www.haoqq.com Open in urlscan Pro
47.238.94.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.rhcw.com/
Effective URL:
https://www.haoqq.com/
Submission: On October 06 via api (October 6th 2024, 2:07:26 pm UTC) from US — Scanned from US

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 60 HTTP transactions. The main IP is 47.238.94.14, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is www.haoqq.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on August 2nd 2023. Valid for: a year.

This is the only time www.haoqq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
23	47.238.94.14 47.238.94.14	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
6	2607:f8b0:400... 2607:f8b0:400d:c1d::9c	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c07::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:400d:c1d::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0c::93	15169 (GOOGLE) (GOOGLE)
60	8

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.rhcw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 47.238.94.14 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

www.haoqq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c1d::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4006:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c1d::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0c::93 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	haoqq.com www.haoqq.com	336 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	75 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	305 KB
4	gstatic.com csi.gstatic.com	629 B
1	rhcw.com 1 redirects www.rhcw.com	298 B
60	6

	Domain	Requested by
23	www.haoqq.com	www.haoqq.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	www.haoqq.com pagead2.googlesyndication.com
4	csi.gstatic.com	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.rhcw.com	1 redirects
60	8

This site contains no links.

Subject Issuer	Validity	Valid
www.haoqq.com Encryption Everywhere DV TLS CA - G1	`2023-08-02` - `2024-08-02`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.haoqq.com/
Frame ID: A5F9B86FC130673025B3B8D90045E825
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: 2A3697BA0FE921DF78525705F6942E52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1673399160710718&output=html&adk=1812271804&adf=1573534164&abgtt=6&lmt=1728223641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.haoqq.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223641452&bpp=17&bdt=1643&idt=480&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6089476063017&rume=1&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fsapi=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=516
Frame ID: 222525E440F771706574DF795A026253
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1673399160710718&output=html&h=280&slotname=5424108534&adk=3166978744&adf=3025194257&pi=t.ma~as.5424108534&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223641&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223641469&bpp=2&bdt=1661&idt=520&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=530
Frame ID: 8AF5A6258BA4F044803AEA22F1C8DD19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1673399160710718&output=html&h=280&adk=1372774384&adf=2093333325&pi=t.aa~a.1534192126~rp.1&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223642&rafmt=1&to=qs&pwprc=7942162476&format=1110x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223641471&bpp=1&bdt=1663&idt=540&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=543
Frame ID: CC5B04037FE6AE2772AEBD2C5227ED53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1673399160710718&output=html&h=280&adk=1372774384&adf=762615228&pi=t.aa~a.1534192126~rp.1&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223643&rafmt=1&to=qs&pwprc=7942162476&format=1110x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223643186&bpp=1&bdt=3377&idt=-M&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33048acf9258a62f%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_MbqfQVPl8SWi-dO52MOGDGUW0xGCg&gpic=UID%3D00000f25bb0c39dd%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_Mbff_ifLLhE0bSDX8FwNV1_buKIBg&eo_id_str=ID%3D2ebfc68c7d89d111%3AT%3D1728223642%3ART%3D1728223642%3AS%3DAA-Afjb8voovqlbmimZ0updfzXwD&prev_fmts=0x0%2C1200x280%2C1110x280&nras=3&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&psts=AOrYGskNSiXgi8IQgwUtaILC02PgVrkwhTOWfSKjz4MNFBI_RLGUIwD0xoDdCGc_BMsq7K8aACrmE6mmSef8w5xpbOB3R4a3&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=214
Frame ID: 228C68C8A99AD8C3A4A6916A0DB35619
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1673399160710718&output=html&h=280&adk=1234807076&adf=462808026&pi=t.aa~a.1836389361~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223643&rafmt=1&to=qs&pwprc=7942162476&format=1200x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223643186&bpp=1&bdt=3378&idt=-M&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33048acf9258a62f%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_MbqfQVPl8SWi-dO52MOGDGUW0xGCg&gpic=UID%3D00000f25bb0c39dd%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_Mbff_ifLLhE0bSDX8FwNV1_buKIBg&eo_id_str=ID%3D2ebfc68c7d89d111%3AT%3D1728223642%3ART%3D1728223642%3AS%3DAA-Afjb8voovqlbmimZ0updfzXwD&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=4&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&psts=AOrYGskNSiXgi8IQgwUtaILC02PgVrkwhTOWfSKjz4MNFBI_RLGUIwD0xoDdCGc_BMsq7K8aACrmE6mmSef8w5xpbOB3R4a3&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=218
Frame ID: 0025FC4B4D95CFD237D726FABEF1D014
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1673399160710718&output=html&h=280&adk=1905944345&adf=397776184&pi=t.aa~a.1089127196~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223643&rafmt=1&to=qs&pwprc=7942162476&format=1200x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223643186&bpp=1&bdt=3377&idt=-M&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33048acf9258a62f%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_MbqfQVPl8SWi-dO52MOGDGUW0xGCg&gpic=UID%3D00000f25bb0c39dd%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_Mbff_ifLLhE0bSDX8FwNV1_buKIBg&eo_id_str=ID%3D2ebfc68c7d89d111%3AT%3D1728223642%3ART%3D1728223642%3AS%3DAA-Afjb8voovqlbmimZ0updfzXwD&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&psts=AOrYGskNSiXgi8IQgwUtaILC02PgVrkwhTOWfSKjz4MNFBI_RLGUIwD0xoDdCGc_BMsq7K8aACrmE6mmSef8w5xpbOB3R4a3&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=222
Frame ID: 9EDAB5B547DC3926C600C9389E913DEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: C556A683C8C89E813037DA59DD7214A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: 32109AC8D7D492552082C9D30AC1AF0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: 845181F0BD6983E492F69AFD45F86A9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html
Frame ID: CEB6E3521473DA23E1508BABA14009C8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 8DC59586A43E615E3BB97C7945A58B16
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 200B4624CF238ED214C2B57946BBCABB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home-haoqq AI Tools & Websites

Page URL History Show full URLs

https://www.rhcw.com/ HTTP 301
https://www.haoqq.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

60 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

717 kB
Transfer

2131 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.rhcw.com/ HTTP 301
https://www.haoqq.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.haoqq.com/
Redirect Chain

https://www.rhcw.com/
https://www.haoqq.com/

28 KB
5 KB

1515ms
457ms

Document
text/html

47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 / PHP/5.6.30
Resource Hash: e5353247d3a12615925570cb7bc86fca057d8eb22c95ce38f4901952655e16a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 06 Oct 2024 14:07:19 GMT
Server: nginx/1.15.8
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.30

Redirect headers

Connection: close
Content-Length: 56
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Oct 2024 14:07:18 GMT
Location: https://www.haoqq.com
Server: ip-10-123-124-250.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 0b246ab2-d1d0-409f-8962-55b1c79e5270

GET
H/1.1 200
OK plugins.css
www.haoqq.com/pages/assets/css/ 388 KB
59 KB 468ms
466ms Stylesheet
text/css 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/css/plugins.css
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: a8f56c719c331c83b307d473cdc064075142471a40ebfc19dbdb61c8c11955b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb763-610b6"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:19 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Aug 2023 09:16:19 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK styles.css
www.haoqq.com/pages/assets/css/ 119 KB
24 KB 1134ms
648ms Stylesheet
text/css 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/css/styles.css
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: c1e5abc7001a1f99b6877fb04478b8c5f873de2760f25071bc9476bdfd468c7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb763-1daa2"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Aug 2023 09:16:19 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK haoqq.gif
www.haoqq.com/images/ 7 KB
8 KB 935ms
430ms Image
image/gif 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.haoqq.com/images/haoqq.gif
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 3429b93321ac7da1e7d328ede43b8cd6256d09da98a7bddbb6b732d577828c41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Cache-Control: max-age=259200
ETag: "5c186d74-1d22"
Connection: keep-alive
Expires: Wed, 09 Oct 2024 14:07:20 GMT
Accept-Ranges: bytes
Content-Length: 7458
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: image/gif
Last-Modified: Tue, 18 Dec 2018 03:45:56 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK magento.svg
www.haoqq.com/pages/assets/picture/ 1 KB
2 KB 965ms
458ms Image
image/svg+xml 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.haoqq.com/pages/assets/picture/magento.svg
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: d3a5256de789546cadd13b79db8c0f5456aa2d19119b3430e65afc93d67d0727

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

ETag: "64edb768-5e6"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1510
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 29 Aug 2023 09:16:24 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK prestashop.png
www.haoqq.com/pages/assets/picture/ 16 KB
16 KB 1130ms
646ms Image
image/png 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.haoqq.com/pages/assets/picture/prestashop.png
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: b06fb375116b664d35dc139e10576af275caac40f6194dde898c613183b93401

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Cache-Control: max-age=259200
ETag: "64edb768-3e67"
Connection: keep-alive
Expires: Wed, 09 Oct 2024 14:07:20 GMT
Accept-Ranges: bytes
Content-Length: 15975
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: image/png
Last-Modified: Tue, 29 Aug 2023 09:16:24 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK wordpress.svg
www.haoqq.com/pages/assets/picture/ 3 KB
3 KB 873ms
225ms Image
image/svg+xml 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.haoqq.com/pages/assets/picture/wordpress.svg
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: e23925fee789ec5cb82900e7d0eb5d248ffe06062112ca0cfc5096aa353dfc03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

ETag: "64edb76b-b43"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2883
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 29 Aug 2023 09:16:27 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK shopify.svg
www.haoqq.com/pages/assets/picture/ 3 KB
3 KB 234ms
233ms Image
image/svg+xml 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.haoqq.com/pages/assets/picture/shopify.svg
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 5650739297f482bdbd7d77ba6a7a5b29c5f37edfb79ca0e7e63ee9300980f744

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

ETag: "64edb767-c60"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3168
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 29 Aug 2023 09:16:23 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK jquery.min.js Show response
www.haoqq.com/pages/assets/js/ 95 KB
33 KB 911ms
449ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/jquery.min.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 81d77468dd28594f573a472039e9345154d19ba643f469837ad39fc29c06ea61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb764-17d98"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 29 Aug 2023 09:16:20 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK popper.min.js Show response
www.haoqq.com/pages/assets/js/ 19 KB
7 KB 236ms
235ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/popper.min.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 8804537c9324bc7658e99d4d0095580cd9cda1ee992b7b78647a83115dd6c55f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb764-4a33"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 29 Aug 2023 09:16:20 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK bootstrap.min.js Show response
www.haoqq.com/pages/assets/js/ 62 KB
15 KB 245ms
244ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/bootstrap.min.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb764-f7eb"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 29 Aug 2023 09:16:20 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK select2.min.js Show response
www.haoqq.com/pages/assets/js/ 65 KB
17 KB 465ms
465ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/select2.min.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 16a8dfa193e5026a6e382b1c5aa59a326724e385b18625f182a51dc61c3b14be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb763-104f5"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:20 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 29 Aug 2023 09:16:19 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK owl.carousel.min.js Show response
www.haoqq.com/pages/assets/js/ 43 KB
11 KB 228ms
228ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/owl.carousel.min.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb764-ad36"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 29 Aug 2023 09:16:20 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK ion.rangeSlider.min.js Show response
www.haoqq.com/pages/assets/js/ 40 KB
9 KB 246ms
246ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/ion.rangeSlider.min.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: f99c9435edaa8c15f8250bdc194488a6ab4a914961b9632377778858b557df98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb764-a085"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 29 Aug 2023 09:16:20 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK counterup.min.js Show response
www.haoqq.com/pages/assets/js/ 10 KB
4 KB 234ms
233ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/counterup.min.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 6296b540f340cace3c75b276f905ce7fb4bbf045682d291c8a5a7f55f63f4b70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb764-276d"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 29 Aug 2023 09:16:20 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK custom.js Show response
www.haoqq.com/pages/assets/js/ 10 KB
3 KB 229ms
229ms Script
application/javascript 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/js/custom.js
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: f3000557f2bbbf6dbfe3fd781bfe0944565cb14bba67873a02554a29afcf30e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"660b91f7-2679"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: application/javascript; charset=utf8
Last-Modified: Tue, 02 Apr 2024 05:04:55 GMT
Server: nginx/1.15.8

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 295ms
111ms Script
text/javascript 2607:f8b0:400d:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1673399160710718

Requested by

Host: www.haoqq.com
URL: https://www.haoqq.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

881674856c712886788e2923525ff9d7c27646ad89073147e17fe1ea17ec1c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.haoqq.com
Referer: https://www.haoqq.com/

Response headers

content-encoding: br
etag: 15424876308729999086
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 14:07:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 06 Oct 2024 14:07:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52890
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK css2.css
www.haoqq.com/pages/assets/css/ 4 KB
673 B 246ms
228ms Stylesheet
text/css 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/css/css2.css
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/pages/assets/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: b31717f91df558a1f42ed3124b7cdfac53490bfb7e0084ad128665fd5836ca89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/pages/assets/css/styles.css

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb763-11b2"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Aug 2023 09:16:19 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK css.css
www.haoqq.com/pages/assets/css/ 4 KB
769 B 258ms
225ms Stylesheet
text/css 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/css/css.css
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/pages/assets/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 3d31e2a313492b48a94e1f3a42e0029819b841e4c80697f88b959aa32b6b7dad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/pages/assets/css/styles.css

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb763-ee2"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Aug 2023 09:16:19 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK css1.css
www.haoqq.com/pages/assets/css/ 3 KB
665 B 286ms
232ms Stylesheet
text/css 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/css/css1.css
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/pages/assets/css/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 973d053a0f43dcbf20a102ee5272fb1c6b877920e8efbbd5c35de0ededebc0ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/pages/assets/css/styles.css

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"64edb763-dd8"
Connection: keep-alive
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: text/css
Last-Modified: Tue, 29 Aug 2023 09:16:19 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK 7Auwp_0qiz-afTLGLQ.woff2
www.haoqq.com/pages/assets/fonts/ 30 KB
31 KB 254ms
253ms Font
application/octet-stream 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/fonts/7Auwp_0qiz-afTLGLQ.woff2
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/pages/assets/css/css1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.haoqq.com
Referer: https://www.haoqq.com/pages/assets/css/css1.css

Response headers

ETag: "64edb76c-79dc"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31196
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Aug 2023 09:16:28 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK 92zatBhPNqw73oTd4g.woff2
www.haoqq.com/pages/assets/fonts/ 26 KB
26 KB 261ms
260ms Font
application/octet-stream 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/fonts/92zatBhPNqw73oTd4g.woff2
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/pages/assets/css/css2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.haoqq.com
Referer: https://www.haoqq.com/pages/assets/css/css2.css

Response headers

ETag: "64edb76d-66c0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26304
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Aug 2023 09:16:29 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK themify.woff
www.haoqq.com/pages/assets/fonts/ 55 KB
55 KB 254ms
254ms Font
application/font-woff 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/pages/assets/fonts/themify.woff
Requested by: Host: www.haoqq.com
URL: https://www.haoqq.com/pages/assets/css/plugins.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.haoqq.com
Referer: https://www.haoqq.com/pages/assets/css/plugins.css

Response headers

ETag: "64edb76d-db2c"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56108
Date: Sun, 06 Oct 2024 14:07:21 GMT
Content-Type: application/font-woff
Last-Modified: Tue, 29 Aug 2023 09:16:29 GMT
Server: nginx/1.15.8

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ 409 KB
136 KB 232ms
114ms Script
text/javascript 2607:f8b0:400d:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1673399160710718

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f0c1c75abab267719743985edc745ac22ade7424e2a2845daf4bf22d632efe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: br
etag: 7584041240252173519
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 14:07:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 06 Oct 2024 14:07:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 139466
x-xss-protection: 0
server: cafe

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241001/r20190131/ 57 KB
22 KB 41ms
41ms Script
text/javascript 2607:f8b0:400d:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241001/r20190131/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

638fa2af8e7c4f80757559604080b883a4d9ad6cf0041ed4244953627cdf4089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: br
etag: 8245670343760552415
age: 45384
x-content-type-options: nosniff
expires: Sun, 20 Oct 2024 01:30:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 06 Oct 2024 01:30:57 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 22350
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame 2A36 0
0 141ms
34ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 5763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 12:31:19 GMT
etag: 13108003645644964576
expires: Sun, 20 Oct 2024 12:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2225 0
0 847ms
761ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1673399160710718&output=html&adk=1812271804&adf=1573534164&abgtt=6&lmt=1728223641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fwww.haoqq.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223641452&bpp=17&bdt=1643&idt=480&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6089476063017&rume=1&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fsapi=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=516

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 136790
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 14:07:22 GMT
expires: Sun, 06 Oct 2024 14:07:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8AF5 0
0 631ms
576ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1673399160710718&output=html&h=280&slotname=5424108534&adk=3166978744&adf=3025194257&pi=t.ma~as.5424108534&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223641&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223641469&bpp=2&bdt=1661&idt=520&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=530

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 14:07:22 GMT
expires: Sun, 06 Oct 2024 14:07:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame CC5B 0
0 643ms
603ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1673399160710718&output=html&h=280&adk=1372774384&adf=2093333325&pi=t.aa~a.1534192126~rp.1&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223642&rafmt=1&to=qs&pwprc=7942162476&format=1110x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223641471&bpp=1&bdt=1663&idt=540&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43465
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 14:07:22 GMT
expires: Sun, 06 Oct 2024 14:07:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 504ms
224ms Ping
image/gif 2a00:1450:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m1xnqgmg&c=2712387920171616&e=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY-x4gOSoECAESAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20241001/r20190131/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/ 172 KB
58 KB 105ms
105ms Script
text/javascript 2607:f8b0:400d:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95e1522e6a8ecd387288a785ef3b9dd2adb4309f7342f8b1b37467a1bc4f6e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: br
etag: 333534519020927965
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 14:07:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 06 Oct 2024 14:07:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 59115
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-1673399160710718 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 262ms
83ms Script
application/javascript 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1673399160710718?href=https%3A%2F%2Fwww.haoqq.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1b0caf5898d23ae5fdbe2cda562317b54b5798caa38d480226867a7c8cd39e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k7wt5i1tE4lSTfvi9Yt7cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:23 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXPM3ty1g03gwu1dtUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgYGxnoGxvEFBgD6zkoy"
content-security-policy: script-src 'report-sample' 'nonce-k7wt5i1tE4lSTfvi9Yt7cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 213ms
85ms XHR
text/html 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-_gR98Thnd0.es5.O/am=YDA/d=1/rs=AJlcJMxGvJyB13gpWklpuLE9iYGNouzG8Q/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nCiyqsWlwxP1dALCvZNRBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.haoqq.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:23 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII0pBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHY_bmrh1sAg0tSzuZlFyS8gvjk_PzSlLzSnQTU4p1QeyizKTSkvwiFHZqGUhFTn56emZeeryRgZGJoYGBsZ6BWXyBAQCbEC6J"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nCiyqsWlwxP1dALCvZNRBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.haoqq.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxVJ8tbdiOrBtubthMoZmd-LE-hdt5OxV3K836fF8QBDva5O5qeTp22wZfE_KsAI5MqZ8V2GYIouLXpVDMJzRLrPNbcFVgCSUExVcFsYjCHoDnLmFfYmb_us8rxfA4oKmoHj3I4Hvw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVJ8tbdiOrBtubthMoZmd-LE-hdt5OxV3K836fF8QBDva5O5qeTp22wZfE_KsAI5MqZ8V2GYIouLXpVDMJzRLrPNbcFVgCSUExVcFsYjCHoDnLmFfYmb_us8rxfA4oKmoHj3I4Hvw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MjIzNjQzLDM5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGFvcXEuY29tLyIsbnVsbCxbWzgsIi1fZ1I5OFRobmQwIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjI1M10sMSw2XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a92b9d398172e56092ed09e30aeed75590da6015b380b02c6152fe0a0c0555c8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kcZwR2rqeA_nfBG9_YCE8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:23 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XDM3ty1g01gR2vLRUYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDA2M9A-P4AgMAHXtJ1A"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kcZwR2rqeA_nfBG9_YCE8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 228C 0
0 476ms
476ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1673399160710718&output=html&h=280&adk=1372774384&adf=762615228&pi=t.aa~a.1534192126~rp.1&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223643&rafmt=1&to=qs&pwprc=7942162476&format=1110x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223643186&bpp=1&bdt=3377&idt=-M&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33048acf9258a62f%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_MbqfQVPl8SWi-dO52MOGDGUW0xGCg&gpic=UID%3D00000f25bb0c39dd%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_Mbff_ifLLhE0bSDX8FwNV1_buKIBg&eo_id_str=ID%3D2ebfc68c7d89d111%3AT%3D1728223642%3ART%3D1728223642%3AS%3DAA-Afjb8voovqlbmimZ0updfzXwD&prev_fmts=0x0%2C1200x280%2C1110x280&nras=3&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&psts=AOrYGskNSiXgi8IQgwUtaILC02PgVrkwhTOWfSKjz4MNFBI_RLGUIwD0xoDdCGc_BMsq7K8aACrmE6mmSef8w5xpbOB3R4a3&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11093
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 14:07:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0025 0
0 519ms
519ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1673399160710718&output=html&h=280&adk=1234807076&adf=462808026&pi=t.aa~a.1836389361~rp.1&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223643&rafmt=1&to=qs&pwprc=7942162476&format=1200x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223643186&bpp=1&bdt=3378&idt=-M&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33048acf9258a62f%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_MbqfQVPl8SWi-dO52MOGDGUW0xGCg&gpic=UID%3D00000f25bb0c39dd%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_Mbff_ifLLhE0bSDX8FwNV1_buKIBg&eo_id_str=ID%3D2ebfc68c7d89d111%3AT%3D1728223642%3ART%3D1728223642%3AS%3DAA-Afjb8voovqlbmimZ0updfzXwD&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=4&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&psts=AOrYGskNSiXgi8IQgwUtaILC02PgVrkwhTOWfSKjz4MNFBI_RLGUIwD0xoDdCGc_BMsq7K8aACrmE6mmSef8w5xpbOB3R4a3&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 14:07:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9EDA 0
0 472ms
472ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1673399160710718&output=html&h=280&adk=1905944345&adf=397776184&pi=t.aa~a.1089127196~rp.4&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1728223643&rafmt=1&to=qs&pwprc=7942162476&format=1200x280&url=https%3A%2F%2Fwww.haoqq.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728223643186&bpp=1&bdt=3377&idt=-M&shv=r20241001&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33048acf9258a62f%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_MbqfQVPl8SWi-dO52MOGDGUW0xGCg&gpic=UID%3D00000f25bb0c39dd%3AT%3D1728223642%3ART%3D1728223642%3AS%3DALNI_Mbff_ifLLhE0bSDX8FwNV1_buKIBg&eo_id_str=ID%3D2ebfc68c7d89d111%3AT%3D1728223642%3ART%3D1728223642%3AS%3DAA-Afjb8voovqlbmimZ0updfzXwD&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1200x280&nras=5&correlator=6089476063017&rume=1&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&oid=2&psts=AOrYGskNSiXgi8IQgwUtaILC02PgVrkwhTOWfSKjz4MNFBI_RLGUIwD0xoDdCGc_BMsq7K8aACrmE6mmSef8w5xpbOB3R4a3&pvsid=2712387920171616&tmod=611790146&uas=0&nvt=1&fc=1920&brdim=230%2C230%2C230%2C230%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=222

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11046
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 14:07:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame C556 0
0 0ms
0ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 5763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 12:31:19 GMT
etag: 13108003645644964576
expires: Sun, 20 Oct 2024 12:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame 3210 0
0 0ms
0ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 5763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 12:31:19 GMT
etag: 13108003645644964576
expires: Sun, 20 Oct 2024 12:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame 8451 0
0 0ms
0ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 5763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 12:31:19 GMT
etag: 13108003645644964576
expires: Sun, 20 Oct 2024 12:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/ Frame CEB6 0
0 0ms
0ms Document
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241001/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 5763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 12:31:19 GMT
etag: 13108003645644964576
expires: Sun, 20 Oct 2024 12:31:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ 0
57 B 130ms
129ms Ping
image/gif 2a00:1450:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~m1xnqgml&c=2712387920171616&e=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYkSogcyoECAESAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20241001/r20190131/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 200 AGSKWxX-Y9yFDf0gse078I1jJiG7D3c75B-gLbhdJ0dhPEAeNvAZOIqPN8jPS3WpB4W02E7EtSuOOgGkedHPiV49XSrxALttfR2vMcE5CvyQqKlWq5G5uT1UVG3zkGAB-nPFgoLzXOn45A== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 99ms
99ms Script
application/javascript 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX-Y9yFDf0gse078I1jJiG7D3c75B-gLbhdJ0dhPEAeNvAZOIqPN8jPS3WpB4W02E7EtSuOOgGkedHPiV49XSrxALttfR2vMcE5CvyQqKlWq5G5uT1UVG3zkGAB-nPFgoLzXOn45A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MjIzNjQzLDQ4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuLUdCIl0sImh0dHBzOi8vd3d3Lmhhb3FxLmNvbS8iLG51bGwsW1s4LCItX2dSOThUaG5kMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTNdLDEsNl0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c5f29f20275f93c3089280ca30ec2f0bc4b42fb13940045f55b8e15f14712b9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fzGLct95JYReHUT4n_5vyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:23 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XDM3ty1g03gwfPpvUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGBsZ6BsbxBQYALOlKLA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fzGLct95JYReHUT4n_5vyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 csi
csi.gstatic.com/ 0
20 B 134ms
134ms Ping
image/gif 2a00:1450:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~m1xnqhqx&c=2712387920171616&e=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&ctx=1&met.3=1000.2p1_c__1~782.2p1_d~1001.2oz_e__1~164.2pf_1~165.2oy_h~247.2pg~248.2ph~164.2ph~165.2pf_3~247.2pi~248.2pi~164.2pi~165.2pi_1~166.2of_14~1032.32b~326.32d_2~832.32h~868.32h~216.32a_7~215.32a_8~843.328_a~889.337~639.33p~1032.33w~326.33w~832.33w~868.33w~216.33w_1~215.33w_1~889.343~639.34g~1032.34h~326.34h~832.34i~868.34i~216.34h_1~215.34h_1~889.34j~639.34r~112.34u_3~246.34x_3~168.3ms~168.3ms_1~168.3ms_1~168.3mt~168.3mt~168.3mt~168.3mt~168.3mt~168.3mt~168.3mt~168.3mt~168.3mu~168.3mu~168.3mu~168.3mu_2~168.3mu_2~168.3mv~168.3mv~168.3mv~168.3mv~168.3u5~168.3u5~168.3u5~168.3u5~168.3u5~168.3u5~168.3u5~168.3u5~168.3u5~168.3u5~1244.3vh~429.3wc_1~993.3wq_5__3~992.3wv__3~994.3wv__3~991.3wp_7__3~990.3wf_g__3~353.3wd_i~453.3x0_1~754.3x2__8~995.3x2_1__8~998.3x0_3__8~453.3x3~754.3x4_2__b~995.3x3_4__b~247.3x8~248.3x9~1032.3x9~326.3xa~832.3xa~868.3xa~164.3x9_2~165.3x8_2~996.3x8_2__b~997.3x7_3__b~453.3xa~754.3xb_1__b~995.3xb_1__b~247.3xd~248.3xd~1032.3xd~326.3xe~832.3xe~868.3xe~164.3xd_1~165.3xd_1~996.3xd_1__b~997.3xc_2__b~453.3xe_1~754.3xf_1__b~995.3xf_1__b~247.3xg~248.3xg~1032.3xh~326.3xh~832.3xh~868.3xh~164.3xg_1~165.3xg_2~996.3xg_2__b~997.3xg_2__b~453.3xh~754.3xi_1__b~995.3xi_1__b~998.3x3_g__b~453.3xj~754.3xk__q~995.3xj__q~998.3xj_1__q~453.3xk~453.3xk~453.3xl~454.3xm_1~454.3xm~454.3xn~453.3xn~753.3xp~210.40z_1~1032.412~326.412~832.412~868.412~164.411_1~165.411_1~466.411_2~1032.413~326.413~832.413~868.413~164.413_1~165.412_1~466.412_1~1032.414~326.414~832.414~868.414~164.413_1~165.413_1~466.413_1~1032.415~326.415~832.415~868.415~164.415_1~165.414_1~466.414_1~522.410_5~889.471~889.476~889.479~525.47x_a~525.487_4~525.48b_2~1013.48i~525.48d_d~639.490~639.490~639.490~639.490~639.490~639.490~639.490~264.490~246.49b_1~264.49b~264.49i~264.49x~264.4ae~264.4av~264.4bb~264.4bs~264.4c8~264.4cq~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d2~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3~168.4d3_1~168.4d3~168.4d3~168.4d3~264.4d6~952.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4de~168.4df~168.4df~168.4df~168.4df~168.4df~168.4df~168.4df~168.4df~264.4ef~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4en~168.4eo~264.4ep~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4es~168.4et~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4eu~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~168.4ev~264.4f6~264.4fn~264.4g3~264.4gk~264.4h1~264.4hh~264.4hy~264.4if~264.4iv~264.4jc~264.4jt~264.4k9~264.4kq~264.4l7~264.4lp~264.4m6~264.4mm~264.4n1~264.4nj~264.4nz~264.4of~264.4ow~264.4pd~264.4pu~264.4qb~264.4qr~168.4r7~168.4r7~168.4r7~168.4r7~168.4r7~168.4r7~168.4r7~168.4r7~168.4r7~168.4r7_2~168.4r7_2~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4r9~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~168.4ra~264.4ra~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc~168.4rc_1~168.4rc_1~168.4rd~168.4rd~168.4rd~168.4rd~168.4rd~168.4rd~168.4rd&met.7=CBsQCMABhbyQ1A0~CBsQByC5DjilBcAB3a7v4QY~CBsQByC5Djj0CMABsbK_gQk~CBsQBiC5DjipB8ABvvqDoQM~CBsQBiC5DjjHB8ABwdXjhw8~CBsQBiC5DjiHB8ABq7bNhAw~CBsQBiC5DjjzCMABzZaM7gM~CBsQBiC5DjiICcABqOepbA~CBsQCiC6Dji0B8ABmMeWows~CBsQCiC6DjiXCcAB8LekkAs~CBsQCiC6DjisCcAB_d6GpQs~CBsQCiC6DjibC8ABwtK6rwU~CBsQCiC6DjjaCsAB8__jzwQ~CBsQCiC6DjjrCsAB7L2Dvwk~CBsQCiC6DjjIDMABv7Ck_Q8~CBsQCiC6DjjRDMAB9aT00gk~CAEQChgBILoOKLoOMKYROOwCQNcOSNgOUNgOWI8QYNgOaI8QcP4QeMafA4ABmp0DiAH45gmwAQG4AQPAAd6Ov5sB~CBsQAiCvFzj4AcAB3v_9xww~CBsQAiCvFziDAsABz5uSMw~CBsQAiCwFzifAsABnYiY3Qw~CBsQAiDkGTjmA8ABvsSQrAI~CBsQAiDkGTipAsABgP6B6Ak~CBsQAiDkGTjjA8ABis3T0gs~CAMQChgBIKMbKKMbMPMeONEDUKMbWJkcYKQbaJkccIsdePbDCIABysEIiAGzyBmwAQG4AQPAAeaUur0I~CBwQChgBIIcfKIcfMLQfOC1oiB9wsB94-rABgAHOrgGIAYPJA7ABAbgBA8ABr6XTqw4~CCgQBRgBII4fKI4fMKMgOJUBUJQfWP8fYJQfaP8fcKEgeMUigAGZIIgBx0awAQG4AQPAAZO9j_EF~CBsQARgBIOQfKOQfMIokOKcEwAGkoPylBw~CAUQBRgBIMcfKMcfMMEkOPoEaIAgcMAkeL0FgAGRA4gByQawAQG4AQPAAZDHsvAI~CAUQBRgBINYfKNYfMO4kOJgFaIAgcNskePXVAoABydMCiAHqgAiwAQG4AQPAAZDHsvAI~CAUQBRgBIKgfKKgfML0mOJUHaIAgcPkleIKvCIAB1qwIiAGp8CawAQG4AQPAAZDHsvAI~CBwQChgBIL0nKL0nMN0oOKABaL0ncKUoeJfQA4AB680DiAGn3wqwAQG4AQPAAY2h3sIG~CD8QChgBIMgnKMgnMIwqOMQCQMknSMonUMonWPsoYNInaPsocM0peMSEBIABmIIEiAHgvAywAQG4AQPAAd6fh_IN~CCgQBRgBIN4qKN4qMOIqOARo4Cpw4CqAAZkgiAHHRrABAbgBAcABk72P8QU~CD8QChgBIL0qKL0qMPwqOD9ovipw-ip4hw6AAdsLiAHQFrABAbgBA8AB5aKHCA~CD8QDRgBIKAqKKAqMPYrONYBwAHuo7KlDw~CCgQBRgBIOkqKOkqMO0qOAVo7Cpw7CqAAZkgiAHHRrABAbgBAcABk72P8QU~CD8QChgBIJUrKJUrMIIsOG1olitw-Ct47SaAAcEkiAHXULABAbgBA8ABiYj43QQ~CCgQBRgBIOwqKOwqMPQqOAho8ypw8yqAAZkgiAHHRrABAbgBAcABk72P8QU~CCgQBRgBIO4qKO4qMPcqOApo9ypw9yqAAZkgiAHHRrABAbgBAcABk72P8QU~CBsQARgBII8rKI8rMMUsOLYBwAGkoPylBw~CAUQBRgBIMAqKMAqMKMuOOMDaMMqcJ8ueIFZgAHVVogBpscBsAEBuAEDwAGQx7LwCA~CAUQBRgBIMgqKMgqMKsuOOMDaM0qcKUueNJYgAGmVogBl8cBsAEBuAEDwAGQx7LwCA~CAUQBRgBIMQqKMQqMNAuOIwEaMcqcM4ueIVZgAHZVogBqccBsAEBuAEDwAGQx7LwCA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20241001/r20190131/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H3 200 adtech- Show response
fundingchoicesmessages.google.com/f/AGSKWxXpWH-A9tq3hODG8v2P5L7575fh5GIbroOSv41Fcsx2DEa-7JcyNzeLYdrpy10ayMuEZegwD77mF5UPlPsgfpuZSssrEcsmTw4oSuXfT2Wq5Dixv4L8p_9TzLm4xYsVfIyXB0UFbXQkx0NH7_XcdEgvUfV1C... 54 B
109 B 57ms
56ms Script
application/javascript 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXpWH-A9tq3hODG8v2P5L7575fh5GIbroOSv41Fcsx2DEa-7JcyNzeLYdrpy10ayMuEZegwD77mF5UPlPsgfpuZSssrEcsmTw4oSuXfT2Wq5Dixv4L8p_9TzLm4xYsVfIyXB0UFbXQkx0NH7_XcdEgvUfV1CdIjaHPOJhjKwJGmGMLhqB9TVvsS-2qQ/_/your_ad./ad/popup./adtext./ad/login-/adtech-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.-_gR98Thnd0.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxmXCJcODJi8Pq8Xva10XTL9veYdw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21f44a4d124743bd6535c3c5fbd13d26c4de4d1ee62bf7e86b8ef0feab465fe0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kSLTQsQJAha9jOxxLzEtcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmII1JBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRALcXPM2dy1g03gweWLhUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgYGxnoGxvEFBgD9v0pF"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kSLTQsQJAha9jOxxLzEtcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 49 KB
18 KB 40ms
40ms Script
text/javascript 2607:f8b0:400d:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e12f1aad0c4d33c880faf28fc0cf72a04a32f235de77f905c2d4c469a4404c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: br
etag: 1325291330799780963
age: 3482
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 14:09:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 06 Oct 2024 13:09:22 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 18702
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XKK2ciKuA7p2ptU3bDhubQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.haoqq.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIibY87mrh1sAjMu3ylQcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBgbGegZm8QUGAKk1Lwg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XKK2ciKuA7p2ptU3bDhubQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.haoqq.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 56ms
54ms XHR
text/html 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OyuCjkdDQMX5iWpWXHLO4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.haoqq.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1ZBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHY87mrh1sAhc-93UyKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQwMDYz0Ds_gCAwDJuS8s"
content-security-policy: script-src 'report-sample' 'nonce-OyuCjkdDQMX5iWpWXHLO4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.haoqq.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
69ms XHR
text/html 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2ULwBPDurX5jLxSYhAmSDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.haoqq.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHY87mrh1sAgcWTprGqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MjPUMzOILDAC08S7h"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2ULwBPDurX5jLxSYhAmSDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.haoqq.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 84ms
82ms XHR
text/html 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cJ9u1qUakilc4HclufE-4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.haoqq.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1pBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHY87mrh1sAju-XpnDqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MjPUMzOILDADfYy91"
content-security-policy: script-src 'report-sample' 'nonce-cJ9u1qUakilc4HclufE-4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.haoqq.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUijon9vJt1FIfnhB2DmSgjA9yqpJ81vDE9uADl0qHc7VqZfJOnvPg8dKeWLEG7RjwjCbuW8e9vLK41HNa9vF8-r-zTun6vnyJtqEoBuYRgjU4LOvTUC_9y8Zcmo3cfA5usynf7YA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
64ms Script
application/javascript 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUijon9vJt1FIfnhB2DmSgjA9yqpJ81vDE9uADl0qHc7VqZfJOnvPg8dKeWLEG7RjwjCbuW8e9vLK41HNa9vF8-r-zTun6vnyJtqEoBuYRgjU4LOvTUC_9y8Zcmo3cfA5usynf7YA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI4MjIzNjQ0LDI2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuaGFvcXEuY29tLyIsbnVsbCxbWzgsIi1fZ1I5OFRobmQwIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjI1M10sMSw2XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60e0c110493ac1e12f78ee1f84c74ee99e02ff03a429d8f09c197f731d14e570

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XFiQO08iL-wx1SMWp8NQAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B2JDhUus9kDsWHSJ1ROIVXsusRoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYGIL7ddIX1MRAL8XDM2dy1g03gRduLSYxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGBsZ6BsbxBQYAMs5KMw"
content-security-policy: script-src 'report-sample' 'nonce-XFiQO08iL-wx1SMWp8NQAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV7VPTAZHjvV3K4TSUvDTbsQ8CSbKeBil7mhSHFGK7CYHdWJxguwYeyELBci9ctRQiiubuJYbjF_G4AlQmg5zxduh-uLo8BIihU446JyFDq3Y5osGWODbs53f3Ygkv9nrUfLkemKw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
52ms XHR
text/html 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV7VPTAZHjvV3K4TSUvDTbsQ8CSbKeBil7mhSHFGK7CYHdWJxguwYeyELBci9ctRQiiubuJYbjF_G4AlQmg5zxduh-uLo8BIihU446JyFDq3Y5osGWODbs53f3Ygkv9nrUfLkemKw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fm0283iqEJNA1E_ydBR8yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.haoqq.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHY87mrh1sAisaVqxnVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmhgYGxnoGZvEFBgCqpS7I"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fm0283iqEJNA1E_ydBR8yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.haoqq.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
78ms XHR
text/html 2607:f8b0:400d:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4AmVNNihmdxqHtH3R_bis1su0Opn-gViVWlIQNSiei65KC_31ycDU-gCY-KijjgrMF0ZdHOb9eVVYjnMx_P_FoxCqpJTT4vAwNw-Ht2F2UqNfk68Ywgf8OPYo7n49bJwOOes6Dw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::8b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GcEuxoc3MEXcw3IjXaXedw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.haoqq.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoExO5aF1n9gfjrnkusf4F478dLrEeBWIiHY87mrh1sAiumft_DqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDA0MjPUMzOILDADK5i85"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GcEuxoc3MEXcw3IjXaXedw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.haoqq.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 99ms
99ms XHR
application/json 2607:f8b0:400d:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241001&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff641a0434e37aea979d069b66859808fc987a2223288bc2fb9d38f468894c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12965
date: Sun, 06 Oct 2024 14:07:24 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK favicon.ico
www.haoqq.com/ 4 KB
4 KB 240ms
240ms Other
image/x-icon 47.238.94.14
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.haoqq.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.238.94.14 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 657e0802283791aa819d39dbcf9bc773cfe13c523bb05a2532684501b95b4519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

ETag: "59cf072b-10be"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4286
Date: Sun, 06 Oct 2024 14:07:24 GMT
Content-Type: image/x-icon
Last-Modified: Sat, 30 Sep 2017 02:53:31 GMT
Server: nginx/1.15.8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 159ms
60ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 06 Oct 2024 14:07:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:24 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 8DC5 0
0 45ms
44ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 13:54:36 GMT
expires: Sun, 06 Oct 2024 14:44:36 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 200B 0
0 79ms
78ms Document
text/html 2607:f8b0:400d:c0c::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0c::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UMWUbV4Zyt-bnGBLFTVe1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haoqq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UMWUbV4Zyt-bnGBLFTVe1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 14:07:24 GMT
expires: Sun, 06 Oct 2024 14:07:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H3 204 csi
csi.gstatic.com/ 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=4~m1xnqi90&c=2712387920171616&e=44759876%2C44759927%2C44759842%2C44798934%2C95338242%2C95343328%2C31061691%2C31061693&ctx=1&met.3=168.4re~168.4re~168.4re~168.4re~168.4re~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~168.4rf~264.4ro~1228.4rr_1~273.4rr_1~168.4rw~168.4rw~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx~168.4rx_2~168.4rx_2~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4rz~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~168.4s0~264.4s7~264.4sm~264.4t3~264.4tj~264.4tz~264.4ug~1228.4up~273.4up~264.4ux~264.4vd~264.4vu~264.4wb~264.4wr~264.4x8~264.4xp~273.4xz~264.4y5~113.4ym_1~264.4yn~264.4z3~264.4zo~264.500~264.50h~264.50x~264.51e~264.51v~264.52d~264.52s~264.539~257.53s~264.53r_1~264.547&met.7=CBwQChgBIOUwKOUwMJAxOCto5TBwjDF4upQBgAGOkgGIAcaLA7ABAbgBA8ABpcr-1wg~CD8QDRgBIOUwKOUwMJgxODPAAe6jsqUP~CD8QChgBIOQwKOQwMJ8xODrAAcCgmbYN~CBsQARgBIJowKJowMKExOIcBwAGkoPylBw~CD8QDRgBIJUxKJUxMM0xODnAAe6jsqUP~CD8QChgBIKExKKExMOMxOEJoozFw4TF4yA-AAZwNiAGTGrABAbgBA8ABp8SrnQo~CD8QDRgBIKAxKKAxMOcxOEfAAe6jsqUP~CD8QDRgBIKExKKExMPYxOFXAAe6jsqUP~CBsQCDidMsABhbyQ1A0~CD8QDRgBIOcxKOcxMJwyODXAAajJiugL~CD8QDRgBIOkxKOkxMLgyOFDAAe6jsqUP~CCcQDRgBIJ0yKJ0yMIIzOGZonTJwgDN40WeAAaVliAGihgGwAQG4AQPAAfPyy64L~CBsgoTI48QHAAfrb86wJ~CCcQChgBIIUzKIUzMKY0OKIBwAHiwZvaBQ~CCcQBRgBIKk0KKk0MNo1OLABwAGIiITNAQ~CBsQBRgBIK00KK00MN01OLEBwAHPxtriAQ&met.1=1.m1xnqdhm~6.88~7.8b~8.fm~9.fm~10.11o~11.fu~12.11p~13.1ed~14.1ef~15.1fb~16.2pi~17.2pi~18.2pu~19.4yh~20.4yh~21.4yl~22.2mu~23.2mu
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20241001/r20190131/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.haoqq.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 14:07:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241001&jk=2712387920171616&bg=!OTqlOnXNAAax3igvkd47ADQBe5WfOBptYh7dQ5BQPiEFKZoGe1fdDe7JcZs6TIWdkG6wavwqPpoBOaf6u8-tI3N90GALAgAAAFxSAAAAA2gBB34ANkZta9fmVCh0Gx7yYnfbCxrb9_xZWIpYSbtkAFbBrAjKyV-8rHto3mcf1kp493m8g93x_R_6cgoAFUiiHzL-TbIQUsnpF_EUmjEtBPpcmJkCkqbNjrUjph5Ey10Q_6OM2RNruXU-zFhGz9H01P-g8XBqTW5aYJI1SgaE8_PThqqUbMhkcv0k6n8f4ISBJQXp9tP7taERvKQPBSVFa9e_2SznyuPQSjwLltvJ7XqTT912mZAOcCYxs-e_d4w5_fQCLe5gvdjUnSE9ny8GyzUMnezH_VlVx_PCda197D_IfUhoZcRib8h5bgdcHOuFN5vdH608W5BLMQxK8a5soSxKHohbMi4iGmdSF0gC45ltsDMfIHZBJX6qcSBoRPU88LMcAcKv5TZ3U6hDinAU8om78Ab_K4j63hVTkEfpNecEzLcncwpNorJdWaDvM-Id4oQHTk_B5_w2QZ-Uu1Wqjv_WSvjY1HiOQ3gmEsk7srC5liZOess8YnvtDxIoGF1ihS9AOM6Orsy6fg37mRYLJFxCcLlLmN6tTDDfhTWMFIndGffXbYlcWuDtQK0dXhZsYvYiM8Zx4J-TLHDnC83p0VETds7jPAG5LWueLx-HxWHseem6sCBeKFsokz4MFBVM2hlsYHoYEnKF4XXPeaDFtcqyKsR3dgV6tspHJ4m6KuaRPpAnGfoXA_ItMfd5TH7gO0DU4OkGmV-dC5OcctA8hZ2ecQTOMtaN7m36rgmcptFAeEmvGWP_MdFmSLAVmPdasS-WnEv_s9vwnVQS2bEh3XIo5NMq33lfFs4weQ77qGpzKASbF7fPvpcNWicGrM4LQSYCXCPY1_rC-6RvwbAu8P4UF065ta2jIBaRkMb1N0oJYefNAYXPl9MewRpR1E_2LIe-p2XFLDleB1Kb_QBAmRDr9bwRYc55MP4x0IxwZk8WhRUr-rUyFuPZ6-puobbe0iyWWaTwYTht5Y0CO8vKof1KdlKCQNs

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.haoqq.com/	1970-01-21 09:25:19	Name: __gads Value: ID=33048acf9258a62f:T=1728223642:RT=1728223642:S=ALNI_MbqfQVPl8SWi-dO52MOGDGUW0xGCg
.haoqq.com/	1970-01-21 09:25:19	Name: __gpi Value: UID=00000f25bb0c39dd:T=1728223642:RT=1728223642:S=ALNI_Mbff_ifLLhE0bSDX8FwNV1_buKIBg
.haoqq.com/	1970-01-21 04:22:55	Name: __eoi Value: ID=2ebfc68c7d89d111:T=1728223642:RT=1728223642:S=AA-Afjb8voovqlbmimZ0updfzXwD
.doubleclick.net/	1970-01-21 09:39:43	Name: IDE Value: AHWqTUkiBa2A6EfSWs3b-0iRbg92yfgf63J9VaC_-XobfgxG-S9mE-qqsHf4Byy8S-E
.googleadservices.com/	1970-01-21 02:13:19	Name: ar_debug Value: 1
.impssl.constantcontact.com/	1970-01-21 00:03:45	Name: __cf_bm Value: 3qeK6ghl3V5ydMGhPnNnMHsVeD.e7oiKjBqtZMhF9zg-1728223643-1.0.1.1-6s0_4kjEi9WJ1erwsmpXEoKkBuJjqDYsnQAceBuQqYz0dp5DyVQbpefZ21gSD8fqJGHJSGvmt.AEYC6KmR.wQw
.doubleclick.net/	1970-01-21 00:03:47	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-21 09:39:43	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 02:13:19	Name: CMPS Value: 1408
.doubleclick.net/	1970-01-21 00:46:55	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:22:55	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 08:49:19	Name: CMID Value: ZwKZm9HM54QAABqXALamNAAA
.casalemedia.com/	1970-01-21 02:13:19	Name: CMPRO Value: 1441
.haoqq.com/	1970-01-21 08:49:19	Name: FCNEC Value: %5B%5B%22AKsRol94SH1fJsSlQLl23QS8M-fmLU8XeJuhUc-aw7C0lOzqX370Idlu2ewb0PhQFerky5MNzGQbLwn5b_A0-KEMnO0Wasfoe3PYxIgJp0z-eiq1QIwDbkkr4cL85hxkhvoB7Ifc-MnCTPRo5EKf9ybJBnGDG-wm9A%3D%3D%22%5D%5D
.constantcontact.com/	1970-01-21 02:13:19	Name: impcc Value: "IMP_32200502_7016868_400066203_222089024=1728223643754\|IMP_32200502_7016868_400066227_219681217=1728223644326\|"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.haoqq.com
www.rhcw.com
pagead2.googlesyndication.com
15.197.225.128
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c17::84
2607:f8b0:400d:c0c::93
2607:f8b0:400d:c1d::8b
2607:f8b0:400d:c1d::9c
2a00:1450:4006:80c::2003
47.238.94.14
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
16a8dfa193e5026a6e382b1c5aa59a326724e385b18625f182a51dc61c3b14be
1c5f29f20275f93c3089280ca30ec2f0bc4b42fb13940045f55b8e15f14712b9
21f44a4d124743bd6535c3c5fbd13d26c4de4d1ee62bf7e86b8ef0feab465fe0
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
3429b93321ac7da1e7d328ede43b8cd6256d09da98a7bddbb6b732d577828c41
3d31e2a313492b48a94e1f3a42e0029819b841e4c80697f88b959aa32b6b7dad
4f0c1c75abab267719743985edc745ac22ade7424e2a2845daf4bf22d632efe9
5650739297f482bdbd7d77ba6a7a5b29c5f37edfb79ca0e7e63ee9300980f744
60e0c110493ac1e12f78ee1f84c74ee99e02ff03a429d8f09c197f731d14e570
6296b540f340cace3c75b276f905ce7fb4bbf045682d291c8a5a7f55f63f4b70
638fa2af8e7c4f80757559604080b883a4d9ad6cf0041ed4244953627cdf4089
657e0802283791aa819d39dbcf9bc773cfe13c523bb05a2532684501b95b4519
81d77468dd28594f573a472039e9345154d19ba643f469837ad39fc29c06ea61
8804537c9324bc7658e99d4d0095580cd9cda1ee992b7b78647a83115dd6c55f
881674856c712886788e2923525ff9d7c27646ad89073147e17fe1ea17ec1c77
95e1522e6a8ecd387288a785ef3b9dd2adb4309f7342f8b1b37467a1bc4f6e5e
973d053a0f43dcbf20a102ee5272fb1c6b877920e8efbbd5c35de0ededebc0ee
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a8f56c719c331c83b307d473cdc064075142471a40ebfc19dbdb61c8c11955b8
a92b9d398172e56092ed09e30aeed75590da6015b380b02c6152fe0a0c0555c8
b06fb375116b664d35dc139e10576af275caac40f6194dde898c613183b93401
b31717f91df558a1f42ed3124b7cdfac53490bfb7e0084ad128665fd5836ca89
c1e5abc7001a1f99b6877fb04478b8c5f873de2760f25071bc9476bdfd468c7d
d3a5256de789546cadd13b79db8c0f5456aa2d19119b3430e65afc93d67d0727
e12f1aad0c4d33c880faf28fc0cf72a04a32f235de77f905c2d4c469a4404c61
e23925fee789ec5cb82900e7d0eb5d248ffe06062112ca0cfc5096aa353dfc03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5353247d3a12615925570cb7bc86fca057d8eb22c95ce38f4901952655e16a5
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f1b0caf5898d23ae5fdbe2cda562317b54b5798caa38d480226867a7c8cd39e5
f3000557f2bbbf6dbfe3fd781bfe0944565cb14bba67873a02554a29afcf30e6
f99c9435edaa8c15f8250bdc194488a6ab4a914961b9632377778858b557df98
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ff641a0434e37aea979d069b66859808fc987a2223288bc2fb9d38f468894c01

www.haoqq.com Open in urlscan Pro 47.238.94.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

60 %HTTPS

75 %IPv6

6 Domains

8 Subdomains

8 IPs

3 Countries

717 kBTransfer

2131 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.haoqq.com Open in urlscan Pro
47.238.94.14 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

60 %
HTTPS

75 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

717 kB
Transfer

2131 kB
Size

15
Cookies

60 HTTP transactions
0 data transactions