83c0cdfe7e54adf7eb5340f4ec89d9a45c0686de5058657c8581a5a838da
4b1957c6f36b3d710ee116fe8bd840d38b92332e6ca19fcd4c70eb0bd1d25bbc
4dc1e99d07640dcec705790315e2f13b1156c5c80ad28803297b39d38d50b6ef
4dd25b771a29651919b74a4035c30acca072bbaf7b69bd04ad4e1f4a475a8aaa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
525cef8a18b746fbdcc07bc4542d7738acb3d63ddb60476c4221b66050f1b75f
52ae0a9aca7816e867061b46c10da11fa1f7c3c2da81f8eab533dbebf764f135
52da3b43712f9b1c872003b37bb4be42e623f429e9a0fe4cb3b5f6a2a97799a5
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d
53fd038bdf6ed297c93ab55b44d2daf87f37b068b244208ab05f38c529f6ced6
54676e6d05bae49cbe7aebcae49b260e838a2fec9c37d02eb33b691591febcd1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5542bd3f018b86258868c048acf34f1550eeb2f27c7a3d61cb19bff735f8605b
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5
56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71
5ba8a44c192bf4c1574f1cb702b9284c538930087c723f48da1a070c3e311060
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
605005ec1e99b3cf7e3ead4114a411439897a476ac704e1ddf23b6451b355393
6070c6110f8c5332e72fed3afaa520220db808bee8f1d0bc1e7b2f12b53a3ce2
60dbe421a600a50b5ed5555c5b5bba8e53caac12a108cc6aecdf8f3410fcbaae
615b5aa81912c298d45080aa6cf8affef989937edd41d4721c3109608f604930
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
62db587b3c42a521778d5d66f7014c0eb57bad14295d724d424dacffa1b5f0b5
62fc4947d8a1b4fe9e8d9b1c62b7d5ee2fd6eb02a64902c8fe362995ec53d53d
646ff3ee7a025e07cfe396ca407064026a62b616b210c55563486cb06dc4297c
64bc22c1ca1b3fcc2826914d64301e8f1b997c935c07d7fc6798e86d889b9b1a
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
650e7969805ce8b5fb5068fca79dc3254a2fedf180a2c610a8c273359bc1f6ec
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
684f15ef6c3ce1033fb89f1a467dffec537b4d3b6b76793a4bc7d8ec7565a410
6982fdede29570144239731ac5ef6943223353eebfc788e6813bb35a6241883f
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6b320720004b62b418ffdd97f0e559316c1e5a57fd2fe2245b8a1431aeb3afcf
6e48acc96d18ca7523d753e2c22735c29e773cb56cb3e3cdfe54067b361bc63b
7255ac0ac369e228a0784ee195d701c0044263efe955a8cd58a996c928bcd19f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
778af4ba34e05e9dce92d432047da33d1d13bee10e04c76a593c8305b241f307
791203fee69a9613e4f337149e5cc74c64999c9ce6bc19e9cca64fa5aaa8236a
7a7bdba64fa839119e62681bc2b34b1d123a518eb177bf66f5cbf2484e53b383
7b016d52f088b0a59dce32faecd32958e9cde6d75abd089111cdde83685efd41
7c6380e9985c8e4982f41f8dba64d6b1c4a7997d0aa635d9f4bb7643ab815248
7f19405980c558c957f5b861030341d42383e9a6a2482819621bf6523a41df88
7f5c8350567104e96dc8fc70cc8049b19f7faf07e0964acd8aed12aa07af9c8c
800f98691dab466c8441ac8ea7fdcf8211b3a60f0d0cabc86b2c063f2feed852
8063de02b49387d289bb253707500ae50eff9ee461c35e97d90ac5c61681d78d
82ec0f1dd1f7c9e5a2c25a5cdd291b3fa4722ba003ec225992cfa067f7225765
8413bb52682fc3331c4c3bdae1537f421e613ffaf9790e5ed5baa085194edba7
8438ad9201ec2d6834ac773b6f01a6884f74348ff8c65ef13a727c88ad1b5f2e
871f68480c1f8bcd4a4ba3807c21b55d967f77609828191b8abd4e39fe2a7725
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17
89e1bc9eb96caebf29bcddaf06becb68f444faa6183e6382d57aa0ca72967f07
8acf30cd0791e8fa39aae48d97cd3b6d71c20bfdad2f13265d8d3dba992867fd
8b1ebb4ac4db72ae3a86dd59135c3cb1466dae2930db579e9afff4d3256740a5
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de8fdcb40b055a32be5615fd94ef0b22e3f53127a34f45275090a08388917fd
8e306ee93097b3853758faf84b071b65242f73d17bb890059d07891ed91ceb61
8ec27218a62f8c0f88295765360da8ce151823dab3f014a3da181a5398bbcd9e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90d2205f1a5e38583c2671c7194e948a832fd7ab4f3a18a9644e372ed62e61a6
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92db0d69c514c7ed3f15f3ff8c899acc42bf7f2d1336481a3b27d0e9c0f7db83
937c9c69e487b45a39823806fc18d9c74587d4959cff9f0f8474b17b92fbe4ad
95fdda23a705cdc3889c5391a9da40037ef0c00de7f8003024eacc902c9bcc30
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af4dd4e8b0e4a6ad4b4bcd03951678a684b6f3b03266e144e6f69b91a34a1ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a11f6194fc0494d7851d807cbd56cbb748f54e38faf245218bf2be6c4776a45e
a27081a215b719163e28a0a91f27baa4f92b00db98a61759be6d96fe34467fbe
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2c162c6665b162a14402bb85691357b92a7d61fd21e8c3a52c14d212947f337
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3c9c08d043dbda5e88727b37f4847ecad4243c7ba768e8a6312d60c8e6146cd
a5f5d6ce6d4c44834c1820d9b69f7894edbe398345162438a198a17f9f856a94
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7ee1a92010322c6ba06ad1769bb2f6fcda5b4969677dc6efe2ec0ed32eb5e8a
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
a9441ced4d055172796757bd9fe430373a22871206c5d6cf7ad53fcbcb69bcf1
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
a96a708798be8bc0bdcf8a18e51a56e5cb3ed5d01c50dc7e4664411bd08596ae
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8850b81948ad9b9420aba1398695a8bf279d39bce2bf7a14168576a12f3edf
aee3757d527819580fb523a50c93fa9bda00f8238844a4d79c1c5c37ce2a4104
af7cce67e215cac3ffa2558de8ee8158b33a51a08fd07985863d36a6dbb19e65
b06b1925b2b68bb0573a2504978711b7f23ece0370b454f044676fbe5c8ad2a8
b07df23697cf1de3e1d1f592726c3615683f688748f98ba6047b58b793db8c6e
b62e812c33d1bebd89d62889be73b76ad9f40c7d410eb3ab870803aa9c7d4816
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
b7abba6b6eddc450341b99ac3cf2d97e35ad7bdd66c9dd5f9b18f28835ef8bc1
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bad1c96b215238310d50ec76d40e862e41424779d7d74a1ac708ca28c40ea62f
bbc3f1f126d058423a9315641efbe40f0e85a23fccc9f63890fff56ab10578ff
bd81f93661b676fa6a7b3d1a56387dab9bf296eb02e8a88747340301a2f8830b
bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09
c1a85c65cbfa0f7eb6cc2aa3f8def24ccd34621915230a83a69e17e2cf53ad5f
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c34cfbaaab089d3084733f1874dd554af4eb8f850b727232180db5828dfc6699
c4ac6564d57b5245ce9c39afed781c43a51897f91aacc3a753d202e615dcd99a
c61174650ddc3122db4a52e31f221fe68d9baa22bfcdeefbe2c1b41049852a3a
c7a429e9c99b672aea4e65ce1284fee227f3d51f5019709846739de0d357680b
c85785b7d535905a50d441e982daa1333674e62924772b4ae5bc502ef47e98b4
cadf66d0cc5f8593a7ab58766ae932a4b49121ef075b8dc176ca51bbf640e8db
cc49effa73378d7f10747fb819e24965c38f783adbbc2246bd833f56600daa88
cd21c21244bc3b23ca256a4b8ecb51d3572618a7d3250ead9c65a2502030a00f
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cec5973fbaf1f79188fd106396a7e2572885e34b4ec287e382b3a1eb3b12d3ef
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d197ed3a2ed24e5cd226218b4bf80aefd2e7cfb9fafa63d0a1cb0f1054a00109
d2880c3ec9ed4180826d6be7f1cded7559a0718c5d3cbd2f5eee3076e3a8699e
d7c60b914e9ec5daa9c70c7ddcab2ab1ce5f80df03d8d1c7d08ebb92f821a3a9
d8f416d1eaba66983deb862a842a1d11d7e94df04a0222900b3519c201495e43
d9a26825d0571733057f2cdc5070df1182fe5aa54fa616d891eaf51459f7d422
dd26dc0ba98277ba6a29a3ff3b785fae04720bcdf0f955afe1012d78d802cfb8
de7fd2c63b6895afe9cb50a6904a48d7aebe535e4c4833c07b7a6882c8632c41
df7859f3a26b13b71058413c49ec8fdcee956f99405c790219ebc7da93cf87c1
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1877d5407f1e450fe72aa5ac10e5e2208a1e8bb3c9faa19164e0c77d3946451
e188ceb893e2c2acc650931eecf54f0d71124d6783d03a7102faf527e4cf5687
e18f6a7c2d05889a7f2b3ce54cda384cf39404abb214dab450253037e57af2b5
e2a4fe27251e9804ca30c7035f20284ae1b8e1f5b2c8bdf4c00d2a49f7b343d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c5f8607fe8e8f7fbbbb7d70dc55920ee45d5472ae0cded45890a49c966c8da
e5643343b540ad3319b62dc95149945a275b9c89cde19c5dcb377ef66ed27f69
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58dea6eb770c2ca421681d396d1238e8ae5cf836827815f6139857d48b4da6a
e8a7ca0472134b046f8de7b0e4f6acbba3f02408643e48b568ed30b35fb7f535
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e9b5d69b4091e858f636abe1011988f1df46930fb4ecc68520e228e7d2d9aee1
eb6fd2a2516074e6d64ab1a389b6d473cca43556bd4eace445b74da5ed9f6243
ec212dd130b218b5216b181848f836e476f89aa36f7925c8f07bdc2f64330e7d
ec23f1afe8b266700e76e4a2f14b4003e50828e5e85e7e29b27f2259ebec1775
ec9df5098ac435f84283cb5867fbcde0cd730de3a0a488e81d3293a1df2b5191
ee38f44a6b53caa917e98b07096e396d15cfefbc55ebdb543c85cec8085e45f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef73275cc4315120438d0603c951e7e95b073be2826522230b5c7f081718e8b9
f2924d43c535726c9c50e7e10569f865abaff71fbd346890d90d66a3ac4e7713
f2b773dbb6411f1a7180a1aad604dbb30d0de8a73d79aaa9d406596623612219
f31e465fb35136b2c3f7b0536a0a9e53de6ba909cba8ec3a71e96b3ac2efa160
f3382cc987cf2705fc70304ad01fee4a41a1dceeff0045d50b87e9cdc99294fe
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c24d681529bb22ddbfa56a5a52dee1ab4f499365589f4d9fef1d04b9b22fba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f9da9fdc75d27da69760815e397be92fb3def8a714b72185a1d9ed9c2d67429d
faafee9ef0ce2cc001b7b48e76bd55ae1c75280a3402c45093cad12fbb155499
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e