www.openurls.com.cn Open in urlscan Pro
47.89.13.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.openurls.com.cn/
Submission: On June 05 via manual (June 5th 2023, 5:09:24 am UTC) from LV — Scanned from DE

Summary HTTP 111 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 9 countries across 22 domains to perform 111 HTTP transactions. The main IP is 47.89.13.48, located in Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is www.openurls.com.cn.

This is the only time www.openurls.com.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	47.89.13.48 47.89.13.48	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
21	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	220.169.152.35 220.169.152.35	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
10	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	182.61.201.93 182.61.201.93	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 3	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4 11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.194.70.94 54.194.70.94	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:2a5e:c911:a15c:b7e8	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1 2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:4800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1	14618 (AMAZON-AES) (AMAZON-AES)
1	113.219.142.48 113.219.142.48	63838 (CT-HUNAN-...) (CT-HUNAN-HENGYANG-IDC Hengyang)
1	182.61.200.109 182.61.200.109	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	182.61.240.101 182.61.240.101	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	182.61.200.83 182.61.200.83	() ()
111	29

8 47.89.13.48 (Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

www.openurls.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.169.152.35 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

cpro.baidustatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 182.61.201.93 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

bdimg.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.235.46.191 (Hong Kong) 1 redirects

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.70.94 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-70-94.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:2a5e:c911:a15c:b7e8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:4800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 113.219.142.48 (China)

ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN)

hmcdn.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.200.109 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.240.101 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.200.83 (None, )

ASN- ()

nsclick.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	362 KB
22	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351	91 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 947 static.adsafeprotected.com — Cisco Umbrella Rank: 633 dt.adsafeprotected.com — Cisco Umbrella Rank: 572	100 KB
13	baidu.com 1 redirects bdimg.share.baidu.com — Cisco Umbrella Rank: 79715 hm.baidu.com — Cisco Umbrella Rank: 7646 hmcdn.baidu.com — Cisco Umbrella Rank: 76224 pos.baidu.com — Cisco Umbrella Rank: 19807 api.share.baidu.com — Cisco Umbrella Rank: 64544 nsclick.baidu.com	60 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	118 KB
8	openurls.com.cn www.openurls.com.cn	18 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8155	818 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1314	451 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 598	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2005	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	48 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	107 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452	713 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 870	715 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 702	541 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 518	875 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	609 B
1	baidustatic.com cpro.baidustatic.com — Cisco Umbrella Rank: 23526	39 KB
111	22

	Domain	Requested by
21	pagead2.googlesyndication.com	www.openurls.com.cn pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net www.openurls.com.cn tpc.googlesyndication.com pagead2.googlesyndication.com
9	dt.adsafeprotected.com	googleads.g.doubleclick.net www.openurls.com.cn
9	s0.2mdn.net	www.openurls.com.cn s0.2mdn.net googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.openurls.com.cn	www.openurls.com.cn
6	bdimg.share.baidu.com	www.openurls.com.cn bdimg.share.baidu.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	hm.baidu.com	1 redirects www.openurls.com.cn
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.openurls.com.cn
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	fw.adsafeprotected.com	1 redirects www.openurls.com.cn
2	www.googletagservices.com	googleads.g.doubleclick.net
1	nsclick.baidu.com
1	api.share.baidu.com	bdimg.share.baidu.com
1	pos.baidu.com	cpro.baidustatic.com
1	hmcdn.baidu.com	www.openurls.com.cn
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cpro.baidustatic.com	www.openurls.com.cn
111	35

This site contains links to these domains. Also see Links.

Domain
www.miitbeian.gov.cn
tongji.baidu.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh

This page contains 15 frames:

Primary Page: http://www.openurls.com.cn/
Frame ID: 3552B39CBEA5C2F96212F1D9D094CEDF
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: 83155BC8AC7B4AE3DF566525466D2FE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=60&slotname=6189259720&adk=3527254794&adf=1220028896&pi=t.ma~as.6189259720&w=468&lmt=1685941752&format=468x60&url=http%3A%2F%2Fwww.openurls.com.cn%2F&wgl=1&dt=1685941751871&bpp=6&bdt=270&idt=166&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&correlator=7741815169399&frm=20&pv=2&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=832&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ps1COcdP9J&p=http%3A//www.openurls.com.cn&dtd=180
Frame ID: 442EA1672211EF66EEF50D689FFB77A4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 03AE717C57700375A738403BE5D332F2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Frame ID: 430CEA8DCCE470A8350816052A857D4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Frame ID: 9AC25ADB083A84C8E4549E424C5FDBF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNWrLU0jBJf-Z0-RbNbFAQMGtfmir_OA59iVMSIiOon8Szk0iRet9i82H3jNJ0BlWGQDifrmQfDV5_2vDHgrfV61f0TOarbjkKKOjK5J_buONj9DegLGoRJfY_vT0_hW8abF82g7epM4p04ZO8LkANkNGow1huhSpfHCVGSFFhVD_6MtSf8
Frame ID: 26C84B25EFC301513CB55CB6E74AD7F3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2D435A17630217F4F9A1CF8F23C99203
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A1307EF02B5BBC2999188E8DB48EDAF5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1649F869569777D944E723ED69F4F9AC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
Frame ID: 91F42E542709277C30C74D17855E3E57
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 46C73A294E71E787BE4BC72896B3FDC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&adk=1812271804&adf=3025194257&lmt=1685941756&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fwww.openurls.com.cn%2F&ea=0&pra=7&wgl=1&dt=1685941756427&bpp=2&bdt=4826&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60%2C336x280_as&nras=1&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=11
Frame ID: 4CD67FE8EE761BF93DB762C4931951BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4DB873436AF4FFA08F19FC501DAFAB1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1760596AF53D19F38800AB93B839F99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

批量打开网址、网页、网站（网址、超链接批量打开工具，如何批量一键快速打开多个网站、网页）

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

111
Requests

71 %
HTTPS

45 %
IPv6

22
Domains

35
Subdomains

29
IPs

9
Countries

950 kB
Transfer

2562 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.miitbeian.gov.cn/
Title: 粤ICP备16070914号

Search URL Search Domain Scan URL

URL: http://tongji.baidu.com/hm-web/welcome/ico?s=9bda91614e9a9686e07a90bf5201cce3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 35

http://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3 HTTP 301
https://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&C=1

Request Chain 45

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH1t.tHJdxn1nqSTSnmDhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&google_hm=2

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL5z1ahkNXCFb2Yb-n5a-h4&google_cver=1

Request Chain 47

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyNjkxMzQyNjE4MjI0MjQxOQ%3D%3D

Request Chain 58

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGkwpcKoLuyQZ4IO54Ed2pY&google_cver=1&google_push=ATf1kGMcfMmPtMfPHYw_NyR1dO4u9TZgbBP0lPg4K0iTMOG-M1XxYZadY4NwNjeNYBcuV1CXWC46j3Gp1xCT-IAPjxrXlp_y980bTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcfMmPtMfPHYw_NyR1dO4u9TZgbBP0lPg4K0iTMOG-M1XxYZadY4NwNjeNYBcuV1CXWC46j3Gp1xCT-IAPjxrXlp_y980bTA

Request Chain 59

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF0_bh99pnEhX-qWYZuY2ic&google_cver=1&google_push=ATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF0_bh99pnEhX-qWYZuY2ic&google_cver=1&google_push=ATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 60

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJCNrykyjGgTIMidsLoEE_8&google_cver=1&google_push=ATf1kGPZ2Ao578obX3QgQeubyZmf8_4dDSdooacBr1rHhKY5XrSUeEva7MWa6VsX89eg9CSuO56YiWHWj5IioTbarht0gg9G8cw5Mg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJCNrykyjGgTIMidsLoEE_8&google_push=ATf1kGPZ2Ao578obX3QgQeubyZmf8_4dDSdooacBr1rHhKY5XrSUeEva7MWa6VsX89eg9CSuO56YiWHWj5IioTbarht0gg9G8cw5Mg

Request Chain 61

https://um.simpli.fi/gp_match?google_gid=CAESENIZKg6CcXf02tTwcvNvI58&google_cver=1&google_push=ATf1kGP0pT92DO6og-MAfi3B2kXyT4imuaeOBkn7xsxrISYww_PeooJjWo506TKGvogBpx16iJva4lIkKxrrwgtl_qBRYQbhZb0Tjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F0DF3786EE4A03A84113EDD9B00C55&google_push=ATf1kGP0pT92DO6og-MAfi3B2kXyT4imuaeOBkn7xsxrISYww_PeooJjWo506TKGvogBpx16iJva4lIkKxrrwgtl_qBRYQbhZb0Tjw

Request Chain 62

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIlKhodv9HzZtBlBE8tDXWI&google_cver=1&google_push=ATf1kGMflebtYyT3uv91jqk2UXumiDW1UKRRN3fsFiLCy-Tf7mZbHntvbjZIXxYf2oyh-txHWo6Fdohd2IHGLqqtoEFSKRLHDDT5YA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMflebtYyT3uv91jqk2UXumiDW1UKRRN3fsFiLCy-Tf7mZbHntvbjZIXxYf2oyh-txHWo6Fdohd2IHGLqqtoEFSKRLHDDT5YA&google_hm=eS16ZndaR0Q5RTJwR0Y2Z29MTjVPWHFycy40Qmh2ODRxSH5B

Request Chain 63

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJZ7X5tZRQcbXDCyLgmRJM8&google_cver=1&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSAFORhamtrXtiYozLCnRz2Vgwxc HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJZ7X5tZRQcbXDCyLgmRJM8&google_cver=1&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSAFORhamtrXtiYozLCnRz2Vgwxc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NDA3NjEzNDA0NzMzNDcxNQ&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSAFORhamtrXtiYozLCnRz2Vgwxc

Request Chain 64

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFSiTHpexve4CQbkdFCnSVA&google_cver=1&google_push=ATf1kGP4zXZz24xuniaq7B991buupCMVOPhG9TOuik3ABw0Fyp5RPkL268zJ8vLvnLhur9LZbGTg4UUPEgrRx4YvO8h6WawINW5DqcE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP4zXZz24xuniaq7B991buupCMVOPhG9TOuik3ABw0Fyp5RPkL268zJ8vLvnLhur9LZbGTg4UUPEgrRx4YvO8h6WawINW5DqcE HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 79

https://fw.adsafeprotected.com/rfw/st/987057/61527013/4.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-7280226555256644&ias_chanId=1&ias_placementId=19429848476&bidurl=http://www.openurls.com.cn/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i5TMMDgtLMJMiXMxpx8yiG&adContainerId=brand_safety_-m19ZPrsKfSTjuwPu-KFgA0&cbFunctionName=goog_wrapCb_-m19ZPrsKfSTjuwPu-KFgA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.openurls.com.cn&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.openurls.com.cn%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7280226555256644%26output%3Dhtml%26h%3D280%26adk%3D3076577446%26adf%3D1010401286%26w%3D336%26lmt%3D1685941753%26ad_type%3Dtext_image%26format%3D336x280_as%26url%3Dhttp%253A%252F%252Fwww.openurls.com.cn%252F%26alt_color%3DFFFFFF%26wgl%3D1%26dt%3D1685941753890%26bpp%3D15%26bdt%3D2289%26idt%3D15%26shv%3Dr20230531%26mjsv%3Dm202305300101%26ptt%3D5%26saldr%3Dsa%26abxe%3D1%26cookie%3DID%253D0512c4f493b06c34-222e79a635e100fd%253AT%253D1685941752%253ART%253D1685941752%253AS%253DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg%26gpic%3DUID%253D00000c43accd652b%253AT%253D1685941752%253ART%253D1685941752%253AS%253DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw%26prev_fmts%3D468x60%26correlator%3D7741815169399%26frm%3D20%26pv%3D1%26ga_vid%3D1387077239.1685941752%26ga_sid%3D1685941752%26ga_hid%3D441475944%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D941%26ady%3D232%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44759837%252C44759876%252C31071755%252C31074994%252C44788441%252C44789819%26oid%3D2%26psts%3DABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB%26pvsid%3D2971451777999243%26tmod%3D430763651%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D0Sz9fbHln7%26p%3Dhttp%253A%2F%2Fwww.openurls.com.cn%26dtd%3D19&adsafe_type=bed&adsafe_jsinfo=,id:c212a523-4f18-5a40-23bb-cb488b0add73,c:eDzjZK,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-597464b965-x68vf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:20,oid:1daac011-035f-11ee-8189-92bb10bbafc6,v:19.8.416,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

111 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.openurls.com.cn/ 8 KB
3 KB 842ms
286ms Document
text/html 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.openurls.com.cn/
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache / PHP/5.2.17
Resource Hash: b811c5faf26ab388ea328e08c9f17df293bc6c98066f2fc5a30459ef3689c2cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3075
Content-Type: text/html
Date: Mon, 05 Jun 2023 05:09:11 GMT
Keep-Alive: timeout=15, max=300
Server: Apache
Vary: User-Agent,Accept-Encoding
X-Powered-By: PHP/5.2.17

GET
H/1.1 200
OK url.css
www.openurls.com.cn/styles/ 4 KB
2 KB 267ms
266ms Stylesheet
text/css 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.openurls.com.cn/styles/url.css
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 7424fa44bf8ec36969acd497d6363ee3e97005c5bdd3f6ac5bfbc96ac97028e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jun 2019 10:58:51 GMT
Server: Apache
ETag: "1fd61-f1d-58aa5996010c0"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=300
Content-Length: 1219

GET
H/1.1 200
OK logo.png
www.openurls.com.cn/img/ 3 KB
4 KB 263ms
258ms Image
image/png 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.openurls.com.cn/img/logo.png
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 4fac07aa901a184c9be6c627623d08e3d3b1957b6e7708cccdf2c56f989c53c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:11 GMT
Last-Modified: Thu, 06 Jun 2019 10:58:50 GMT
Server: Apache
ETag: "1fd5b-d46-58aa59950ce80"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=299
Content-Length: 3398

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
50 KB 64ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

562597e234b75418e82ec1b80cacb7492648c545532ecdea9192f5dff0c80fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50231
X-XSS-Protection: 0
Server: cafe
ETag: 12965121480252021018
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 05:09:11 GMT

GET
H/1.1 200
OK c.js Show response
cpro.baidustatic.com/cpro/ui/ 116 KB
39 KB 1971ms
299ms Script
text/javascript 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://cpro.baidustatic.com/cpro/ui/c.js
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: HTTP/1.1
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 2f12b9dbe90ba3e1ca90ac9bca1e43a45162211d0e0f33c1d28b4dea3e2fc531

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Ohc-File-Size: 39830
Date: Mon, 05 Jun 2023 05:09:13 GMT
Content-Encoding: gzip
Ohc-Cache-HIT: yy2ct68 [2], qdix211 [1]
Last-Modified: Fri, 02 Jun 2023 02:23:57 GMT
Server: JSP3/2.0.14
Age: 2792
X-Cache-Status: HIT
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Ohc-Global-Saved-Time: Mon, 05 Jun 2023 04:22:41 GMT
Content-Length: 39830
Expires: Mon, 05 Jun 2023 05:22:41 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
34 KB 52ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ba885032cd3a75f3a685ce9358e852142f5ead7199243bcc2f5b3161630bf4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12334562194832303401
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34516
X-XSS-Protection: 0
Expires: Mon, 05 Jun 2023 05:09:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame 8315 10 KB
5 KB 74ms
19ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.openurls.com.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 13:00:21 GMT
etag: 15057649708203361565
expires: Sun, 18 Jun 2023 13:00:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 351 KB
118 KB 105ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7280226555256644&plah=www.openurls.com.cn

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80110880457b1e12ce7e6a0641c07c6776628a8fbfe5de77b41e1ee61ae67f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120658
x-xss-protection: 0
server: cafe
etag: 2403432406903612116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 05:09:11 GMT

GET
H/1.1 200
OK bg_top.jpg
www.openurls.com.cn/img/ 345 B
640 B 266ms
266ms Image
image/jpeg 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.openurls.com.cn/img/bg_top.jpg
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/styles/url.css
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: ce42784a2295e56d1ca8f7e0610019965a30f48747bc9a81a63176723778cc71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/styles/url.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:11 GMT
Last-Modified: Thu, 06 Jun 2019 10:58:49 GMT
Server: Apache
ETag: "1fd51-159-58aa599418c40"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=299
Content-Length: 345

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
609 B 75ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.openurls.com.cn&callback=_gfp_s_&client=ca-pub-7280226555256644

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7280226555256644&plah=www.openurls.com.cn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a204b3ffa162be0eca858b7646d4e46321dd9429a5e542985114d7f4662f817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 105ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.openurls.com.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 83ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.openurls.com.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 442E 93 KB
34 KB 423ms
422ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=60&slotname=6189259720&adk=3527254794&adf=1220028896&pi=t.ma~as.6189259720&w=468&lmt=1685941752&format=468x60&url=http%3A%2F%2Fwww.openurls.com.cn%2F&wgl=1&dt=1685941751871&bpp=6&bdt=270&idt=166&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&correlator=7741815169399&frm=20&pv=2&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=832&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ps1COcdP9J&p=http%3A//www.openurls.com.cn&dtd=180

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2914b55e5d606da26fdfb5b0195d2619966132c3dce087c0953e9eeea21f3b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.openurls.com.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34601
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:09:12 GMT
expires: Mon, 05 Jun 2023 05:09:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 442E 14 KB
2 KB 83ms
32ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=60&slotname=6189259720&adk=3527254794&adf=1220028896&pi=t.ma~as.6189259720&w=468&lmt=1685941752&format=468x60&url=http%3A%2F%2Fwww.openurls.com.cn%2F&wgl=1&dt=1685941751871&bpp=6&bdt=270&idt=166&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&correlator=7741815169399&frm=20&pv=2&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=832&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ps1COcdP9J&p=http%3A//www.openurls.com.cn&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 05:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 04:53:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 05:09:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 442E 2 KB
945 B 75ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 442E 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkpFf-G19ZJ_aBc69iQac6pbIDZ7L0cFwk9e1kK0R__WQ49cCEAEglbThHWCVypOCoAegAaryzscDyAEBqQK4d_Jc9faxPqgDAcgDywSqBOwBT9B3ogdwog7c1InlmwmY_mfMNuBKM0VQ8WnBAldhGwFceiwIEQwppjMptusGGxyScJOPfi37ivo5Z4SdHo10txJj3OmkC-X8gEZ46BYMqx4fwFAJTAup7MCffqDlYUPcZAwU6mCQ23ZyB6GhjZgIf3Kw_yS44QudzOIJMdZAMNRnD-jz9FQ38yAdNvjmFP4P6l8yIZUOI7S1o9TiSAskYY5h3j2KKeykwX24Ombd65806ZDGO-SEsd9z-GoMTCmEmdrfw81PN9ZyuW2xq74SyMOy3b01ztKFVCEU67lix9tWHxlgqAZPWv3IvBDABLXbnJqpBJIFBAgEGAGSBQQIBRgEgAe-jbE4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwMMD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi03MjgwMjI2NTU1MjU2NjQ0GAA&sigh=M5KG6sQJ-qY&uach_m=[UACH]&cid=CAQSGwBygQiDI3ZiwPJMLwNYycpqbubuc_rrK9Y2qRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=60&slotname=6189259720&adk=3527254794&adf=1220028896&pi=t.ma~as.6189259720&w=468&lmt=1685941752&format=468x60&url=http%3A%2F%2Fwww.openurls.com.cn%2F&wgl=1&dt=1685941751871&bpp=6&bdt=270&idt=166&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&correlator=7741815169399&frm=20&pv=2&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=832&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ps1COcdP9J&p=http%3A//www.openurls.com.cn&dtd=180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 05:09:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 05:09:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 442E 22 KB
9 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:25:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03AE 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=60&slotname=6189259720&adk=3527254794&adf=1220028896&pi=t.ma~as.6189259720&w=468&lmt=1685941752&format=468x60&url=http%3A%2F%2Fwww.openurls.com.cn%2F&wgl=1&dt=1685941751871&bpp=6&bdt=270&idt=166&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&correlator=7741815169399&frm=20&pv=2&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=832&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ps1COcdP9J&p=http%3A//www.openurls.com.cn&dtd=180
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 04:51:53 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 442E 3 KB
1 KB 62ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 12:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 12:22:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 442E 19 KB
8 KB 55ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 442E 171 KB
54 KB 90ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 05:09:12 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 442E 32 KB
14 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:15:44 GMT

GET
DATA 200
OK truncated
/ Frame 442E 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03AE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:09:12 GMT
expires: Mon, 05 Jun 2023 05:09:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:09:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 442E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 260a05a8ed7bebcae8a716ebc28084812375488ef477931aa15f117df4023304

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 442E 33 KB
34 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 467995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:09:17 GMT

GET
H2 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 430C 37 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 442E 42 B
64 B 96ms
56ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssx2kk3Mvs_WRlUOPspSLmp8AP-f0Q53rgmudQuIkPvVUkYQTmAwUMiuRbyxDF4EUdWikUxhRWUCrWrMXMhwnW8uvkT7CN_dzuqENTScBt_my-lK8mTC7TX3NxFlJugnVXJ94SrDg&sai=AMfl-YSEhcjSya4B3uRFax8F8kMfhtwBFwNqHS3j9qvF-M_4bzXvGYJSdJB-9m3PkBopVfjQoQiqgteBfavp&sig=Cg0ArKJSzFYIgimIoB0TEAE&cid=CAQSGwBygQiDI3ZiwPJMLwNYycpqbubuc_rrK9Y2qRgB&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3527254794&rs=2&la=0&cr=0&vs=4&r=v&rst=1685941752053&rpt=633&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK shell_v2.js Show response
bdimg.share.baidu.com/static/js/ 1 KB
900 B 4275ms
234ms Script
text/javascript 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=468318
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: BWS/1.0 /
Resource Hash: 96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jun 2015 08:50:12 GMT
Server: BWS/1.0
Etag: "2176374695"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 571
Expires: Mon, 05 Jun 2023 05:39:17 GMT

GET
H/1.1 200
OK menu_bg.jpg
www.openurls.com.cn/img/ 435 B
730 B 266ms
266ms Image
image/jpeg 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.openurls.com.cn/img/menu_bg.jpg
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/styles/url.css
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 3612b76045182588f3fe4c66d5c29e4a670a0d70f51ee057d7bc9557ae168d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/styles/url.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:13 GMT
Last-Modified: Thu, 06 Jun 2019 10:58:50 GMT
Server: Apache
ETag: "1fd5c-1b3-58aa59950ce80"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=298
Content-Length: 435

GET
H/1.1 200
OK menu_line.jpg
www.openurls.com.cn/img/ 394 B
689 B 258ms
257ms Image
image/jpeg 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.openurls.com.cn/img/menu_line.jpg
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/styles/url.css
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: a00353670f79480429ae7de1fa3f2d95f8f49aa63bdccc5568af5aba6cd73fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/styles/url.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:14 GMT
Last-Modified: Thu, 06 Jun 2019 10:58:51 GMT
Server: Apache
ETag: "1fd5e-18a-58aa5996010c0"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=298
Content-Length: 394

GET
H/1.1 200
OK btn_submit.gif
www.openurls.com.cn/img/ 4 KB
4 KB 267ms
266ms Image
image/gif 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.openurls.com.cn/img/btn_submit.gif
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/styles/url.css
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 035b6194e05068f5b8bc9298d5091e9c485a67f7c71eddd191eae8fda8d2f547

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/styles/url.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:14 GMT
Last-Modified: Thu, 06 Jun 2019 10:58:49 GMT
Server: Apache
ETag: "1fd54-e37-58aa599418c40"
Vary: User-Agent
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=300
Content-Length: 3639

GET
H/1.1 200
OK btn_submit2.gif
www.openurls.com.cn/img/ 4 KB
4 KB 517ms
258ms Image
image/gif 47.89.13.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.openurls.com.cn/img/btn_submit2.gif
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/styles/url.css
Protocol: HTTP/1.1
Server: 47.89.13.48 , Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: b0e47dc33812b497de93ded84d5b5d12688de76427f0922e753366e831396284

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/styles/url.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:14 GMT
Last-Modified: Thu, 06 Jun 2019 10:58:49 GMT
Server: Apache
ETag: "1fd55-ebb-58aa599418c40"
Vary: User-Agent
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=297
Content-Length: 3771

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.openurls.com.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 29ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.openurls.com.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9AC2 27 KB
11 KB 662ms
662ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08508c269853df8f3021457a8fd6fa73317ef7743c9f21f7f16db667e4ca8ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.openurls.com.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11625
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

h.js Show response
hm.baidu.com/
Redirect Chain

http://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3
https://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3

29 KB
12 KB

964ms
390ms

Script
application/javascript

103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

HTTP/1.1

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

11980b364b259023e08fbf2d2f8aeb777cfc53d144d1676920150c6f6c17ccf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:15 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 3faa2ed4ef38cbcbb907b082b66dd9c0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11285

Redirect headers

Location: https://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3
Date: Mon, 05 Jun 2023 05:09:14 GMT
Content-Length: 93
Content-Type: text/html; charset=utf-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 26C8 624 B
242 B 36ms
32ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNWrLU0jBJf-Z0-RbNbFAQMGtfmir_OA59iVMSIiOon8Szk0iRet9i82H3jNJ0BlWGQDifrmQfDV5_2vDHgrfV61f0TOarbjkKKOjK5J_buONj9DegLGoRJfY_vT0_hW8abF82g7epM4p04ZO8LkANkNGow1huhSpfHCVGSFFhVD_6MtSf8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2D43 78 KB
27 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 05:09:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 2D43 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 12:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 12:22:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 2D43 19 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2D43 0
0 30ms
28ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR15mX98dzEps4mywnI-vkykunhJsWIYCg8TarB3MKetR7Nz9Pw5JMCaNOX0j-MTSvC30KFBZ3J0JlkgD1ELKvs240ZLw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D43 171 KB
53 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 05:09:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D43 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D607-zATGh92pRKJKDtq2w1FIDi01YGKaehUETr94hzF_i90cB0Al3VF_1dgF447HruekJr2ZYiT_FIcvPkmMx4MEx2qQve87igi_BI7qM60-bVjk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D43 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11812244740431879583&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 26C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&C=1

43 B
766 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNWrLU0jBJf-Z0-RbNbFAQMGtfmir_OA59iVMSIiOon8Szk0iRet9i82H3jNJ0BlWGQDifrmQfDV5_2vDHgrfV61f0TOarbjkKKOjK5J_buONj9DegLGoRJfY_vT0_hW8abF82g7epM4p04ZO8LkANkNGow1huhSpfHCVGSFFhVD_6MtSf8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 05:09:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 05:09:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 26C8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH1t.tHJdxn1nqSTSnmDhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&google_hm=2

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNWrLU0jBJf-Z0-RbNbFAQMGtfmir_OA59iVMSIiOon8Szk0iRet9i82H3jNJ0BlWGQDifrmQfDV5_2vDHgrfV61f0TOarbjkKKOjK5J_buONj9DegLGoRJfY_vT0_hW8abF82g7epM4p04ZO8LkANkNGow1huhSpfHCVGSFFhVD_6MtSf8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 05:09:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgf30wBsp8V53LeCKpuDuI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 26C8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL5z1ahkNXCFb2Yb-n5a-h4&google_cver=1

43 B
1 KB

32ms
20ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL5z1ahkNXCFb2Yb-n5a-h4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNWrLU0jBJf-Z0-RbNbFAQMGtfmir_OA59iVMSIiOon8Szk0iRet9i82H3jNJ0BlWGQDifrmQfDV5_2vDHgrfV61f0TOarbjkKKOjK5J_buONj9DegLGoRJfY_vT0_hW8abF82g7epM4p04ZO8LkANkNGow1huhSpfHCVGSFFhVD_6MtSf8

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 05:09:14 GMT
AN-X-Request-Uuid: 162b6301-3d38-425c-952d-0698d9295283
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL5z1ahkNXCFb2Yb-n5a-h4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 26C8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyNjkxMzQyNjE4MjI0MjQxOQ%3D%3D

170 B
243 B

31ms
29ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyNjkxMzQyNjE4MjI0MjQxOQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 05:09:14 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.28; 217.114.218.28; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a691376b-4dea-47a1-8d42-c35e2fb701f8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIyNjkxMzQyNjE4MjI0MjQxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D43 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1905131704749&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D43 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1905131704749&version=m202301230201&ct=76&x=1&cor=11812244740431880000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2D43 99 KB
38 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJIT8Vx-m-OBt3d2gd-mHZkQ7Crsth3yJ0Yt1vosF5X5WtY4UdM5hEMmXdPBHe_AyEmZzUvQ6pBsSkJOocrrAqfRLMPSUmjhwBYZZBDoe7Xkp9JsXOW6NC3Ut1tLSo2zAw55W0FeYT984krXl2vfsZAy20kp8ZhBmuvw3Fb_37odNax-s&dbm_d=AKAmf-BlTgoKmD7lUD7BVV16P_YStdCpmf7q6u8m4o094Xrx5QjMbKGm4eiMJRn52lGKqm2iT23V3dBtuf0-JDWE7dxCwjVs38yMyOx9sjgGmqM1JTWWLCg9fcPi9IsQVPeVUCNqhwN5X11IFebOFkbIr3jV7wLScDrOV1WxM8tGzhs-z1UDK9d1LwHHWKv6PVTTxbeHrCIDDxvU-XkZiWVdts-TPNMx196YAhgbns0N4hk0kJTBkSXa0dqg_gpXugg-qBqRjqpr7wo1j0ztFGpxIT_xraQDY_-sxxAd-JsuVrK2uX_uvvy6_ky7vpGSTNDIt3dfqkcB2NMiouO39dfS8IVKjAYFeOMW4i0D4OszlgbzbXVpqqSl7oQLcEhdq3IRFq4rFb0GfEO2PlJysLkF4YZCLVa3qyU-Wlc7Nkv6yAkNFKKLtal3k59BRMEr_9ZmbclHlMFN0TkZ58egA1FK8Oj3NPpmaNd-diC6wQ7EhhalpTtBLIgmJSijZjDF4_8tkAxEnXMrZgmlwdUBrkRs9sps2bvlxzdWZ3W3UgLo4Pzab2EK_TvyKhNoXNmpH72bIp_uoCSR_3QeDcSfBwa67BQ2awduAm3cGfIBZnyQQMZ_ZC-eSQpXE_xB08c0As0dfXnJeGinolhOIo8bjZ03gpyJ4nOk9YMszg3r5WZsw5_zowmatHMZSSeM0F7-Q8HKF2_zNDinKOvdeyLkoC-9MIo26JEiraP9eWwWS-kYkcdILJPzcw9qzKtk8TvVq6ZV8qE4lf0plHBdE01s0pa4ib4ddKpHbSXTPnx7oiuPFCOHUTEX-xysCs6zwj-r3nx7hIhYthGmnW5u88BenzYVu-r2LZ-bRR-tUDXUpyWvfvurEZv2z69so3HKpkVL5A6chP3zCLoHeaAIk1c-G6dyjPY8C-3ODc9bmUXzO6CachlDI3kbb2rZx7XgUdCOoFPIMfBPYixGmZS7MISTgU_I5U7aEIYY4jFcS01k56DFRdaZSmh8Fk2d372F8Vblf_1FoHwwK47yx1BvfKnxrUiQ9Tl-PxtmtWxxaxxsKXi9P1OdKK_m9A73RPhKouuZQ8LTFS2DEeRpMXqQEc3ikWOHu03KkJbqlmmMqffARmSZYMI7NIQCAQnEuPDZhd77ER3yuC8PtEXc15eNBJjGCvo4dFR-Tr0mIJcvDZTHrzFaC-n9N-Q95tmGMAthSTnhudfEgnww1QcuB9F43rMRQxDY2huiQFZ9jvcFmBSiAPg47CU4Dh5vr46_c-rX7hiw5wGuaKAnGcl_4GHfcYwHYtyUJgasY5PSWtih5zwT5jClUy8clkLROipmp6vpMkL195SC4WqzZb6ZfrpPZy2VQXzfOYCEkhD_ll9P8CJGqGZHAReLdzM0sCDzJFwDsxPwXfTyI9Q82mqvKBzVyJAjrHZ2dr6TW69PHaw8UG6OidI2z0FrptVx58ihOCj0f6qSfERC4hQiRXgcWhVDcnUiy7bOasY9V5huRa1VR24Pi1PM_Zx0M6kzIMgYFMjl9K5fQmmdqCHyTZHwJP9CHlgqijD6hWoDy3JwJ-GchdXTULLYYR4HcwZGf39kDRMRfRMVneSMRzeCC7uZB1q6SnAtXW_IGg_6KfdzaYSWkYXHcmIYet5kGRs9ArwZ7xHX-zT9uP4L9PRlonksNhCEMMZetwRBK4M0CYAsnQ-spK8nLAwmPN-8u-f0sxylMNuBgolFSP_mAQCW1We-FZwtb-SVgjeQqKnVyzO1h-vzAtyk2YZeDh-YrT8RagajfvXVx6lhP3UwqXSkGtuIZEX-XoJVy2HmlviYpWHP3526XtTlnz4CHJ4KuEjtNN9hTkBIA5RKmISII08M0Chp4JN3xfxDAPBXzC9u8xBWiyg0lamU3LFA3nK241aDAqhvAQbduLjj-Xw6EcQV2ZoNmbEkpzIbSn0zeqMbZlKQnqZspZ-uNqEVmh8pDry3HnxPcJduvh7JHUU2UpV17l03fLqISIQO6jNT8Ppz3j4x5Es6lJ0hID1sIuRwRZ44oc1sMB6QCaMpzEHtVL0wbmgHQ5iE0rbxP5qV8jJ5d8bF-UWWfhj2L5DBch1PBK6cprCaxA7-UKEVkfWOZtIXV9kvwJeRlS0m2xDINw0Zg9zHdLcdr496NjXxTFDa227enpnUYLtUT3DbyVA3z3w0FgTis7XHigRKpzgTry6lwpiUFQrjiG7APiF-KFriVVFBZjyacncnbWv-plq_1ewTOHtkoPUUP0jcz5FKlkgiAGgAYIJxvk0puEH2YFIk_nArN2eQTz-paZqfc4IwJdwbx72h4IvaO7Fr9pNlVWe2cRmCIWqGbUkwUomn0E-xNuqwa9oNUW3EKJqpbBwSVopj3zoQoAUd49j-hVNhbJyPvpr7vSmY6Z8VhmNhmi_yvVwhE1O60QXn8wNK_e1hfVQpxcH_u8bPuffEr-93_2wb0otAF5a0TyRirFycUjaMT2SL3eZPSoZTc2ll-HFBIL62suu9o1_4iKKLorfjr1OxYWG4oRw0jQ0qLTVBzjqLB6eSGUrn37i6B9JGEailjRJBkONYfC0NyqeZXGddH3mkr2ZwaZHqDJ4YM4yxnIrRzhBqpcSxKqLwlUS4HNm-DWExnsAEACZ5wfwuKA_FJaBwRY7EudnLZ6E0D5YTowMRe9i7iJQoVvDeTOY0eC0r-Z3mx6vmWO-ER9LLsWeifE8kxRuyEI_r70m0HMPW4tSKsCDT5EwUEmSZW9e0K-5p9AYys9G94olRWRS0rL5qYSS0FKSUXr7vvLY2HqzWhnb3leg8yemYzajY0NsDcD2b6MuzLPLmto_VAggqxtF9jvhv6PyOI91RPu5nRMB31FUF4QWUXTFoFnMnKqIxiksXC42KLW8ttrm8qodgAtb3wlgJrx7BOb7lgoAPQs5rgQ7De2tnGNdl4-LYXXOsveZFYgZm-Onf4g6v0M838BJ960PsKEXJEaQSQBojhinHHIaoQIIZWgoKEtQOeSaB_KxHE7iPsbRHO6Sl79CP_lpN0YO4t_Vhp2VKf_4bZwflVxQoKEh8pMMYpfNHbuJ8q5WhHujuBNUiKEN06lDqBkoYMwaDAUWv4lQSRK9ZDAQ3EIIPyJpx9YsB4TC3g6QyVXFU3E38zzXnLhDrzYezaL9n8jH-nw2MoCWV5wc2j4UW89OF-bowlbq3_7Z8_wAsl1l0hVlIH7dfj85ZLtB1B6swPyRwi0bWQgp1q5IJxuP5jyavO2DTTAc3KY6kuHabTWY7sIEOza-GiyBlfMsre980t34mOxjPVN8UTxeOZz0Lb1rmoZ2FmjtFK0QtBBC--oQ77s7bjmVGkmkjJg8KXW_JJghzuYef2gbLy2OeZncIc56hbWriVXaFjz-f4m0PjAce1ZqJhn0MXLTfI-nZxhQ0A3GVeGo58qOhFuKEh-PYCterIOOoKHY6DW4um9LOFVRpWXedQiTsmr7gTI3EYEM2a1FXvKtstuLnpLDs7P9v3gTg8fb_TDqGNFIuLJEpnvD2OI7AlOMJ5Cx8u7IAFp4czLJVTVsWrUwAVGqjvX0FCvfGUwg_SBEkxFg6mVkR72qoh0CE3Bto&cid=CAQSOwBygQiDdq6w7BM1WKsuDHq11cnXA6ZCAyD1ywrW5GbBrQE3aVwYY9aH9Pd0xcmwqHSvi97oWppOiAGaGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.openurls.com.cn%2F&ds=l&xdt=1&iif=1&cor=11812244740431880000&adk=2124396030&idt=55&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bfca88447b2b5be5576c793bbbb0f1ec58f39844397daafa1f290ce7da9eb90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527013/ Frame 2D43 245 KB
74 KB 232ms
48ms Script
application/javascript 54.194.70.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527013/skeleton.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-7280226555256644&ias_chanId=1&ias_placementId=19429848476&bidurl=http://www.openurls.com.cn/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i5TMMDgtLMJMiXMxpx8yiG
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.70.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-70-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b33ca41a2f18c3a4469fe6d52caf5a6cd42f00c43eba5225778e9d8be71979a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2D43 106 KB
37 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 2D43 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJIT8Vx-m-OBt3d2gd-mHZkQ7Crsth3yJ0Yt1vosF5X5WtY4UdM5hEMmXdPBHe_AyEmZzUvQ6pBsSkJOocrrAqfRLMPSUmjhwBYZZBDoe7Xkp9JsXOW6NC3Ut1tLSo2zAw55W0FeYT984krXl2vfsZAy20kp8ZhBmuvw3Fb_37odNax-s&dbm_d=AKAmf-BlTgoKmD7lUD7BVV16P_YStdCpmf7q6u8m4o094Xrx5QjMbKGm4eiMJRn52lGKqm2iT23V3dBtuf0-JDWE7dxCwjVs38yMyOx9sjgGmqM1JTWWLCg9fcPi9IsQVPeVUCNqhwN5X11IFebOFkbIr3jV7wLScDrOV1WxM8tGzhs-z1UDK9d1LwHHWKv6PVTTxbeHrCIDDxvU-XkZiWVdts-TPNMx196YAhgbns0N4hk0kJTBkSXa0dqg_gpXugg-qBqRjqpr7wo1j0ztFGpxIT_xraQDY_-sxxAd-JsuVrK2uX_uvvy6_ky7vpGSTNDIt3dfqkcB2NMiouO39dfS8IVKjAYFeOMW4i0D4OszlgbzbXVpqqSl7oQLcEhdq3IRFq4rFb0GfEO2PlJysLkF4YZCLVa3qyU-Wlc7Nkv6yAkNFKKLtal3k59BRMEr_9ZmbclHlMFN0TkZ58egA1FK8Oj3NPpmaNd-diC6wQ7EhhalpTtBLIgmJSijZjDF4_8tkAxEnXMrZgmlwdUBrkRs9sps2bvlxzdWZ3W3UgLo4Pzab2EK_TvyKhNoXNmpH72bIp_uoCSR_3QeDcSfBwa67BQ2awduAm3cGfIBZnyQQMZ_ZC-eSQpXE_xB08c0As0dfXnJeGinolhOIo8bjZ03gpyJ4nOk9YMszg3r5WZsw5_zowmatHMZSSeM0F7-Q8HKF2_zNDinKOvdeyLkoC-9MIo26JEiraP9eWwWS-kYkcdILJPzcw9qzKtk8TvVq6ZV8qE4lf0plHBdE01s0pa4ib4ddKpHbSXTPnx7oiuPFCOHUTEX-xysCs6zwj-r3nx7hIhYthGmnW5u88BenzYVu-r2LZ-bRR-tUDXUpyWvfvurEZv2z69so3HKpkVL5A6chP3zCLoHeaAIk1c-G6dyjPY8C-3ODc9bmUXzO6CachlDI3kbb2rZx7XgUdCOoFPIMfBPYixGmZS7MISTgU_I5U7aEIYY4jFcS01k56DFRdaZSmh8Fk2d372F8Vblf_1FoHwwK47yx1BvfKnxrUiQ9Tl-PxtmtWxxaxxsKXi9P1OdKK_m9A73RPhKouuZQ8LTFS2DEeRpMXqQEc3ikWOHu03KkJbqlmmMqffARmSZYMI7NIQCAQnEuPDZhd77ER3yuC8PtEXc15eNBJjGCvo4dFR-Tr0mIJcvDZTHrzFaC-n9N-Q95tmGMAthSTnhudfEgnww1QcuB9F43rMRQxDY2huiQFZ9jvcFmBSiAPg47CU4Dh5vr46_c-rX7hiw5wGuaKAnGcl_4GHfcYwHYtyUJgasY5PSWtih5zwT5jClUy8clkLROipmp6vpMkL195SC4WqzZb6ZfrpPZy2VQXzfOYCEkhD_ll9P8CJGqGZHAReLdzM0sCDzJFwDsxPwXfTyI9Q82mqvKBzVyJAjrHZ2dr6TW69PHaw8UG6OidI2z0FrptVx58ihOCj0f6qSfERC4hQiRXgcWhVDcnUiy7bOasY9V5huRa1VR24Pi1PM_Zx0M6kzIMgYFMjl9K5fQmmdqCHyTZHwJP9CHlgqijD6hWoDy3JwJ-GchdXTULLYYR4HcwZGf39kDRMRfRMVneSMRzeCC7uZB1q6SnAtXW_IGg_6KfdzaYSWkYXHcmIYet5kGRs9ArwZ7xHX-zT9uP4L9PRlonksNhCEMMZetwRBK4M0CYAsnQ-spK8nLAwmPN-8u-f0sxylMNuBgolFSP_mAQCW1We-FZwtb-SVgjeQqKnVyzO1h-vzAtyk2YZeDh-YrT8RagajfvXVx6lhP3UwqXSkGtuIZEX-XoJVy2HmlviYpWHP3526XtTlnz4CHJ4KuEjtNN9hTkBIA5RKmISII08M0Chp4JN3xfxDAPBXzC9u8xBWiyg0lamU3LFA3nK241aDAqhvAQbduLjj-Xw6EcQV2ZoNmbEkpzIbSn0zeqMbZlKQnqZspZ-uNqEVmh8pDry3HnxPcJduvh7JHUU2UpV17l03fLqISIQO6jNT8Ppz3j4x5Es6lJ0hID1sIuRwRZ44oc1sMB6QCaMpzEHtVL0wbmgHQ5iE0rbxP5qV8jJ5d8bF-UWWfhj2L5DBch1PBK6cprCaxA7-UKEVkfWOZtIXV9kvwJeRlS0m2xDINw0Zg9zHdLcdr496NjXxTFDa227enpnUYLtUT3DbyVA3z3w0FgTis7XHigRKpzgTry6lwpiUFQrjiG7APiF-KFriVVFBZjyacncnbWv-plq_1ewTOHtkoPUUP0jcz5FKlkgiAGgAYIJxvk0puEH2YFIk_nArN2eQTz-paZqfc4IwJdwbx72h4IvaO7Fr9pNlVWe2cRmCIWqGbUkwUomn0E-xNuqwa9oNUW3EKJqpbBwSVopj3zoQoAUd49j-hVNhbJyPvpr7vSmY6Z8VhmNhmi_yvVwhE1O60QXn8wNK_e1hfVQpxcH_u8bPuffEr-93_2wb0otAF5a0TyRirFycUjaMT2SL3eZPSoZTc2ll-HFBIL62suu9o1_4iKKLorfjr1OxYWG4oRw0jQ0qLTVBzjqLB6eSGUrn37i6B9JGEailjRJBkONYfC0NyqeZXGddH3mkr2ZwaZHqDJ4YM4yxnIrRzhBqpcSxKqLwlUS4HNm-DWExnsAEACZ5wfwuKA_FJaBwRY7EudnLZ6E0D5YTowMRe9i7iJQoVvDeTOY0eC0r-Z3mx6vmWO-ER9LLsWeifE8kxRuyEI_r70m0HMPW4tSKsCDT5EwUEmSZW9e0K-5p9AYys9G94olRWRS0rL5qYSS0FKSUXr7vvLY2HqzWhnb3leg8yemYzajY0NsDcD2b6MuzLPLmto_VAggqxtF9jvhv6PyOI91RPu5nRMB31FUF4QWUXTFoFnMnKqIxiksXC42KLW8ttrm8qodgAtb3wlgJrx7BOb7lgoAPQs5rgQ7De2tnGNdl4-LYXXOsveZFYgZm-Onf4g6v0M838BJ960PsKEXJEaQSQBojhinHHIaoQIIZWgoKEtQOeSaB_KxHE7iPsbRHO6Sl79CP_lpN0YO4t_Vhp2VKf_4bZwflVxQoKEh8pMMYpfNHbuJ8q5WhHujuBNUiKEN06lDqBkoYMwaDAUWv4lQSRK9ZDAQ3EIIPyJpx9YsB4TC3g6QyVXFU3E38zzXnLhDrzYezaL9n8jH-nw2MoCWV5wc2j4UW89OF-bowlbq3_7Z8_wAsl1l0hVlIH7dfj85ZLtB1B6swPyRwi0bWQgp1q5IJxuP5jyavO2DTTAc3KY6kuHabTWY7sIEOza-GiyBlfMsre980t34mOxjPVN8UTxeOZz0Lb1rmoZ2FmjtFK0QtBBC--oQ77s7bjmVGkmkjJg8KXW_JJghzuYef2gbLy2OeZncIc56hbWriVXaFjz-f4m0PjAce1ZqJhn0MXLTfI-nZxhQ0A3GVeGo58qOhFuKEh-PYCterIOOoKHY6DW4um9LOFVRpWXedQiTsmr7gTI3EYEM2a1FXvKtstuLnpLDs7P9v3gTg8fb_TDqGNFIuLJEpnvD2OI7AlOMJ5Cx8u7IAFp4czLJVTVsWrUwAVGqjvX0FCvfGUwg_SBEkxFg6mVkR72qoh0CE3Bto&cid=CAQSOwBygQiDdq6w7BM1WKsuDHq11cnXA6ZCAyD1ywrW5GbBrQE3aVwYY9aH9Pd0xcmwqHSvi97oWppOiAGaGAE&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.openurls.com.cn%2F&ds=l&xdt=1&iif=1&cor=11812244740431880000&adk=2124396030&idt=55&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 14:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53807
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 14:12:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 2D43 29 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:43:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D43 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A130 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 20:07:02 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 20:07:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2D43 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16e1d2742827e80cb9b16fc4301a7de5429809ea277576554918505f7cfcb8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A130
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGkwpcKoLuyQZ4IO54Ed2pY&google_cver=1&google_push=ATf1kGMcfMmPtMfPHYw_NyR1dO4u9TZgbBP0lPg4K0iTMOG-M1XxYZadY4NwNjeNYBcuV1CXWC46j3Gp1xCT-IAP...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcfMmPtMfPHYw_NyR1dO4u9TZgbBP0lPg4K0iTMOG-M1XxYZadY4NwNjeNYBcuV1CXWC46j3Gp1xCT-IAPjxrXlp_y980bTA

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcfMmPtMfPHYw_NyR1dO4u9TZgbBP0lPg4K0iTMOG-M1XxYZadY4NwNjeNYBcuV1CXWC46j3Gp1xCT-IAPjxrXlp_y980bTA

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 05:09:14 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcfMmPtMfPHYw_NyR1dO4u9TZgbBP0lPg4K0iTMOG-M1XxYZadY4NwNjeNYBcuV1CXWC46j3Gp1xCT-IAPjxrXlp_y980bTA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 05 Jun 2023 05:09:13 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A130
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF0_bh99pnEhX-qWYZuY2ic&google_cver=1&google_push=ATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1Ip...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF0_bh99pnEhX-qWYZuY2ic&google_cver=1&google_push=ATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1...

43 B
422 B

200ms
193ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF0_bh99pnEhX-qWYZuY2ic&google_cver=1&google_push=ATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d25e7012ae735fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 43
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF0_bh99pnEhX-qWYZuY2ic&google_cver=1&google_push=ATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNgqP3w2DTWv-JJLHPpllxLuK-jhWithYAv2qhTwEJUXRjo-Bum4jmO-lYAVoQ20br7N3ZH4xZ5wcbd-W4abxgrmUaN1B1IpQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d25e6ffd9c235fd-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJCNrykyjGgTIMidsLoEE_8&google_push=ATf1kGPZ2Ao578obX3QgQeubyZmf8_4dDSdooacBr1rHhKY5XrSUeEva7M...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJCNrykyjGgTIMidsLoEE_8&google_push=ATf1kGPZ2Ao578obX3QgQeubyZmf8_4dDSdooacBr1rHhKY5XrSUeEva7MWa6VsX89eg9CSuO56YiWHWj5IioTbarht0gg9G8cw5Mg

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220072-FRA
pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1685941755.871874,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJCNrykyjGgTIMidsLoEE_8&google_push=ATf1kGPZ2Ao578obX3QgQeubyZmf8_4dDSdooacBr1rHhKY5XrSUeEva7MWa6VsX89eg9CSuO56YiWHWj5IioTbarht0gg9G8cw5Mg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A130
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENIZKg6CcXf02tTwcvNvI58&google_cver=1&google_push=ATf1kGP0pT92DO6og-MAfi3B2kXyT4imuaeOBkn7xsxrISYww_PeooJjWo506TKGvogBpx16iJva4lIkKxrrwgtl_qBRYQbhZb0Tjw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F0DF3786EE4A03A84113EDD9B00C55&google_push=ATf1kGP0pT92DO6og-MAfi3B2kXyT4imuaeOBkn7xsxrISYww_PeooJjWo506TKGvogBpx16iJva4lIkKxrrwgt...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F0DF3786EE4A03A84113EDD9B00C55&google_push=ATf1kGP0pT92DO6og-MAfi3B2kXyT4imuaeOBkn7xsxrISYww_PeooJjWo506TKGvogBpx16iJva4lIkKxrrwgtl_qBRYQbhZb0Tjw

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 05:09:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F0DF3786EE4A03A84113EDD9B00C55&google_push=ATf1kGP0pT92DO6og-MAfi3B2kXyT4imuaeOBkn7xsxrISYww_PeooJjWo506TKGvogBpx16iJva4lIkKxrrwgtl_qBRYQbhZb0Tjw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 04 Jun 2023 05:09:14 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A130
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIlKhodv9HzZtBlBE8tDXWI&google_cver=1&google_push=ATf1kGMflebtYyT3uv91jqk2UXumiDW1UKRRN3fsFiLCy-Tf7mZbHntvbjZIXxYf2oyh-txHWo6Fdohd2IHGLqqtoEFSKRL...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMflebtYyT3uv91jqk2UXumiDW1UKRRN3fsFiLCy-Tf7mZbHntvbjZIXxYf2oyh-txHWo6Fdohd2IHGLqqtoEFSKRLHDDT5YA&google_hm=eS16ZndaR0Q5RTJwR0Y2...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMflebtYyT3uv91jqk2UXumiDW1UKRRN3fsFiLCy-Tf7mZbHntvbjZIXxYf2oyh-txHWo6Fdohd2IHGLqqtoEFSKRLHDDT5YA&google_hm=eS16ZndaR0Q5RTJwR0Y2Z29MTjVPWHFycy40Qmh2ODRxSH5B

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 05:09:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMflebtYyT3uv91jqk2UXumiDW1UKRRN3fsFiLCy-Tf7mZbHntvbjZIXxYf2oyh-txHWo6Fdohd2IHGLqqtoEFSKRLHDDT5YA&google_hm=eS16ZndaR0Q5RTJwR0Y2Z29MTjVPWHFycy40Qmh2ODRxSH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A130
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJZ7X5tZRQcbXDCyLgmRJM8&google_cver=1&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSAFORha...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJZ7X5tZRQcbXDCyLgmRJM8&google_cver=1&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSA...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NDA3NjEzNDA0NzMzNDcxNQ&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSAFOR...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NDA3NjEzNDA0NzMzNDcxNQ&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSAFORhamtrXtiYozLCnRz2Vgwxc

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU3NDA3NjEzNDA0NzMzNDcxNQ&google_push=ATf1kGMq-76eB3IXFSmEyYuOPEDBBgwPKjL7aWLJg77HSGRnOHQDauVJdGwhJzrzoxD_jI0ukSAFORhamtrXtiYozLCnRz2Vgwxc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame A130
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFSiTHpexve4CQbkdFCnSVA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP4zXZz24xuniaq7B991buupCMVOPhG9TOuik3ABw0Fyp5RPkL268zJ8vLvnLhur9LZbGTg4UUPEgrRx4YvO8h6WawINW5DqcE
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

84ms
84ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 05 Jun 2023 05:09:15 GMT
pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A130 0
12 B 29ms
28ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4t1GujmrYLer1JqKuRJAe_gtTGwcTCEIbWV4ZIdCYugD-nSCwVud9TZ4nHeFsr9NGsnDjLA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1649 22 KB
8 KB 29ms
25ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 163952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1649 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7657226687959464658/ Frame 91F4 142 KB
22 KB 67ms
22ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7657226687959464658/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91210fa256e2f98bdeb3f182d3aa308c7259f51148de80717738d700a0dcffe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 117422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22789
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 20:32:12 GMT
expires: Sun, 02 Jun 2024 20:32:12 GMT
last-modified: Wed, 09 Feb 2022 10:30:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D43 0
0 143ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHJ6LUDgATWHyg99jREAS1nDR06k_2Zrx9iI5qb708yvOI5Ly57IeEOFywXm-5ivRZeiFCMqjOIndandIA_T3d5rfhnqvc1udYsYVG3ZN9bU_x8RE_pWY4AT6NwIdLti3vg6oB0YBJn5TjOdLAznmZyO43H8aM7IDmr4_o0OxVgc1vWVUbuNyqBZsM8EzY96HZMvJWhLYkbJqx4fatrQL2pOjkkvIeEpj2skO44wl6_9Uv34tZ_OI-B37XZ5GRCMpKbYtFM457_qayCzNpwbE5TAii7juHeJolMNvTcT1n2Pg-CH7ctD4EU9Ve6tsccWgKvfahMFuOvXObc_srm6DMkMJeC7RomslmS9vHT5OD1uYpYajrS4_zOTcu0QCnvOX-C1wWL9V3Inl6Vo_OHC49kQ1lB65b4O0rWQt5pvd2WcJDaIegN7ZIcSj2Xqh68EeNXaqyqYCeK8kZdZ4QLDlapK98VhixkXAVN_w21IZxNk43WVp_dy19ixnIX-F6yI7qJQwQQ-zLO7v6BXURHaJKQLy0KXx-0xo3Dsy0oi9YPD9RTez2eff-0_y_jZbGfuh8BDMYQHJad-KUTSEjg4F4M9bT4OEkOhBbqRep14B8xzCYOrxHvJthNexznc8OKtXhe6zebFsA4yu6ITlm7Zn-xKX8uxwdWG7oeBZFJS18NrVD6oU_b49Q0SOHvmf8RMKPJZ4NvWDqpxLzJNj5RgBIOCERhRwkTJA4torIqehhjwSbjDRfsqpQvloh2-kXFceG41xVVJo2EXQulXNZxV3hyj9ExEn4beJdiYGYGAsZgMjLmtp9IA3C7WFfreGOVO6F1r_MIhq3cYTYbpIsGRMt7prR6uk25laMcZMuEVAVicUpb4XuePoRSTGmCdTFqbpJei4C2GPiLtmDa6-mWh7y52jR_7tjUL_ejIsepp_FGf7pzDy3WttXR7NN5tiATj6v6L5IQ3ErHe5dtXNF-VjxaXXdabkLkv1ZngMq6yJkxh5UZ9CSQxFs9zqJ5spczUaYjZQ_-Bbhlo8HzgZpbOf4IUR2jzX4GHmfiLjeYmULe8ntTZqzxMhz78nxXMBqLkHnEpiUMoSzPN3NkIxiu1kNKctiDuEn1nRaXGl8xM5GuMiQPlsf-pnHMIyleKycMrFyVTObocFE4kNp6sx06zwL7PUt-xoIwbCZot1SDk0s4HjmQWNNmv81XHnT_cP2OpBI4S2-tIKsjBqbGErJbcjYl8dLPILvJqwkUoohWrJxxMF3JCcjOvO0tlNpkcos4FRHMV4txzQscieEb7aULG0YAbBAO7EuczxpNgbrALVMtcnsbxAh9nb3J4lK6r3LnwgDfCzlRqrSbA&sai=AMfl-YT-jhx_2lDniszY7Fs4Zx9Ue9O1GZoajC0EC7N9SKLvJSXE59RRF8Ca5COUos0JzJ1Co0ssIySuufBnLk6vbKG2fW7m_urTfiJCtlDxKTQ-_0eoA69OKUza5Cax4nBdd5IX8PRetZXCjkcp0vMI3iOPCDT3wzrSOgJ3cE9YLtcrbAuw9o784wiD74QDt0Ry0vh6s_TwyhP8dq2lxmHPRPp2mWVgvuWJ44jJphwMHidQuOD_mU_7ocyxDnnY9wVlLUSi&sig=Cg0ArKJSzDGoz0AkIffLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&cbvp=1&cstd=117&cisv=r20230531.31591&arae=0&ftch=1&adurl=

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 05:09:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 05 Jun 2023 05:09:14 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 91F4 29 KB
10 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 03:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Jun 2023 03:05:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D43 0
0 59ms
59ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHJ6LUDgATWHyg99jREAS1nDR06k_2Zrx9iI5qb708yvOI5Ly57IeEOFywXm-5ivRZeiFCMqjOIndandIA_T3d5rfhnqvc1udYsYVG3ZN9bU_x8RE_pWY4AT6NwIdLti3vg6oB0YBJn5TjOdLAznmZyO43H8aM7IDmr4_o0OxVgc1vWVUbuNyqBZsM8EzY96HZMvJWhLYkbJqx4fatrQL2pOjkkvIeEpj2skO44wl6_9Uv34tZ_OI-B37XZ5GRCMpKbYtFM457_qayCzNpwbE5TAii7juHeJolMNvTcT1n2Pg-CH7ctD4EU9Ve6tsccWgKvfahMFuOvXObc_srm6DMkMJeC7RomslmS9vHT5OD1uYpYajrS4_zOTcu0QCnvOX-C1wWL9V3Inl6Vo_OHC49kQ1lB65b4O0rWQt5pvd2WcJDaIegN7ZIcSj2Xqh68EeNXaqyqYCeK8kZdZ4QLDlapK98VhixkXAVN_w21IZxNk43WVp_dy19ixnIX-F6yI7qJQwQQ-zLO7v6BXURHaJKQLy0KXx-0xo3Dsy0oi9YPD9RTez2eff-0_y_jZbGfuh8BDMYQHJad-KUTSEjg4F4M9bT4OEkOhBbqRep14B8xzCYOrxHvJthNexznc8OKtXhe6zebFsA4yu6ITlm7Zn-xKX8uxwdWG7oeBZFJS18NrVD6oU_b49Q0SOHvmf8RMKPJZ4NvWDqpxLzJNj5RgBIOCERhRwkTJA4torIqehhjwSbjDRfsqpQvloh2-kXFceG41xVVJo2EXQulXNZxV3hyj9ExEn4beJdiYGYGAsZgMjLmtp9IA3C7WFfreGOVO6F1r_MIhq3cYTYbpIsGRMt7prR6uk25laMcZMuEVAVicUpb4XuePoRSTGmCdTFqbpJei4C2GPiLtmDa6-mWh7y52jR_7tjUL_ejIsepp_FGf7pzDy3WttXR7NN5tiATj6v6L5IQ3ErHe5dtXNF-VjxaXXdabkLkv1ZngMq6yJkxh5UZ9CSQxFs9zqJ5spczUaYjZQ_-Bbhlo8HzgZpbOf4IUR2jzX4GHmfiLjeYmULe8ntTZqzxMhz78nxXMBqLkHnEpiUMoSzPN3NkIxiu1kNKctiDuEn1nRaXGl8xM5GuMiQPlsf-pnHMIyleKycMrFyVTObocFE4kNp6sx06zwL7PUt-xoIwbCZot1SDk0s4HjmQWNNmv81XHnT_cP2OpBI4S2-tIKsjBqbGErJbcjYl8dLPILvJqwkUoohWrJxxMF3JCcjOvO0tlNpkcos4FRHMV4txzQscieEb7aULG0YAbBAO7EuczxpNgbrALVMtcnsbxAh9nb3J4lK6r3LnwgDfCzlRqrSbA&sai=AMfl-YT-jhx_2lDniszY7Fs4Zx9Ue9O1GZoajC0EC7N9SKLvJSXE59RRF8Ca5COUos0JzJ1Co0ssIySuufBnLk6vbKG2fW7m_urTfiJCtlDxKTQ-_0eoA69OKUza5Cax4nBdd5IX8PRetZXCjkcp0vMI3iOPCDT3wzrSOgJ3cE9YLtcrbAuw9o784wiD74QDt0Ry0vh6s_TwyhP8dq2lxmHPRPp2mWVgvuWJ44jJphwMHidQuOD_mU_7ocyxDnnY9wVlLUSi&sig=Cg0ArKJSzDGoz0AkIffLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=252&vt=11&dtpt=131&dett=3&cstd=117&cisv=r20230531.31591&arae=0&ftch=1&adurl=

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 05:09:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1649 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk33B-m19ZPrsKfSTjuwPu-KFgA0AAAAAOAHgBAI&bg=!LC-lL3vNAAY9J7QfHSc7ADkAdvg8Wq7DbgTTLOFKIeAVMwh8SfBhLEr-yeyzESA2BjbDtBIx9XRqc4rvP4MHRHpE52-x2gpwY4ACAAAAaFIAAAACaAEHmQMlHKeKAKamaNhsoI-j0F7FH_R77XYE4oT-77V8MGRQ3uleYvAW7E_aNbHTWsZe2PI6QwV-yQSIcC2FmHwu7pRgTYGX259ckYu_LfITGULiw1yskMBXcbqwGiTV70ol1Ndxxh_FuQqRwSVdJ7siBRJEGdFY6EA7p767Tnpub_oc6KuWy1AGoxP1jnHxvZwuI-tzoONeoK6iQjW0HQQejpNZMkgdj_xdv4YDw6LAmpQUgbgnXQjY4OdQfXepC7L_GR1op6v-F5bvH3ddQlS_-YQT3ftfK163bR53dCJjvtZkU0RWZs6GSw3BShRG4xgRcnuJeDB4LjE0fn2oxNJmbKIIIWhsE3ON2Lhu8xHFRhxAivjABUO1RzsIfudO6g6wtTFCAh0QAbPpzQoPZBSJHRuASzVM9cyGt1S9QzqlosMj_mGiPUXrd6VHWP9mrPAj7yv6NuN-cqQSv-dYXobUJV-e0S73fuRIQdWtm7jU1246PjT63f1UfA5YK4pAhQyzjsfEgWmQp61PSICiR_u4xD4aubV4uV4Jej2LGPpzOFVgkavDschrjVJO9dSr9PbsIdw3ZBF74zC5CNPfiKfU7cxeD1m7Rf5YlfdimI57qdPuaSuzRCN55mFsc9BZgv_zxLqxWoHQrOUO00-pdQ6UWrE5fKhEff-Fb7FrxNGZ5H-ylbEAxi5NoJOtrBuP07J6Puj0mLKMuV7nKkq52ffzFbAzBM6nJ0FWv2JDoJcHFd9lfpgJoGZwF_2tJdXjploSKwCAiOPTJyM-VWSzFCvQG5CcodFj86k7JXkMFYH9G00ooUGPTjujLV8J9IkJgCVhtAL0R3nnvg-O-gN2PRN15NixsHoUW_jrCHfpzsctcB26o405flKzLWFXFHwMQVoKhbqH4LAxiTn26C0dTLmBTWmDSZqlDshO7VGV123TYk4aDQX8WNqSrwM3yEt6FQzQy9QoDonaW4Ckb_cc7s9MEz4JAjpvKSqxYIAcEp6lAufO6CbChuLT2YorgUREseNFKAjDJcFAWsM70MkMFSG9vstcJzJkWypur4YnAG7jydnAIEJMgF6SXg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 91F4 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 05:22:54 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 91F4 3 KB
1 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 05:19:13 GMT

GET
H3 200 head2_3line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 91F4 12 KB
3 KB 25ms
25ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779560b566f055003c68dd89d16a1411bd308db8bcfbc6acfa37ee6f3292988e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3390
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 05:20:29 GMT

GET
H3 200 head1_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 91F4 7 KB
2 KB 24ms
24ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_2line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4ce4cc9de9b9337c9591716670e26c1ee79f11a5ff24a0476cecfb23d0604a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2220
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 05:20:29 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 91F4 6 KB
2 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 04:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 05:10:44 GMT

GET
H3 200 300x250_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 91F4 39 KB
39 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_family.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc47b6ece0cbc3d797f2338b3485b6bcc52b967cd51f1d74a89086f517d91ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:04:32 GMT
x-content-type-options: nosniff
age: 283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39696
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 05:19:32 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 2D43
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527013/4.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-7280226555256644&ias_chanId=1&ias_placementId=19429848476&bidurl=http://www.openurls.com.c...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

46ms
26ms

Script
application/javascript

2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 15:26:31 GMT
x-amz-version-id: kRvzd7CjRoOo3q_aZsSszrsG3sJgteIV
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 308565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 01 Jun 2023 15:26:29 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 6DqS2WykHmYp8UysmK974apSyQsCM6aEky4EMj8NucY8K0wAvwK14g==

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 46C7 91 KB
23 KB 102ms
22ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22167179
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: QFJgwtCWe2olchIbzsVDgIzDR7PGi4F_LGSY7LGT1eBgLrtJ3v90pg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 378ms
113ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzk0b,pingTime:-3,time:47,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,rmeas:1,rend:0,renddet:na,siq:21%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 376ms
113ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzk0c,pingTime:-6,time:48,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,rmeas:1,rend:0,renddet:na,siq:21%7D&tpiLookup=ao:www.openurls.com.cn%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
216 B 372ms
111ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzk0g,pingTime:-2,time:52,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:494,beZ:496,mfA:498,cmA:500,inA:501,inZ:504,prA:505,prZ:509,si:514,poA:515,poZ:536,cmZ:536,mfZ:536,loA:542,loZ:544,ltA:546,ltZ:546%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:21,sinceFw:30,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzk6y,pingTime:-10,time:442,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1685941755518%7C%7C0b12503c6c4551f22cd4acde1af250f0%7C%7Ce2cb1dcbe7da8721e3ae9a3fd2b4449b%7C%7C4ef4d9660681844931b31221252886c5%7C%7C45bf95681724b79dcc76c572f459b89a%7C%7Cf2aa9df9ca9a59a1520d97daf74208e3%7C%7Cdca2c1e33a05b7e682667c5f07de1e7c%7C%7C8cacf18d1fd0330707bfc4d42051afaa%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&h=280&adk=3076577446&adf=1010401286&w=336&lmt=1685941753&ad_type=text_image&format=336x280_as&url=http%3A%2F%2Fwww.openurls.com.cn%2F&alt_color=FFFFFF&wgl=1&dt=1685941753890&bpp=15&bdt=2289&idt=15&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=941&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=0Sz9fbHln7&p=http%3A//www.openurls.com.cn&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzk8P,time:583,type:e,im:%7Bpci:%7Btdr:543%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:584,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B575~0%5D,as:%5B575~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:115,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:150%7D&br=c
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D43 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOxjqT_rVOeYmkx4xk9oRVT-XHmeTJ6t1GE66zDifzzyijzygp9LzuiSlYpMgPyvnLvmvO73o88A5XdvuwkyYkGAbIoB5GmBcs2HnuLNALBR8-skxbUlE1dofqQ23zI68bslDgTA&sai=AMfl-YS-H78WaFqAAvc3NokEJLJnBAXO7CRV9NBdEa6UsYjq59WkzUNHHQOD4HL0wcr8--FnVboRIAM2q7URZ1zbXe6G9GZO2bQDaXqg6flfcAL3lenb0vcFODdkpbE&sig=Cg0ArKJSzN17SHQyyWLTEAE&cid=CAQSOwBygQiDdq6w7BM1WKsuDHq11cnXA6ZCAyD1ywrW5GbBrQE3aVwYY9aH9Pd0xcmwqHSvi97oWppOiAGaGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3076577446&rs=2&la=0&cr=0&vs=4&r=v&rst=1685941754583&rpt=267&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 112ms
111ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzkgq,pingTime:0,time:1054,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1053%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1053,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1044~0,1~100%5D,as:%5B1045~300.250%5D%7D%7D,%7Bsl:i,t:1053,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1044~0,1~100%5D,as:%5B1045~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:150%7D&br=c
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:16 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 21.gif
hmcdn.baidu.com/static/hmt/icon/ 1 KB
1 KB 4207ms
937ms Image
image/gif 113.219.142.48
CT-HUNAN-HENGYANG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hmcdn.baidu.com/static/hmt/icon/21.gif
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 113.219.142.48 , China, ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: cbbb7979af02aa2557c1bb600d06d9030b76cf4f0fdbf893304de035b0d0cc0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:20 GMT
tracecode: 18190542270389388042032905
ohc-cache-hit: chenzct66 [2], tjctcache58 [2]
ohc-response-time: 1 0 0 0 0 0
last-modified: Fri, 18 Oct 2019 10:59:43 GMT
server: JSP3/2.0.14
age: 276718
etag: "5da99b1f-45f"
content-type: image/gif
accept-ranges: bytes
timing-allow-origin: *
content-length: 1119
ohc-global-saved-time: Wed, 31 May 2023 06:50:30 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
368 B 347ms
347ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1185041237&si=9bda91614e9a9686e07a90bf5201cce3&v=1.3.0&lv=1&sn=53881&r=0&ww=1600&u=http%3A%2F%2Fwww.openurls.com.cn%2F&tt=%E6%89%B9%E9%87%8F%E6%89%93%E5%BC%80%E7%BD%91%E5%9D%80%E3%80%81%E7%BD%91%E9%A1%B5%E3%80%81%E7%BD%91%E7%AB%99%EF%BC%88%E7%BD%91%E5%9D%80%E3%80%81%E8%B6%85%E9%93%BE%E6%8E%A5%E6%89%B9%E9%87%8F%E6%89%93%E5%BC%80%E5%B7%A5%E5%85%B7%EF%BC%8C%E5%A6%82%E4%BD%95%E6%89%B9%E9%87%8F%E4%B8%80%E9%94%AE%E5%BF%AB%E9%80%9F%E6%89%93%E5%BC%80%E5%A4%9A%E4%B8%AA%E7%BD%91%E7%AB%99%E3%80%81%E7%BD%91%E9%A1%B5%EF%BC%89

Requested by

Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 05:09:16 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.openurls.com.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.openurls.com.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4CD6 0
16 B 30ms
29ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7280226555256644&output=html&adk=1812271804&adf=3025194257&lmt=1685941756&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fwww.openurls.com.cn%2F&ea=0&pra=7&wgl=1&dt=1685941756427&bpp=2&bdt=4826&idt=2&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0512c4f493b06c34-222e79a635e100fd%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg&gpic=UID%3D00000c43accd652b%3AT%3D1685941752%3ART%3D1685941752%3AS%3DALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw&prev_fmts=468x60%2C336x280_as&nras=1&correlator=7741815169399&frm=20&pv=1&ga_vid=1387077239.1685941752&ga_sid=1685941752&ga_hid=441475944&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C31074994%2C44788441%2C44789819&oid=2&psts=ABHeCvh2FEwKQndSGsTg19Wmi6BmJeyfJkLZ2Hhime3-mnOek9s3oWFNXLd_08Zg-GLopAByhowVTNtQ4etZE437gzOB&pvsid=2971451777999243&tmod=430763651&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.openurls.com.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:09:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 auto_dup Show response
pos.baidu.com/ 59 B
501 B 1867ms
648ms Script
application/javascript 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/auto_dup?di=0&uuid=46e2f46ea5acd22c&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=8ac204a9933c5620&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1685941753884&ti=%E6%89%B9%E9%87%8F%E6%89%93%E5%BC%80%E7%BD%91%E5%9D%80%E3%80%81%E7%BD%91%E9%A1%B5%E3%80%81%E7%BD%91%E7%AB%99%EF%BC%88%E7%BD%91%E5%9D%80%E3%80%81%E8%B6%85%E9%93%BE%E6%8E%A5%E6%89%B9%E9%87%8F%E6%89%93%E5%BC%80%E5%B7%A5%E5%85%B7%EF%BC%8C%E5%A6%82%E4%BD%95%E6%89%B9%E9%87%8F%E4%B8%80%E9%94%AE%E5%BF%AB%E9%80%9F%E6%89%93%E5%BC%80%E5%A4%9A%E4%B8%AA%E7%BD%91%E7%AB%99%E3%80%81%E7%BD%91%E9%A1%B5%EF%BC%89&ari=2&ver=0602&kws=%E5%A6%82%E4%BD%95%E8%BF%85%E9%80%9F%E6%89%93%E5%BC%80%E5%A4%9A%E4%B8%AAURL%EF%BC%8C%20%E6%80%8E%E6%A0%B7%E4%B8%80%E6%AC%A1%E6%80%A7%E6%89%93%E5%BC%80%E4%B8%80%E6%89%B9%E7%BD%91%E5%9D%80%EF%BC%8C%E6%80%8E%E6%A0%B7%E4%B8%80%E4%B8%8B%E6%89%93&dps=%E6%89%B9%E9%87%8F%E6%89%93%E5%BC%80%E7%BD%91%E7%AB%99%EF%BC%8C%E7%BD%91%E5%9D%80%E6%89%B9%E9%87%8F%E6%89%93%E5%BC%80%E5%B7%A5%E5%85%B7%E8%A7%A3%E5%86%B3%E6%80%8E%E6%A0%B7%E4%B8%80%E9%94%AE%E6%89%93%E5%BC%80%E5%A4%9A%E4%B8%AA%E7%BD%91%E7%AB%99%EF%BC%8C%E5%A6%82%E4%BD%95%E6%89%B9%E9%87%8F%E6%89%93%E5%BC%80N%E4%B8%AA%E7%BD%91%E5%9D%80%EF%BC%8C%E5%A6%82%E4%BD%95%E8%BF%85%E9%80%9F%E6%89%93%E5%BC%80%E5%A4%9A%E4%B8%AAURL%EF%BC%8C%E5%A6%82%E4%BD%95%E5%BF%AB%E9%80%9F%E6%89%93%E5%BC%80%E6%89%B9%E9%87%8F%E7%BD%91&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1685941753&prot=2&rw=1200&ltu=http%3A%2F%2Fwww.openurls.com.cn%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1685941754&dc=4&aa=1

Requested by

Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

d99e7e520294215f5fdabf61ec800f82cb099332844aa04210d233c7c16fa07f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:18 GMT
last-modified: Mon Jun 5 13:09:18 2023
server: nginx
content-type: application/javascript;charset=UTF-8
p3p: CP=" OTI DSP COR IVA OUR IND COM "
cache-control: post-check=0, pre-check=0
content-length: 59
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D43 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1905131704749&version=m202301230201&ct=76&x=1&cor=11812244740431880000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzkwz,pingTime:1,time:2055,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1053%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1053,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1044~0,1~100%5D,as:%5B1045~300.250%5D%7D%7D,%7Bsl:i,t:1053,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:114,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:150%7D&br=c
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:17 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 111ms
111ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzkwz,pingTime:1,time:2055,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1053%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1053,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1044~0,1~100%5D,as:%5B1045~300.250%5D%7D%7D,%7Bsl:i,t:1053,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:114,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:150,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.openurls.com.cn
URL: http://www.openurls.com.cn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:17 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK logger.js Show response
bdimg.share.baidu.com/static/js/ 6 KB
3 KB 236ms
236ms Script
text/javascript 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: http://bdimg.share.baidu.com/static/js/logger.js?cdnversion=468318
Requested by: Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=468318
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: BWS/1.0 /
Resource Hash: 6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jun 2015 08:50:12 GMT
Server: BWS/1.0
Etag: "867751605"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 2404
Expires: Mon, 05 Jun 2023 05:39:18 GMT

GET
H/1.1 200
OK bds_s_v2.js Show response
bdimg.share.baidu.com/static/js/ 26 KB
10 KB 232ms
231ms Script
text/javascript 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=468318
Requested by: Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=468318
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: BWS/1.0 /
Resource Hash: 6840e2b956675f9c0863baaa15d0522ae893dd60482b4af91a46083020578b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jun 2015 08:50:12 GMT
Server: BWS/1.0
Etag: "859391591"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 9992
Expires: Mon, 05 Jun 2023 05:39:18 GMT

GET
H/1.1 200
OK bdsstyle.css
bdimg.share.baidu.com/static/css/ 10 KB
2 KB 230ms
230ms Stylesheet
text/css 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
Requested by: Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=468318
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: BWS/1.0 /
Resource Hash: 4067e0bd861b026d7bda9b5b7dfb7d0bd2af96616aeb4313244d47be73c2c7d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jun 2015 08:50:09 GMT
Server: BWS/1.0
Etag: "3350779264"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1800
Accept-Ranges: bytes
Content-Length: 2021
Expires: Mon, 05 Jun 2023 05:39:18 GMT

GET
H/1.1 200
OK getnum Show response
api.share.baidu.com/ 52 B
375 B 1192ms
520ms Script
application/javascript 182.61.240.101
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: http://api.share.baidu.com/getnum?url=http%3A%2F%2Fwww.openurls.com.cn%2F&callback=bdShare.fn._getShare&type=load&t=1685941758409
Requested by: Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=468318
Protocol: HTTP/1.1
Server: 182.61.240.101 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: apache /
Resource Hash: f89f8850d34d196c73d230fac08d9e39370a81d968990cef251c4f9b73a170b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

P3p: CP=" OTI DSP COR IVA OUR IND COM "
Date: Mon, 05 Jun 2023 05:09:19 GMT
Server: apache
Content-Length: 52
Content-Type: application/javascript

GET
H/1.1 200
OK is_32.png
bdimg.share.baidu.com/static/images/ 29 KB
29 KB 238ms
238ms Image
image/png 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bdimg.share.baidu.com/static/images/is_32.png?cdnversion=20131219
Requested by: Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: BWS/1.0 /
Resource Hash: 622dac03465bc0ec9bc414282864ca50b2331f74209c8eee0dbdc37fcd4dee30

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:18 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:09 GMT
Server: BWS/1.0
Etag: "2419672458"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 29226
Expires: Mon, 12 Jun 2023 05:09:18 GMT

GET
H/1.1 200
OK sc.png
bdimg.share.baidu.com/static/images/ 579 B
857 B 957ms
957ms Image
image/png 182.61.201.93
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bdimg.share.baidu.com/static/images/sc.png?cdnversion=20120720
Requested by: Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
Protocol: HTTP/1.1
Server: 182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: BWS/1.0 /
Resource Hash: e7604f6e940013c082b193cca272bfc9add968dec4ef12f4f7b22f4d7496a314

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 05:09:19 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:10 GMT
Server: BWS/1.0
Etag: "3350780909"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 579
Expires: Mon, 12 Jun 2023 05:09:19 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 50ms
50ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfbce3db455929a4b397a2e29c225b3230acf44d24660bdee1a57092459b2355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11313
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 05:09:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4DB 13 KB
5 KB 31ms
29ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.openurls.com.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 12:22:22 GMT
expires: Mon, 03 Jun 2024 12:22:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C176 783 B
535 B 71ms
68ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8806b4b5af039e60394a576469d97ab7d427fa4f56cae8097a2151cfebb475b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gtTuG1RSFIHP0bdC50CVfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.openurls.com.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-gtTuG1RSFIHP0bdC50CVfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 05:09:20 GMT
expires: Mon, 05 Jun 2023 05:09:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C4DB 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C176 0
0 54ms
53ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=2971451777999243&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C4DB 0
10 B 25ms
22ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Jl7x9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 05:09:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2D43 43 B
215 B 112ms
111ms Image
image/gif 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c212a523-4f18-5a40-23bb-cb488b0add73&tv=%7Bc:eDzlz5,pingTime:5,time:6055,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:20%7D,%7Bpiv:100,vs:i,r:,t:1053%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5002,o:1053,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1044~0,1~100%5D,as:%5B1045~300.250%5D%7D%7D,%7Bsl:i,t:1053,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:114,fm:tGhpMYQ+11%7C121%7C122%7C131*.987057-61527013%7C1311%7C1312%7C1313%7C1314,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:150%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 05:09:21 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
56ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=2971451777999243&bg=!JiWlJXHNAAY9J7QfHSc7ADkAdvg8Wvm6eHcz43dA382rm5OmMO2rbKhD6drm1B3mYoFkO0UwWdH97Qn_NKyyUvvFj3LN7QhAFtACAAAAfVIAAAACaAEHCgCGzH0FXhKcEhswkf01QH6BekUCy0a0on8Z28kCQQaHFWGq80kQ9ZpjKwAj6dqKq9ccRfBiZOGn4X-28Ykp41nuiCm8OFtjeLmEOqwUrwl2lliozly4MFs_ZS9rFXYTRaZqkZAqAWl9c-r-9icK9QEwT8yx5Dux3qzfJC0PVA_hZ725nhevrnyZAtFbe2oc7HShB0XV1gAiX8spQyD7wTJ8iHhNKkq7KhFF7aTgFadTGYNAaeg8YzFcuSkz_GPs5YvM3zwcQE4EyJuOHMjYsAeIkjdjM7SkvI70cOhY9mRy9f8GTwUbB_TZejPx261VvOJc4jC2SPWoqFY3bt5yCESoCYhF96BAyuzwBHXAdykn0L1iIKlPcQg69cI8CRElbpl8CAo49g3fuDUs7IfwGvIXJmo6-GbhLXEJSkC73_i7z9TptyuUZGA_hpvo2YNLEfL64RGt5tuHnRTLGZBxhf9L-yu3M8y05S653DjjMLe42LLv-BKi1lxI8pixDwdSyJlag3eM--lcgKIQ9DyHe3Rhv6mSatjq8Mxk8JlVemnNML0shZR_uziTwefnuqa8X8V_97iwCZVLlbPQmy1UvyHwMgr8SvhSyNpmcc609xVYzFxTdIdqOE5snaKpwRdgiSiNlol3TWgx60bP4woCxpzgjxkDfn7Vu6gNTybyGkrEd_PvhRoZoAoGYu7D1cZU53JptqQg-4BnDkTY841m9CSknbtBut4c-rG83f7Pe1cLcf_d72zM6_AGY1QRR--Rn45oJNLNpdiTmIv0Re0B3ycc-u3Kq_id-bVGI4JWbrNKqOhGep5_iVmHOp8b786fqCPU0CFZQMcbNc80TZjbm0xBdTTOsmBiq4moxi1YUpk0LBgwJONb-l47HoDE__Y32s7-J_7keFm-MYSEk9uP2A859-htUvkOYVPTRsHJRusDF0-DFIYjS9OjESzZiH4T_fSr1YgYIxh-8ppw3kmSazd1Y9NPG8CIbCQhClUl2r7k85x7BQkI0aJaWdxWvTmrCVCGBbLsMe0l4t71icqACOHAdV6XdCD1fNU_P0VS9BsKdOPMHEDWgc87itUIxrXLResDMCH7F8oClwxOj0VqtfVr5vpVSYNN8h41UOi12yXHJ-qdelt9vgZYq9Hg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H/1.1 200
OK v.gif
nsclick.baidu.com/ 0
349 B 2056ms
900ms Image
image/gif 182.61.200.83

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nsclick.baidu.com/v.gif?pid=307&type=3071&sc=1600,751,1600,1200&desturl=&apitype=1&linkid=liie6yf6x4n&velo_load=466&velo_cssload=231&velo_jsLoad=242&cite_uid=6877067&cite_type=1&cite_mini=0
Protocol: HTTP/1.1
Server: 182.61.200.83 -, , ASN (),
Reverse DNS
Software: nginx/1.8.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.openurls.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 05:09:23 GMT
Tracecode: 05635981580279831818060513
Server: nginx/1.8.0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openurls.com.cn/	1970-01-20 21:40:37	Name: __gads Value: ID=0512c4f493b06c34-222e79a635e100fd:T=1685941752:RT=1685941752:S=ALNI_MYrOgbBb9mVIwLetvkI5wGCrSVkEg
.openurls.com.cn/	1970-01-20 21:40:37	Name: __gpi Value: UID=00000c43accd652b:T=1685941752:RT=1685941752:S=ALNI_MbjCOjsMmcZXgMASoKPgzCPgc8sDw
.doubleclick.net/	1970-01-20 21:40:37	Name: IDE Value: AHWqTUkpNEHTXxGpxHmRm-q0bSR5GM-nGJT9f91bBltV_0qJqKZhGzJlXmO3IiXE5H0
.doubleclick.net/	1970-01-20 12:19:05	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 14:28:37	Name: uuid2 Value: 1226913426182242419
.casalemedia.com/	1970-01-20 14:28:37	Name: CMPS Value: 5161
.casalemedia.com/	1970-01-20 14:28:37	Name: CMPRO Value: 5161
.adnxs.com/	1970-01-20 14:28:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilbvx6=+!]tbPl1M>e)ZlrFUfJ+tGXxp$FuI.=:ch_[_[nWnE@Pn'FvkP#Q<9APCTl'C3If)y3KL9D3I?+nJZh'z
.casalemedia.com/	1970-01-20 21:04:37	Name: CMID Value: ZH1t.tHJdxn1nqSTSnmDhQAA
.simpli.fi/	1970-01-20 21:06:04	Name: suid Value: 68F0DF3786EE4A03A84113EDD9B00C55
.mathtag.com/	1970-01-20 21:44:56	Name: uuid Value: dc5d647d-6dfa-4c00-8fd1-b0ebde9bf4f7
.mathtag.com/	1970-01-20 13:02:13	Name: mt_mop Value: 4:1685941754
.adform.net/	1970-01-20 13:02:13	Name: C Value: 1
.adform.net/	1970-01-20 13:45:25	Name: uid Value: 6574076134047334715
.yahoo.com/	1970-01-20 21:04:59	Name: A3 Value: d=AQABBPptfWQCELV3kfAiat_4uk2UWEXFJDUFEgEBAQG_fmSHZAAAAAAA_eMAAA&S=AQAAAkMAdGFuxGv1F7Vdry3BaM0
.everesttech.net/	1970-01-20 21:04:37	Name: everest_g_v2 Value: g_surferid~ZH1t_gAPYBrxEgAp
.tribalfusion.com/	1970-01-20 14:28:37	Name: ANON_ID Value: a8nsIHw5EGiAaINQeEcDhZdEEJauIWqnvIe2VbSMtwU2XQSPZdZaJnOnt7k8rfLQkDmAaTWxXNEnoi9ZbS9EiFhdduDL
.hm.baidu.com/	1970-01-20 21:55:01	Name: HMACCOUNT_BFESS Value: 305E3977410C071B
.openurls.com.cn/	1970-01-20 21:04:37	Name: Hm_lvt_9bda91614e9a9686e07a90bf5201cce3 Value: 1685941756
.openurls.com.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_9bda91614e9a9686e07a90bf5201cce3 Value: 1685941756
hm.baidu.com/	1970-01-20 21:04:37	Name: HMTK Value: 1
.baidu.com/	1970-01-20 21:04:37	Name: BAIDUID_BFESS Value: FADE2BD1B00F281BFE761366D21CC556:FG=1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.openurls.com.cn/(Line 281) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.openurls.com.cn/(Line 281) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://hm.baidu.com/h.js?9bda91614e9a9686e07a90bf5201cce3, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
adservice.google.de
api.share.baidu.com
bdimg.share.baidu.com
c1.adform.net
cm.g.doubleclick.net
cpro.baidustatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hm.baidu.com
hmcdn.baidu.com
ib.adnxs.com
nsclick.baidu.com
pagead2.googlesyndication.com
partner.googleadservices.com
pos.baidu.com
pr-bh.ybp.yahoo.com
s.tribalfusion.com
s0.2mdn.net
static.adsafeprotected.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
www.openurls.com.cn
103.235.46.191
113.219.142.48
142.250.184.226
142.250.185.162
151.101.2.49
182.61.200.109
182.61.200.83
182.61.201.93
182.61.240.101
185.29.134.248
185.80.39.216
2.18.161.51
220.169.152.35
2600:1f18:1aca:4280:de4c:3c0b:45bf:1df1
2600:9000:223f:4800:8:48e:53c0:93a1
2606:4700::6812:19ad
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a05:d018:d29:3605:2a5e:c911:a15c:b7e8
35.204.158.49
37.157.5.133
37.252.171.21
47.89.13.48
54.194.70.94
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
035b6194e05068f5b8bc9298d5091e9c485a67f7c71eddd191eae8fda8d2f547
08508c269853df8f3021457a8fd6fa73317ef7743c9f21f7f16db667e4ca8ae3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfca88447b2b5be5576c793bbbb0f1ec58f39844397daafa1f290ce7da9eb90
11980b364b259023e08fbf2d2f8aeb777cfc53d144d1676920150c6f6c17ccf8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16e1d2742827e80cb9b16fc4301a7de5429809ea277576554918505f7cfcb8ab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a204b3ffa162be0eca858b7646d4e46321dd9429a5e542985114d7f4662f817
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
260a05a8ed7bebcae8a716ebc28084812375488ef477931aa15f117df4023304
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2914b55e5d606da26fdfb5b0195d2619966132c3dce087c0953e9eeea21f3b76
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2f12b9dbe90ba3e1ca90ac9bca1e43a45162211d0e0f33c1d28b4dea3e2fc531
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3612b76045182588f3fe4c66d5c29e4a670a0d70f51ee057d7bc9557ae168d92
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4067e0bd861b026d7bda9b5b7dfb7d0bd2af96616aeb4313244d47be73c2c7d4
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4a4ce4cc9de9b9337c9591716670e26c1ee79f11a5ff24a0476cecfb23d0604a
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fac07aa901a184c9be6c627623d08e3d3b1957b6e7708cccdf2c56f989c53c2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562597e234b75418e82ec1b80cacb7492648c545532ecdea9192f5dff0c80fa7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622dac03465bc0ec9bc414282864ca50b2331f74209c8eee0dbdc37fcd4dee30
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6840e2b956675f9c0863baaa15d0522ae893dd60482b4af91a46083020578b5b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654
7424fa44bf8ec36969acd497d6363ee3e97005c5bdd3f6ac5bfbc96ac97028e9
779560b566f055003c68dd89d16a1411bd308db8bcfbc6acfa37ee6f3292988e
7dc47b6ece0cbc3d797f2338b3485b6bcc52b967cd51f1d74a89086f517d91ff
80110880457b1e12ce7e6a0641c07c6776628a8fbfe5de77b41e1ee61ae67f76
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8806b4b5af039e60394a576469d97ab7d427fa4f56cae8097a2151cfebb475b9
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8ba885032cd3a75f3a685ce9358e852142f5ead7199243bcc2f5b3161630bf4c
91210fa256e2f98bdeb3f182d3aa308c7259f51148de80717738d700a0dcffe5
96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00353670f79480429ae7de1fa3f2d95f8f49aa63bdccc5568af5aba6cd73fd0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
b0e47dc33812b497de93ded84d5b5d12688de76427f0922e753366e831396284
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33ca41a2f18c3a4469fe6d52caf5a6cd42f00c43eba5225778e9d8be71979a3
b811c5faf26ab388ea328e08c9f17df293bc6c98066f2fc5a30459ef3689c2cf
bfbce3db455929a4b397a2e29c225b3230acf44d24660bdee1a57092459b2355
cbbb7979af02aa2557c1bb600d06d9030b76cf4f0fdbf893304de035b0d0cc0c
ce42784a2295e56d1ca8f7e0610019965a30f48747bc9a81a63176723778cc71
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d99e7e520294215f5fdabf61ec800f82cb099332844aa04210d233c7c16fa07f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7604f6e940013c082b193cca272bfc9add968dec4ef12f4f7b22f4d7496a314
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f89f8850d34d196c73d230fac08d9e39370a81d968990cef251c4f9b73a170b9

www.openurls.com.cn Open in urlscan Pro 47.89.13.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

71 %HTTPS

45 %IPv6

22 Domains

35 Subdomains

29 IPs

9 Countries

950 kBTransfer

2562 kBSize

22 Cookies

2 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.openurls.com.cn Open in urlscan Pro
47.89.13.48 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

71 %
HTTPS

45 %
IPv6

22
Domains

35
Subdomains

29
IPs

9
Countries

950 kB
Transfer

2562 kB
Size

22
Cookies

111 HTTP transactions
3 data transactions