www.openfengshui.com Open in urlscan Pro
2606:4700:3033::6815:181c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Submission: On May 18 via api (May 18th 2023, 11:57:30 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 14 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3033::6815:181c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.openfengshui.com.
TLS certificate: Issued by GTS CA 1P5 on May 13th 2023. Valid for: 3 months.

This is the only time www.openfengshui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3033::6815:181c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c16d:3d42:19c0:e699	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
58	12

12 2606:4700:3033::6815:181c (United States)

ASN13335 (CLOUDFLARENET, US)

www.openfengshui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c16d:3d42:19c0:e699 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	296 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	44 KB
12	openfengshui.com www.openfengshui.com	427 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4789	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 742 s.tribalfusion.com — Cisco Umbrella Rank: 1808	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037	698 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 729	339 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423	719 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6168	558 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470	587 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	546 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	53 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	604 B
58	14

	Domain	Requested by
16	pagead2.googlesyndication.com	www.openfengshui.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	www.openfengshui.com	www.openfengshui.com
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
58	18

This site contains links to these domains. Also see Links.

Domain
app.openfengshui.com

Subject Issuer	Validity	Valid
openfengshui.com GTS CA 1P5	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Frame ID: C589E078DF4044B5425B7050AD87BEE9
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: AEBB2C1F8A87036C79F7B2765EB9EEB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&adk=1812271804&adf=3025194257&lmt=1684453411&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454244896&bpp=4&bdt=139&idt=97&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3018249620332&frm=20&pv=2&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=126
Frame ID: 4791F800E139C45D04F15375CAE6ED77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&h=200&slotname=5114483936&adk=3652468193&adf=2966230867&pi=t.ma~as.5114483936&w=1140&lmt=1684453411&rafmt=11&format=1140x200&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454245252&bpp=2&bdt=495&idt=2&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd49dd29cdb941b91-220fd14bdddd0042%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZBEaebOwzzvw7mrR9U95UBlRih1A&gpic=UID%3D00000c1860a0018c%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZCjAzpdjB5H9ifc8QkMkWW_AsvAg&prev_fmts=0x0&nras=1&correlator=3018249620332&frm=20&pv=1&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RQ70PvDgrT&p=https%3A//www.openfengshui.com&dtd=14
Frame ID: 842866FA4DE28D22B8858F014E5906BF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2CEC68E4DA4DB72D3FA3311ADB37C32A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A0D6F8C9C4AAF0CBBAD905E98A48A074
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F089A7BD0B6198174233D6FA641BBFAB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CC776CD09C5029ECB769D5042A0E7EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: 6A36BB4F2F75D3FC439209A32C0C4486
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Feng Shui Tool

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

58
Requests

88 %
HTTPS

65 %
IPv6

14
Domains

18
Subdomains

12
IPs

4
Countries

824 kB
Transfer

2260 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://app.openfengshui.com/
Title: here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 48

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKDKyppj_8uF0oENBFD7RXs&google_cver=1&google_push=ATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKDKyppj_8uF0oENBFD7RXs&google_cver=1&google_push=ATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 49

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMt_6JL1hiddvrxBsH091lU&google_cver=1&google_push=ATf1kGMcLVsG0Dc7BYkA9xavripfIgGvjZlFWWzFEokjPkFOxzNR_ntq-6473KTRoXZAPvxcH-_uWBv88EXZg6p_8X8sREgzAPHbbN8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMt_6JL1hiddvrxBsH091lU&google_push=ATf1kGMcLVsG0Dc7BYkA9xavripfIgGvjZlFWWzFEokjPkFOxzNR_ntq-6473KTRoXZAPvxcH-_uWBv88EXZg6p_8X8sREgzAPHbbN8

Request Chain 50

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJ4NCyTEKBdz-8hrZJY12Wg&google_cver=1&google_push=ATf1kGOWKOLLdcQu2Ng7juq9TB7LTmsUijioWWSd7t_w6w9NMnXFrxi6mFadezd162wBycaRGcqceqjkLnlsJQ5uEJ-PLiHMj_9jAC0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDY3NTg5ODE4MzE4NjU4NA%3D%3D&google_push=ATf1kGOWKOLLdcQu2Ng7juq9TB7LTmsUijioWWSd7t_w6w9NMnXFrxi6mFadezd162wBycaRGcqceqjkLnlsJQ5uEJ-PLiHMj_9jAC0

Request Chain 51

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI0sA97ccGFK43oM80RV6qM&google_cver=1&google_push=ATf1kGMxxk9I-_84nNZN-1rPTURIsifBq9SmOw0L_cHQwOquC5hjuohUEM-BlwPJRtMuf8PGvjVRTb7rI7NqRtkfMTAuO0WyHeDM-vw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6RdHC_mQPim1OEitAFctQ2&google_push=ATf1kGMxxk9I-_84nNZN-1rPTURIsifBq9SmOw0L_cHQwOquC5hjuohUEM-BlwPJRtMuf8PGvjVRTb7rI7NqRtkfMTAuO0WyHeDM-vw

Request Chain 52

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDlquwG8YDOG6jOsqQAHbB0&google_cver=1&google_push=ATf1kGPuP-fWOVPSDfZJJjLqkTKCE-WuH8guJGvG6xg1QGx_IFD6LORGOznS1VLd61xY9xevyXwlWA-veGUMpsmoSGp_DCB7kuihFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPuP-fWOVPSDfZJJjLqkTKCE-WuH8guJGvG6xg1QGx_IFD6LORGOznS1VLd61xY9xevyXwlWA-veGUMpsmoSGp_DCB7kuihFA&google_hm=eS1YQTMxd2J4RTJwRlM1Q0tWSHNzQUEubHZIRGFTOU1HMH5B

Request Chain 53

https://d5p.de17a.com/cookies/google?google_gid=CAESEDNVsiRQPpL6w14DmtiAYcg&google_cver=1&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90Tf_-1lopoO8 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDNVsiRQPpL6w14DmtiAYcg&google_cver=1&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90Tf_-1lopoO8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90Tf_-1lopoO8

Request Chain 54

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKvOHp8CYWKWJ-yfuVYeKS8&google_cver=1&google_push=ATf1kGP4b78w9jir14NOATTWlxtdq4CR9bAiLRodAYBRWzMHB-X2JR9NJaUjlqucoLwaKMxJdDuY6tbdexo9f8-3n9n8sHtK1X3er_o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP4b78w9jir14NOATTWlxtdq4CR9bAiLRodAYBRWzMHB-X2JR9NJaUjlqucoLwaKMxJdDuY6tbdexo9f8-3n9n8sHtK1X3er_o

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.openfengshui.com/ 391 KB
58 KB 306ms
122ms Document
text/html 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24a2297bf22c16579081f0cbe1b51704c8e59a0e1c8e0bb67b240833866a246

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 7c980ad4fb619231-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 18 May 2023 23:57:24 GMT
expires: Fri, 19 May 2023 00:07:24 GMT
last-modified: Thu, 18 May 2023 23:43:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTj%2BpefdxzmUcc28zPAismEldwkT43r%2FI0QGk0LrtlAD6ilFsFhRkDyVxOhqXlUpUNQgGW%2BDbOgW5HPe4jsYSOmlgIg8%2FARPFzHyV0SgtUHDrKpF%2B136Jzl%2Bk9G1wlzDr0WehwpUC4ReG5c%2F3vllTedC1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: ca46002cb0cd66abba8c85e6cb733e5a163fadbe
x-github-request-id: 3ECE:9A43:2A4E0A3:2BA6C62:6466BB5B
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230033-FRA
x-timer: S1684454245.645606,VS0,VE98

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 56ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6343289823091285

Requested by

Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27dd428455b3feb9c6dfdf13229ff0fc8dc3a8d54021cde2eba92c5a3cb60e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.openfengshui.com/
Origin: https://www.openfengshui.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47337
x-xss-protection: 0
server: cafe
etag: 4747193801839943133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 May 2023 23:57:24 GMT

GET
H2 200 webpack-runtime-5a9fafa636f1014286d2.js Show response
www.openfengshui.com/ 4 KB
3 KB 129ms
128ms Script
application/javascript 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/webpack-runtime-5a9fafa636f1014286d2.js
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca046b6a196d6e73dd1d94dad3dee1506d0d7f75650a6407beef7a800b0af8d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: a7e8bb3ad9b53169258b2fec61e3f34293b93be7
date: Thu, 18 May 2023 23:57:24 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 19 May 2023 00:07:24 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Thu, 18 May 2023 23:43:31 GMT
server: cloudflare
x-github-request-id: 2750:5295:3B503B1:3D445A7:6466BB64
x-timer: S1684454245.827451,VS0,VE101
etag: W/"6466b823-fdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vO%2BLPZ94QA9G%2BJE776WNkNC2%2FYkpEJ9vlD4V3GRTZS3iapj4mW015uqv7ZWA6ET7TPMpa7Mbd7YQf8LojKTlS41XAaEP2bgtydRPKdW9KdFTqL63VTzQjTNXvz%2Bi4mfBEJapNk6yw2%2FXZndo0SBw%2FbTLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7c980ad60c279231-FRA
x-cache-hits: 0

GET
H2 200 framework-8fde0164ecf5b2fe5f00.js Show response
www.openfengshui.com/ 137 KB
45 KB 131ms
130ms Script
application/javascript 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/framework-8fde0164ecf5b2fe5f00.js
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a65e913aff310c313a581599437a1012184727537070543b1768e10987c8a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: 34af8a85dfdb5a6faf81419b5778a5f821ff87ff
date: Thu, 18 May 2023 23:57:24 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 19 May 2023 00:07:24 GMT
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Thu, 18 May 2023 23:43:30 GMT
server: cloudflare
x-github-request-id: C72E:E81C:1CD6C58:1DC4E1D:6466BB64
x-timer: S1684454245.819761,VS0,VE106
etag: W/"6466b822-225a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYRSQc3t9CyF0ARHC7g5Yxb7uiLsecU09GJsU0LW%2BU29btD39jp233rPtakFC0rn7133csj2UFG7lXgTLiy2JLNV%2BSZ4asZHsLoYTaT9NMiTYJj%2BN1CI0aEtso%2Bf%2BLNGbGV8eGNcO9qO%2B2l5mgCNutcr5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7c980ad60c2b9231-FRA
x-cache-hits: 0

GET
H2 200 app-09884f7d788be37027c3.js Show response
www.openfengshui.com/ 150 KB
45 KB 134ms
134ms Script
application/javascript 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/app-09884f7d788be37027c3.js
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99d445ae9100c923a326ec491e95a9a8a1d232509cf10742cd7f1eafd78f7f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: 88eae93a89e9934385a0e9125bf94f4008afeefd
date: Thu, 18 May 2023 23:57:24 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 19 May 2023 00:07:24 GMT
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Thu, 18 May 2023 23:43:30 GMT
server: cloudflare
x-github-request-id: 19F6:3AD9:3037AA9:31D5086:6466BB62
x-timer: S1684454245.821032,VS0,VE105
etag: W/"6466b822-25908"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guMKtT%2F1zSM5DsqMugjU%2FDRZtjyY1Vp2jBFr9OvipsOru%2F2oyS928WIabneflOQb4hZljHzqmdt1NyaGxDzXhPDDz%2FDq6h%2Bq4N%2Fe9fK8B4fcKB4kRLii2%2B8ktcZmN62ycHkJqieaPjSBlkzVk58bUd%2BIgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7c980ad60c2c9231-FRA
x-cache-hits: 0

GET
H2 200 bg-banner.jpg
www.openfengshui.com/assets/img/ 47 KB
47 KB 125ms
125ms Image
image/jpeg 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.openfengshui.com/assets/img/bg-banner.jpg
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c2c841da542b8149fc0d15514e5406970b4134ec0d7521e42ee4548d35d9b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: b3a583e4caa8edbc0ee48abdb66a2f2b5a713d49
date: Thu, 18 May 2023 23:57:24 GMT
via: 1.1 varnish
expires: Fri, 19 May 2023 00:07:24 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47680
x-served-by: cache-fra-eddf8230033-FRA
last-modified: Thu, 18 May 2023 23:43:30 GMT
server: cloudflare
x-github-request-id: 0E2E:12805:37FAE7:39C97A:6466BB64
x-timer: S1684454245.818208,VS0,VE104
etag: "6466b822-ba40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmsYUlAEpRkxj1CjsS8scrEaKN3yb6Q%2Bh97STi3UVStQc78CzMjYkjGbytrfXeIfcOQdeM8PJZ6lkbGHFvUQQ8gJ8EZakjIRTGpISTruKQJ1KHMshoJNw4NrakoGDgsFVNHFKLXjLQidG8Zphmq0MOxbog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c980ad60c2d9231-FRA
x-cache-hits: 0

GET
H2 200 Nunito-Bold-a96c18c5b6cd71fbb56cc39f1105b676.woff
www.openfengshui.com/static/ 68 KB
69 KB 118ms
118ms Font
font/woff 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/static/Nunito-Bold-a96c18c5b6cd71fbb56cc39f1105b676.woff
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f0fe67ff8291c00aa41ee8850954f90c337a9b952cfc913c8a9e53a60ae066

Request headers

Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Origin: https://www.openfengshui.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: 9dcf118da359199addafc894821c6ded6d6fda59
date: Thu, 18 May 2023 23:57:24 GMT
via: 1.1 varnish
expires: Fri, 19 May 2023 00:07:24 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70044
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 18 May 2023 23:43:31 GMT
server: cloudflare
x-github-request-id: 634E:12805:37FAE7:39C97B:6466BB64
x-timer: S1684454245.820724,VS0,VE98
etag: "6466b823-1119c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Vf9BMHtpQAzVBERHZDhKOXe2SSi4hrRBrX44asBGurhreL9bmNxgCrypf%2Buh1ganrJW850l2pWp7sww1ZS7TyS1LMh9LaZ6rxojC0Myfmfo2qoLqoOtzIaTZdoraHVxhZCc%2Bro4fCzb2jSN0EiycR90Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c980ad60c2e9231-FRA
x-cache-hits: 0

GET
H2 200 Quicksand-Regular-e1915d50644e234f61e3b06d320526f8.woff
www.openfengshui.com/static/ 39 KB
40 KB 117ms
116ms Font
font/woff 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/static/Quicksand-Regular-e1915d50644e234f61e3b06d320526f8.woff
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e900daa76e459988c2e7ed8e03dfb218daeeb623d4b69515c71386cd66c70a1

Request headers

Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Origin: https://www.openfengshui.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: 1b0a8177bcf12a913dd0bdc6b3661e84e67be7eb
date: Thu, 18 May 2023 23:57:24 GMT
via: 1.1 varnish
expires: Fri, 19 May 2023 00:07:24 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40036
x-served-by: cache-fra-eddf8230101-FRA
last-modified: Thu, 18 May 2023 23:43:31 GMT
server: cloudflare
x-github-request-id: 0A0A:20E0:18426B8:1904D4C:6466BB64
x-timer: S1684454245.821070,VS0,VE97
etag: "6466b823-9c64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD6XWbVZxPT1aHFhlto%2BFHzu3K8%2FRPZYO22L8HYTtBZFPshiR%2F%2BMZt5L8NigzV%2FRW7fRLh5qsQoD1g58PWhMRRwbd7RMifbIgYH0YrwvEb3jUfzxUQ7MTMqYWB6toFjON0TH1PHkRk0p8Lxct1%2F31uI6hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c980ad60c2f9231-FRA
x-cache-hits: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/ 355 KB
120 KB 57ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6343289823091285&plah=www.openfengshui.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6343289823091285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd0ddcdb9c3a64bba2ded0a18cc987bc6d93f334e97dfb59474dd548e54f8259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122595
x-xss-protection: 0
server: cafe
etag: 16812954881666793610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 May 2023 23:57:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame AEBB 10 KB
5 KB 31ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6343289823091285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.openfengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 21:48:13 GMT
etag: 15057649708203361565
expires: Thu, 01 Jun 2023 21:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088

Requested by

Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&tcfv1=0&tcfv2=0&usp=0&fc=0&ptt=9&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088

Requested by

Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 app-data.json Show response
www.openfengshui.com/page-data/ 50 B
850 B 115ms
115ms XHR
application/json 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/page-data/app-data.json
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/app-09884f7d788be37027c3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65cdd04fe7d38c0fb2b3b02e21b4e1fe48db52b32a7c618214ee3cb216b956d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: e47071bd0e0c5b3c27c14cef5db75e0470453beb
date: Thu, 18 May 2023 23:57:25 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 19 May 2023 00:07:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230036-FRA
last-modified: Thu, 18 May 2023 23:43:31 GMT
server: cloudflare
x-github-request-id: CFA0:5295:3B503C2:3D445B8:6466BB64
x-timer: S1684454245.972625,VS0,VE90
etag: W/"6466b823-32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVALbG3mPHFPfM9AoGsvhGtFot%2FnCRPIS3z8Ap8Rjou9xCkPmBjTler7HFw1NorPfo3Omqax%2BK5lPsZyupwWgnLLvCY1BfTdud6HWtyWFrdN4uJC8b61T2LLf9fe39VTUxsTcsz3afRYGp%2FEy0hIWUwbVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-origin-cache: HIT
cf-ray: 7c980ad70c413a8c-FRA
x-cache-hits: 0

GET
H3 200 page-data.json Show response
www.openfengshui.com/page-data/index/ 3 KB
2 KB 118ms
118ms XHR
application/json 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/page-data/index/page-data.json?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/app-09884f7d788be37027c3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6d1d0f53adb895dc1c5b0df2833687ffd078813ec31e30b91b0313cc62c4e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: 0fddb06db1bccf1603ffb05f51ee65945fbe3078
date: Thu, 18 May 2023 23:57:25 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 19 May 2023 00:07:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230104-FRA
last-modified: Thu, 18 May 2023 23:43:31 GMT
server: cloudflare
x-github-request-id: 8558:5295:3B503C2:3D445BA:6466BB64
x-timer: S1684454245.976191,VS0,VE96
etag: W/"6466b823-b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmFpUDqjAZy1zycX4LL1H3DJF05By4iGGB7BPH0P5I3T4xc%2FpxOyVQwFuUYO3h0%2F9woAcJ27bcyh28n%2FR3GQcez5CGcJUenYMTMLECZGJUeoED7Wfrxbj3z9kvgoqkMMTG8M6QMpAjDgDyjHnQDK97%2BRuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-origin-cache: HIT
cf-ray: 7c980ad70c423a8c-FRA
x-cache-hits: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088

Requested by

Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.openfengshui.com&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088

Requested by

Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088

Requested by

Host: www.openfengshui.com
URL: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
604 B 38ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.openfengshui.com&callback=_gfp_s_&client=ca-pub-6343289823091285

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6343289823091285&plah=www.openfengshui.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

757c7ae6ece7f8bda438071f55dd5542dc14bdbce08138d6008689f2c3a7a59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 40ms
18ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.openfengshui.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 36ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.openfengshui.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4791 0
190 B 61ms
60ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&adk=1812271804&adf=3025194257&lmt=1684453411&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454244896&bpp=4&bdt=139&idt=97&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3018249620332&frm=20&pv=2&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=126

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.openfengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:57:25 GMT
expires: Thu, 18 May 2023 23:57:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ee8b1517-d5ba8af90db09380f9b8.js Show response
www.openfengshui.com/ 107 KB
37 KB 121ms
121ms Script
application/javascript 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/ee8b1517-d5ba8af90db09380f9b8.js
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/webpack-runtime-5a9fafa636f1014286d2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c84c4374a6b5b537c16954bfd97bf55335c336397e1f43f215a16533fe9ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: 215bdf39928339c6f36a6a9a122539a53993a3e9
date: Thu, 18 May 2023 23:57:25 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 19 May 2023 00:07:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230036-FRA
last-modified: Thu, 18 May 2023 23:43:30 GMT
server: cloudflare
x-github-request-id: 8C8E:13DA:3EFC7F6:410B2BA:6466BB65
x-timer: S1684454245.089409,VS0,VE95
etag: W/"6466b822-1aa47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yigU8%2BFwQ5Fly2ZfyHfw7f6%2FfgiQN2uJDZqdDRkHhz7wBboCFapzFydEKTVFUTdsx5Wy2iZLRbSpPOev4hFng4wH%2Bhizec2N9HkQukuR104o4pZkKz8Q3JXpj70%2BWu99JcPF91aB37%2Byfdwi1%2B%2BirX7oBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7c980ad7ccd23a8c-FRA
x-cache-hits: 0

GET
H3 200 3143ea694c79cbcce4eac68b5027659382a521ab-2b92942808667895816c.js Show response
www.openfengshui.com/ 61 KB
20 KB 113ms
113ms Script
application/javascript 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/3143ea694c79cbcce4eac68b5027659382a521ab-2b92942808667895816c.js
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/webpack-runtime-5a9fafa636f1014286d2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eac1dde046ef1a3c999f4674fcc8eb706594043a938346193dcbbcaead546d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: a48afd9a5416d83bbc15acd13c9e912cb90936e5
date: Thu, 18 May 2023 23:57:25 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 19 May 2023 00:07:25 GMT
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
last-modified: Thu, 18 May 2023 23:43:30 GMT
server: cloudflare
x-github-request-id: 5464:6DAE:3C16C16:3E1511D:6466BB65
x-timer: S1684454245.096978,VS0,VE88
etag: W/"6466b822-f3a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5nSyM0HR1JtpX%2F7ZM6WuKH4apMs86auTPlw6sblxin3O2MmG%2BHcrCtBip4dvMi5GpHX3eWRVqBWNuW0Fdnrr2ECYb6Iz4lcWx5dPe5Fod4VOFUOuRfUNBAx3lwcBZQn%2BDJWaacACUCyOOcesXyRXCGSJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7c980ad7ccd33a8c-FRA
x-cache-hits: 0

GET
H3 200 component---src-pages-index-tsx-ba44c01b174754c9ba64.js Show response
www.openfengshui.com/ 239 KB
60 KB 128ms
128ms Script
application/javascript 2606:4700:3033::6815:181c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.openfengshui.com/component---src-pages-index-tsx-ba44c01b174754c9ba64.js
Requested by: Host: www.openfengshui.com
URL: https://www.openfengshui.com/webpack-runtime-5a9fafa636f1014286d2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:181c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc95b92e96c7369110095c688fbc3d06a229588e05c76d0f201a913130321013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/?fbclid=IwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-fastly-request-id: 7af405f6c39bf119576ddcd7961cf620da168d4d
date: Thu, 18 May 2023 23:57:25 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 19 May 2023 00:07:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA
last-modified: Thu, 18 May 2023 23:43:30 GMT
server: cloudflare
x-github-request-id: BE26:5295:3B503CC:3D445C7:6466BB65
x-timer: S1684454245.096209,VS0,VE100
etag: W/"6466b822-3bc3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy%2BERqEKBaBqaBS07%2B5qpWPZ6%2FjFkCCLl3kEKcTU2ItILoD9NgOZxx6YmtmPVp5qRb%2B0pC3hUpFLz75vbwwmYmxik6TKtHyyQWyLx%2F5JyirAHPzvvzywDLU6mC8z1NvWPeHdj5CVrKE8plnoFuPqHw62kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 7c980ad7ccd43a8c-FRA
x-cache-hits: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 29ms
28ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a7d5f953fc68f0b676ee0f3ca71b61e81e386d4569060a4aa919258b3d85b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11130
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 18ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.openfengshui.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 19ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.openfengshui.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8428 99 KB
38 KB 841ms
827ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&h=200&slotname=5114483936&adk=3652468193&adf=2966230867&pi=t.ma~as.5114483936&w=1140&lmt=1684453411&rafmt=11&format=1140x200&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454245252&bpp=2&bdt=495&idt=2&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd49dd29cdb941b91-220fd14bdddd0042%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZBEaebOwzzvw7mrR9U95UBlRih1A&gpic=UID%3D00000c1860a0018c%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZCjAzpdjB5H9ifc8QkMkWW_AsvAg&prev_fmts=0x0&nras=1&correlator=3018249620332&frm=20&pv=1&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RQ70PvDgrT&p=https%3A//www.openfengshui.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab990584c5f8940067f6d73e38f973721a61a49e7668a018c79c353dcc6e5d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.openfengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38374
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:57:26 GMT
expires: Thu, 18 May 2023 23:57:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 65ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 May 2023 23:57:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2CEC 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.openfengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 18:05:24 GMT
expires: Fri, 17 May 2024 18:05:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A0D6 783 B
1 KB 153ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f8b724556c5cfe44ed393da263ddce4a76b18c193d8e7eb3e71efebabb232a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SN8NHLoaXQ9nkKHDfmLgXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.openfengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-SN8NHLoaXQ9nkKHDfmLgXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:57:25 GMT
expires: Thu, 18 May 2023 23:57:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2CEC 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 20:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 May 2024 20:42:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A0D6 0
0 56ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=3351576045832460&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2CEC 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HNJOrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 4012332473081225343
tpc.googlesyndication.com/daca_images/simgad/ Frame 8428 47 KB
47 KB 10ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4012332473081225343

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&h=200&slotname=5114483936&adk=3652468193&adf=2966230867&pi=t.ma~as.5114483936&w=1140&lmt=1684453411&rafmt=11&format=1140x200&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454245252&bpp=2&bdt=495&idt=2&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd49dd29cdb941b91-220fd14bdddd0042%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZBEaebOwzzvw7mrR9U95UBlRih1A&gpic=UID%3D00000c1860a0018c%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZCjAzpdjB5H9ifc8QkMkWW_AsvAg&prev_fmts=0x0&nras=1&correlator=3018249620332&frm=20&pv=1&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RQ70PvDgrT&p=https%3A//www.openfengshui.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a1d68c40ec6a80a9683e5dad2770b54b5b9eb5571a370fe43da1c81115b571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 12:21:53 GMT
x-content-type-options: nosniff
age: 41733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48035
x-xss-protection: 0
last-modified: Wed, 03 May 2023 14:37:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 May 2024 12:21:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8428 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cub2SZbtmZMDAEsnXgQe64o24D4e9q9Vw27SeraMR3NkeEAEgqYaEDGDtBKABnIHoxQPIAQKpAq2f90L1ELI-qAMByAPJBKoE2wFP0FaChEHTPq5DXMfHWDJTibvuGXYt7d8bPw6RdfhoXE43EWwE2aZ_fS6TavBcsB1MsxbPW4HEssSuq3xyX1O0tqzRKm1voAa44ZZXn_kUa7ynvLPwipMFmzAYLlh4Fi3oBWk3f-a6jKAydVU1-HR1oZrXYUCQIsIiZB6aZh2_4sKXxUlor5bB5CMWeiA9xi-s9CZcAgtJd7QR_dv7F3tFN_13U_T5n1SoNm7Uh19fMF5BFQ0Bj4CETAG9C3x_xy4H46EGuaXO4HSrPDPnmM9ln-bp1GNCKr77QJjABP7d0OufBKAGAoAHq4KSO6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEK-tggHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTYzNDMyODk4MjMwOTEyODUYAA&sigh=GzP7xRLDyfU&uach_m=[UACH]&cid=CAQSPABygQiDyP4tqYjJ4yqH-oGy_jubdcxydYT2GPUB-OV2riKjAMfXclb0KNIARg-7JKZc0ezWMrDss90AGhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&h=200&slotname=5114483936&adk=3652468193&adf=2966230867&pi=t.ma~as.5114483936&w=1140&lmt=1684453411&rafmt=11&format=1140x200&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454245252&bpp=2&bdt=495&idt=2&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd49dd29cdb941b91-220fd14bdddd0042%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZBEaebOwzzvw7mrR9U95UBlRih1A&gpic=UID%3D00000c1860a0018c%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZCjAzpdjB5H9ifc8QkMkWW_AsvAg&prev_fmts=0x0&nras=1&correlator=3018249620332&frm=20&pv=1&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RQ70PvDgrT&p=https%3A//www.openfengshui.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 May 2023 23:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 8428 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 17:01:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 8428 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:58:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 8428 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 16:58:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8428 0
0 21ms
20ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4fmJLIQTUxRr5zPj2IODX2S4vrpa1VRBS7vUI34QDcEO7bPqL0oN1bwkcmqc2zMmNmPXgs781yOi7Pxd5CfQhPp1Mtg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&h=200&slotname=5114483936&adk=3652468193&adf=2966230867&pi=t.ma~as.5114483936&w=1140&lmt=1684453411&rafmt=11&format=1140x200&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454245252&bpp=2&bdt=495&idt=2&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd49dd29cdb941b91-220fd14bdddd0042%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZBEaebOwzzvw7mrR9U95UBlRih1A&gpic=UID%3D00000c1860a0018c%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZCjAzpdjB5H9ifc8QkMkWW_AsvAg&prev_fmts=0x0&nras=1&correlator=3018249620332&frm=20&pv=1&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RQ70PvDgrT&p=https%3A//www.openfengshui.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8428 170 KB
53 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 23:57:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 8428 32 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 17:16:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=3652468193&adf=2966230867&fmt=1140x200&str=false&ad_y=641.25&vph=1200&r_nw=1140&r_nh=124&r_str=safe&r_ao=false&r_rqtr=dnsz_init&gen204_fraction=0&qid=CICHuoeJgP8CFclr4AodOnED9w&r_ifr=true&r_cab=true&r_cui=false&w=1140&h=200&err=1&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=3351576045832460&bg=!-fql-q7NAAYldGN0BXQ7ADkAdvg8Wq3NmmyBfnySr7vK-M3V8LU0iH-f8QlkHq76XDnw1etzCEsxAhhoMJAMjxyLN3DDL8aLhJYCAAAAiFIAAAADaAEHmQKivvd8afI1Nr_3iTPyoD9X6gqkMZLPeok3uRBcfh3pjwUfx1GSNY3Sv0AZXpzo_Gt3U82GWJloA6glJbEjhxWvkq3sqEQdzlJHmVpRqGNyHcLtrW_80LNQlv-YGR56XpW0QpdqZqI7-E8pUe57SAbbUl_PPE0Q-rguDMCTdWYEJG-cModTzvj7I94OwELW6Rb7LWpCgq6RxuipySbl2gsUa24qI0hPtiSFeelfeqYQkZPPYVQ7C8ocDXcmHlPusM4B1mOvISIpG4eIKODQZMTrmoaK1jwCOyhi4e2bqyESLRbyNWQDrCNwPqUxyt0rEchU4-cRX6TmkXUmVMnX5r0KD-6SRwHtTSgse7yE6p3QX5JFbsyD6nydjKvYlXAFUv4aKUyUp1oHQD_eajLNV9Rk7E8U5uRK7MufNNMdt58MiSbKIYvyqlbYd4idLdUx_mKQDwZvZ5WdiH11m6fLc0rLXGVXsjoJuYO8oeufbKZP5WWZyVV0Zqjw1eVCg7oHowcsgjThJJCYwgQ5V9kalrm8QC38mJy2xkQ1HGY7tBrfrsGq0fHBflorVZEN0OxscSmbXT-Pfr_49lO7Z4KdWbt5DyWMoJRzsQ03qcpSUDzdOyl41yLTMiCnBcWRNeIcfuyx8FA9ML8KVHE55cmrm9YmFw2MaZK13vCQvT9dFb8ZUiO1rKbXdeLpG5xQ-KPsh-fT2Ui3EPfkqe0-JGrBGLPp5jGBEfaC7Vh46H9NjYkjyBomOo_CEc6uoffLFvO7tnebPBoES-U8knSwsxEIIhvLo6fjrT-YIw9YEbU0jaguQlOgYu3ONrWIP-qBV6vl6chXI2oiwGPbCJaZPgw6wA1NyR3epr8Ut4SOy0cnJWHNA-9PImnIo0B0Dz7GHKc7Zr4YV_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.openfengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F089 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6343289823091285&output=html&h=200&slotname=5114483936&adk=3652468193&adf=2966230867&pi=t.ma~as.5114483936&w=1140&lmt=1684453411&rafmt=11&format=1140x200&url=https%3A%2F%2Fwww.openfengshui.com%2F%3Ffbclid%3DIwAR3WlglrGKmMRsgchQnCh6I27uVVcp8MWKeyw46K3nMpcR2pQBcc7lDxaWI&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684454245252&bpp=2&bdt=495&idt=2&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd49dd29cdb941b91-220fd14bdddd0042%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZBEaebOwzzvw7mrR9U95UBlRih1A&gpic=UID%3D00000c1860a0018c%3AT%3D1684454245%3ART%3D1684454245%3AS%3DALNI_MZCjAzpdjB5H9ifc8QkMkWW_AsvAg&prev_fmts=0x0&nras=1&correlator=3018249620332&frm=20&pv=1&ga_vid=530953112.1684454245&ga_sid=1684454245&ga_hid=152731756&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=641&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31074546%2C44782467%2C44785293%2C44788441%2C44792088&oid=2&pvsid=3351576045832460&tmod=1397615831&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RQ70PvDgrT&p=https%3A//www.openfengshui.com&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4CC7 1 KB
643 B 16ms
11ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Fri, 19 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8428 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a608e36835cc7519dafb448cf44aca307b6cc6829e290cd291f9a40b083db85b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F089
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
28ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:57:26 GMT
expires: Thu, 18 May 2023 23:57:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:57:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4CC7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKDKyppj_8uF0oENBFD7RXs&google_cver=1&google_push=ATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhh...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKDKyppj_8uF0oENBFD7RXs&google_cver=1&google_push=ATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDK...

43 B
414 B

191ms
178ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKDKyppj_8uF0oENBFD7RXs&google_cver=1&google_push=ATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c980ae0bb513808-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 313
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKDKyppj_8uF0oENBFD7RXs&google_cver=1&google_push=ATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMdwvtRguyRBVGrTSMWiqJTcfdFKosWiEB4p4NYVO0YyH2QkpJM7lLezHfaLr8BYuwgImGOfLVNVXx2IAgrDv6i8M6cvDKhhI0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c980adf7a523808-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CC7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMt_6JL1hiddvrxBsH091lU&google_push=ATf1kGMcLVsG0Dc7BYkA9xavripfIgGvjZlFWWzFEokjPkFOxzNR_ntq-6...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMt_6JL1hiddvrxBsH091lU&google_push=ATf1kGMcLVsG0Dc7BYkA9xavripfIgGvjZlFWWzFEokjPkFOxzNR_ntq-6473KTRoXZAPvxcH-_uWBv88EXZg6p_8X8sREgzAPHbbN8

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230020-FRA
pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684454246.319788,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMt_6JL1hiddvrxBsH091lU&google_push=ATf1kGMcLVsG0Dc7BYkA9xavripfIgGvjZlFWWzFEokjPkFOxzNR_ntq-6473KTRoXZAPvxcH-_uWBv88EXZg6p_8X8sREgzAPHbbN8
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CC7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJ4NCyTEKBdz-8hrZJY12Wg&google_cver=1&google_push=ATf1kGOWKOLLdcQu2Ng7juq9TB7LTmsUijioWWSd7t_w6w9NMnXFrxi6mFadezd162wBycaRGcqceqjkLnlsJQ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDY3NTg5ODE4MzE4NjU4NA%3D%3D&google_push=ATf1kGOWKOLLdcQu2Ng7juq9TB7LTmsUijioWWSd7t_w6w9NMnXFrxi6mFadezd162wBycaRGcqceqjkLnlsJQ5uEJ...

170 B
233 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDY3NTg5ODE4MzE4NjU4NA%3D%3D&google_push=ATf1kGOWKOLLdcQu2Ng7juq9TB7LTmsUijioWWSd7t_w6w9NMnXFrxi6mFadezd162wBycaRGcqceqjkLnlsJQ5uEJ-PLiHMj_9jAC0

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNDY3NTg5ODE4MzE4NjU4NA%3D%3D&google_push=ATf1kGOWKOLLdcQu2Ng7juq9TB7LTmsUijioWWSd7t_w6w9NMnXFrxi6mFadezd162wBycaRGcqceqjkLnlsJQ5uEJ-PLiHMj_9jAC0
Date: Thu, 18 May 2023 23:57:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CC7
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEI0sA97ccGFK43oM80RV6qM&google_cver=1&google_push=ATf1kGMxxk9I-_84nNZN-1rPTURIsifBq9SmOw0L_cHQwOquC5hjuohUEM-BlwPJRtMuf8PGvjVRTb7rI7NqRtkf...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6RdHC_mQPim1OEitAFctQ2&google_push=ATf1kGMxxk9I-_84nNZN-1rPTURIsifBq9SmOw0L_cHQwOquC5hjuohUEM-BlwPJRtMuf8PGvjVRTb7rI7NqRtkfMTAuO0WyHeDM-vw

170 B
233 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6RdHC_mQPim1OEitAFctQ2&google_push=ATf1kGMxxk9I-_84nNZN-1rPTURIsifBq9SmOw0L_cHQwOquC5hjuohUEM-BlwPJRtMuf8PGvjVRTb7rI7NqRtkfMTAuO0WyHeDM-vw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 May 2023 23:57:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6RdHC_mQPim1OEitAFctQ2&google_push=ATf1kGMxxk9I-_84nNZN-1rPTURIsifBq9SmOw0L_cHQwOquC5hjuohUEM-BlwPJRtMuf8PGvjVRTb7rI7NqRtkfMTAuO0WyHeDM-vw
x-host: tde-deliveryengine-production-68bf66644b-5c8wv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CC7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDlquwG8YDOG6jOsqQAHbB0&google_cver=1&google_push=ATf1kGPuP-fWOVPSDfZJJjLqkTKCE-WuH8guJGvG6xg1QGx_IFD6LORGOznS1VLd61xY9xevyXwlWA-veGUMpsmoSGp_DCB...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPuP-fWOVPSDfZJJjLqkTKCE-WuH8guJGvG6xg1QGx_IFD6LORGOznS1VLd61xY9xevyXwlWA-veGUMpsmoSGp_DCB7kuihFA&google_hm=eS1YQTMxd2J4RTJwRlM1...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPuP-fWOVPSDfZJJjLqkTKCE-WuH8guJGvG6xg1QGx_IFD6LORGOznS1VLd61xY9xevyXwlWA-veGUMpsmoSGp_DCB7kuihFA&google_hm=eS1YQTMxd2J4RTJwRlM1Q0tWSHNzQUEubHZIRGFTOU1HMH5B

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 May 2023 23:57:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPuP-fWOVPSDfZJJjLqkTKCE-WuH8guJGvG6xg1QGx_IFD6LORGOznS1VLd61xY9xevyXwlWA-veGUMpsmoSGp_DCB7kuihFA&google_hm=eS1YQTMxd2J4RTJwRlM1Q0tWSHNzQUEubHZIRGFTOU1HMH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CC7
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDNVsiRQPpL6w14DmtiAYcg&google_cver=1&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90Tf_...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDNVsiRQPpL6w14DmtiAYcg&google_cver=1&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90T...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90Tf_-1lopoO8

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90Tf_-1lopoO8

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNUqj6dbVeMbHYGE5WbEF8VwwMrmiRqWhRwZLhuQ2Gu1bJn3Fl7FAkOw-YdxRECdsyps39x9-YRKB3hTey2Js90Tf_-1lopoO8
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4CC7
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKvOHp8CYWKWJ-yfuVYeKS8&google_cver=1&google_push=ATf1kGP4b78w9jir14NOATTWlxtdq4CR9bAiLRodAYBRWzMHB-X2JR9NJaUjlqucoLwaKMxJdDuY6tbdexo9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP4b78w9jir14NOATTWlxtdq4CR9bAiLRodAYBRWzMHB-X2JR9NJaUjlqucoLwaKMxJdDuY6tbdexo9f8-3n9n8sHtK1X3er_o

170 B
330 B

17ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP4b78w9jir14NOATTWlxtdq4CR9bAiLRodAYBRWzMHB-X2JR9NJaUjlqucoLwaKMxJdDuY6tbdexo9f8-3n9n8sHtK1X3er_o

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGP4b78w9jir14NOATTWlxtdq4CR9bAiLRodAYBRWzMHB-X2JR9NJaUjlqucoLwaKMxJdDuY6tbdexo9f8-3n9n8sHtK1X3er_o
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4CC7 0
131 B 53ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcCEbD5Go4tuMMqqKPWmK2popqSO2aRbtT58SZA9KOcNp6FHd9ougFmCRWPHyYPlhW49JH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 23:57:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A36 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 17:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 17:02:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8428 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYuY-IsrrNRdUsitKaxQkEuR7KecpPsofD4nzqR3Tli-U4ryeuAWjTQIzAugUXKB6D_DzPzTYIkLx6I8sSwFkr8mTF4cBDzlCavNeDt6MdEWy3GODw4vzEXFy6VwZ1XdISfXyGPAdWcMtQ_yA5Bvtk0aLnyEke7eqsTaL9_C81yrVmjxLtzjiYthFwWMS3U3HT1YfuxgyNDJsCzgHMADFPakXGVuZExKp3wZUF-ph2GcVARbZecJlqZZATicjJ76HuaYHU3rzpM5e3YrS7q24-Ydtul2X3d0kKDcrFHznFlDWKoeL7s7k_B7loX12wCLccanQI8khJlX67GA-Mxjs72JtGGAUppa46t7q43W4-Zcej8S4riNQDFqZFiW6NSKkIp_s3Zly4ibnPylVYWroZ0fgvYWxI_POJctuYNtWl3fpEAwKyD9JQjjpIyk_OfyQg-K_msQUJxuqqY4yhVCDT1x1BKzHJfVkuIqC60hZx8Ck4UmxpuBRzjNDeyVXN0oUuDacrQap380iMV90AUzRWAN1-wjsiT0-8xdkY3ARZjbrySCkR3_B_3P19UxI9RJwnP-ELw7j7Jj85cHk3pnCFn5nrwTcylwuNk5YFnX7B6Vr_m99jFViQ9mkaZ4P3ujNOZdG05HkmjoVE71hdpRTt1p3pAy3gyrOk-2_nPDxxSAtdArO7cwaWt8kF6AzOsY1TV6dJDw3OjWR7CY0YTmRoQ-TGKRntI0I1ax5cAmojkt11G5w3ObYw02xyy_KFxp5oH0v7zWsHwfOsssDjhq20qYiBgx32292aFs5XENnbqg9eZJfon_1PEnXMwYb4rwQ3esCbm7DAo0Hq9CgXH43hd_VRSG8OyfQju3zaO1OVD7jli2Z7ozjvwKWZWja9sgWCjXf6gZ_0KruTZC5DNKlMkqYqYZJsQ6MOA-kLeU2pbM_m2-38wLqsEdmFwozBEniFJ8ZXRfEOF-RzOgA&sai=AMfl-YQxTiTIjtSIH2b9cGfLCq3cU0AR2F0yUdpoOUkNqPjHpse4dJsaVf5FKGWGQKWBqykq9TJ2RCgT28s2lQ306eD-dzJSx8Hj_oF8bBSxx_D84K90o9VO0MtkLg7BBZSd2G_IQQGX_ZAzRw&sig=Cg0ArKJSzPUuMt2lx82IEAE&cid=CAQSPABygQiDyP4tqYjJ4yqH-oGy_jubdcxydYT2GPUB-OV2riKjAMfXclb0KNIARg-7JKZc0ezWMrDss90AGhgB&id=lidar2&mcvt=1000&p=0,68,124,1073&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3652468193&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684454245267&rpt=974&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 23:57:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openfengshui.com/	1970-01-20 21:15:50	Name: __gads Value: ID=d49dd29cdb941b91-220fd14bdddd0042:T=1684454245:RT=1684454245:S=ALNI_MZBEaebOwzzvw7mrR9U95UBlRih1A
.openfengshui.com/	1970-01-20 21:15:50	Name: __gpi Value: UID=00000c1860a0018c:T=1684454245:RT=1684454245:S=ALNI_MZCjAzpdjB5H9ifc8QkMkWW_AsvAg
.doubleclick.net/	1970-01-20 21:15:50	Name: IDE Value: AHWqTUnvOIJzIVDgbFyKgQkAakqwJjxYtWR1esJcxxficmceAxBMSessba7W6Ham1LY
.doubleclick.net/	1970-01-20 11:54:17	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 14:03:50	Name: UserID1 Value: 7234675898183186584
.travelaudience.com/	1970-01-20 21:25:55	Name: _tracker Value: %7B%22UUID%22%3A%221FA45D1C-2FE6-40F8-A6D4-E122B4015CB5%22%7D
.de17a.com/	1970-01-20 20:32:38	Name: guid Value: 1.5052812601439098250
.yahoo.com/	1970-01-20 20:40:11	Name: A3 Value: d=AQABBGa7ZmQCED340JprYHLD2aWwyYzEozYFEgEBAQEMaGRwZAAAAAAA_eMAAA&S=AQAAAkgqpkHwwIYx8UqX8gzZycY
.everesttech.net/	1970-01-20 20:39:50	Name: everest_g_v2 Value: g_surferid~ZGa7ZgALDsZe8wBL
.tribalfusion.com/	1970-01-20 14:03:50	Name: ANON_ID Value: adnseFuyTYEBErv6Yb8jZcXnQf9NrvSsMZa93qFXOEGQUi7ERV3XGcoYlmdh6YN5aaGvmn3LVf5JOoPJKMaDYK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
d5p.de17a.com
dsp.adfarm1.adition.com
googleads.g.doubleclick.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
s.tribalfusion.com
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.openfengshui.com
142.250.186.66
151.101.194.49
213.155.156.185
2606:4700:3033::6815:181c
2606:4700::6812:19ad
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a05:d018:d29:3605:c16d:3d42:19c0:e699
35.190.0.66
51.38.120.206
85.114.159.93
07a1d68c40ec6a80a9683e5dad2770b54b5b9eb5571a370fe43da1c81115b571
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14c84c4374a6b5b537c16954bfd97bf55335c336397e1f43f215a16533fe9ad0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6
1f8b724556c5cfe44ed393da263ddce4a76b18c193d8e7eb3e71efebabb232a2
27dd428455b3feb9c6dfdf13229ff0fc8dc3a8d54021cde2eba92c5a3cb60e7c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
44a65e913aff310c313a581599437a1012184727537070543b1768e10987c8a6
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c2c841da542b8149fc0d15514e5406970b4134ec0d7521e42ee4548d35d9b8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65cdd04fe7d38c0fb2b3b02e21b4e1fe48db52b32a7c618214ee3cb216b956d7
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
757c7ae6ece7f8bda438071f55dd5542dc14bdbce08138d6008689f2c3a7a59a
7e900daa76e459988c2e7ed8e03dfb218daeeb623d4b69515c71386cd66c70a1
99d445ae9100c923a326ec491e95a9a8a1d232509cf10742cd7f1eafd78f7f3d
9a7d5f953fc68f0b676ee0f3ca71b61e81e386d4569060a4aa919258b3d85b6f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a608e36835cc7519dafb448cf44aca307b6cc6829e290cd291f9a40b083db85b
ab990584c5f8940067f6d73e38f973721a61a49e7668a018c79c353dcc6e5d3a
b8f0fe67ff8291c00aa41ee8850954f90c337a9b952cfc913c8a9e53a60ae066
bc95b92e96c7369110095c688fbc3d06a229588e05c76d0f201a913130321013
c6d1d0f53adb895dc1c5b0df2833687ffd078813ec31e30b91b0313cc62c4e73
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
ca046b6a196d6e73dd1d94dad3dee1506d0d7f75650a6407beef7a800b0af8d2
d24a2297bf22c16579081f0cbe1b51704c8e59a0e1c8e0bb67b240833866a246
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
dd0ddcdb9c3a64bba2ded0a18cc987bc6d93f334e97dfb59474dd548e54f8259
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eac1dde046ef1a3c999f4674fcc8eb706594043a938346193dcbbcaead546d89
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.openfengshui.com Open in urlscan Pro 2606:4700:3033::6815:181c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

88 %HTTPS

65 %IPv6

14 Domains

18 Subdomains

12 IPs

4 Countries

824 kBTransfer

2260 kBSize

10 Cookies

1 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.openfengshui.com Open in urlscan Pro
2606:4700:3033::6815:181c Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

88 %
HTTPS

65 %
IPv6

14
Domains

18
Subdomains

12
IPs

4
Countries

824 kB
Transfer

2260 kB
Size

10
Cookies

58 HTTP transactions
1 data transactions