gjny.art Open in urlscan Pro
23.224.249.28 Public Scan

URL:
http://gjny.art/
Submission: On July 16 via api (July 16th 2022, 3:02:34 am UTC) from DE — Scanned from DE

Summary HTTP 42 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 42 HTTP transactions. The main IP is 23.224.249.28, located in United States and belongs to CNSERVERS, US. The main domain is gjny.art.

This is the only time gjny.art was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	23.224.249.28 23.224.249.28	40065 (CNSERVERS) (CNSERVERS)
10	58.216.118.223 58.216.118.223	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
3	2606:4700:303... 2606:4700:3034::ac43:813c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
42	10

5 23.224.249.28 (United States)

ASN40065 (CNSERVERS, US)

gjny.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 58.216.118.223 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

static.oneinstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:813c (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	245 KB
10	oneinstack.com static.oneinstack.com	1 MB
5	gjny.art gjny.art	4 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	28 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	1 KB
3	shields.io img.shields.io — Cisco Umbrella Rank: 44180	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	43 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 6937	792 B
42	8

	Domain	Requested by
10	static.oneinstack.com	gjny.art
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	static.oneinstack.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	gjny.art	static.oneinstack.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	img.shields.io	gjny.art
2	www.google.com	1 redirects tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
42	10

This site contains links to these domains. Also see Links.

Domain
lempstack.com
oneinstack.com
linuxeye.com
www.alibabacloud.com
filezilla-project.org
docs.aws.amazon.com
docs.microsoft.com
paypal.me
static.oneinstack.com
t.me

Subject Issuer	Validity	Valid
static.oneinstack.com Encryption Everywhere DV TLS CA - G1	`2022-05-28` - `2023-05-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://gjny.art/
Frame ID: BA09A66B9E0BE07BAC0B51D96BAE4D96
Requests: 17 HTTP requests in this frame

Frame: https://static.oneinstack.com/ad_buttom.html
Frame ID: C19830B2F69E850BA50ABBB67EFA7268
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1657940539848&bpp=27&bdt=179&idt=106&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=453242098540&frm=22&ife=1&pv=2&ga_vid=1006861464.1657940540&ga_sid=1657940540&ga_hid=1115852782&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44761793%2C31068196%2C31068442&oid=2&pvsid=2130621393442180&uas=0&nvt=1&top=http%3A%2F%2Fgjny.art%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.jfzv2h4v2djs&fsb=1&xpc=3DfNqN2R76&p=https%3A//static.oneinstack.com&dtd=124
Frame ID: 9B6829DAA12BD73D7904B95316436961
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C2B5F8493D2C41CF7ECCF71062263D12
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js
Frame ID: BB8225E476AE867F3882693E4180C0B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80A5D3CA9EADABB6D618B74146EC3160
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05F79D8002D7EBB2C20137E6D8DA619C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to use OneinStack

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

42
Requests

88 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1515 kB
Transfer

2311 kB
Size

2
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://lempstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://lempstack.com/install/
Title: Install & Docs

Search URL Search Domain Scan URL

URL: https://lempstack.com/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://lempstack.com/changelog/
Title: ChangeLog

Search URL Search Domain Scan URL

URL: https://oneinstack.com/
Title: OneinStack

Search URL Search Domain Scan URL

URL: https://linuxeye.com/
Title: Linux

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/faq-detail/35854.htm
Title: BROWSE DOCS

Search URL Search Domain Scan URL

URL: https://filezilla-project.org/download.php
Title: Download address

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/display-default-mysql-root-password/
Title: Display default MySQL root password

Search URL Search Domain Scan URL

URL: https://lempstack.com/question/how-to-setup-a-remote-mysql-connection/
Title: How to setup a remote MySQL connection?

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Title: AWS Security groups

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/azure/virtual-network/security-overview
Title: Azure Security groups

Search URL Search Domain Scan URL

URL: https://www.alibabacloud.com/help/doc-detail/58746.htm
Title: Alibabacloud Security group

Search URL Search Domain Scan URL

URL: https://paypal.me/yeho

Search URL Search Domain Scan URL

URL: https://static.oneinstack.com/images/alipay.png

Search URL Search Domain Scan URL

URL: https://static.oneinstack.com/images/weixin.png

Search URL Search Domain Scan URL

URL: https://t.me/oneinstack
Title: t.me/oneinstack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gjny.art/ 17 KB
4 KB 318ms
149ms Document
text/html 23.224.249.28
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://gjny.art/
Protocol: HTTP/1.1
Server: 23.224.249.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: 6975b63f1c065e20f8d1f8071ba090e0ef238ea925ea18837516d4dc855c27b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 16 Jul 2022 03:02:18 GMT
ETag: W/"62cffbe4-450e"
Last-Modified: Thu, 14 Jul 2022 11:20:04 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 ois.css
static.oneinstack.com/assets/ 139 KB
22 KB 1210ms
478ms Stylesheet
text/css 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/assets/ois.css
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:27:28 GMT
via: cache24.l2cn2656[95,95,304-0,M], cache2.l2cn2656[95,0], kunlun4.cn1310[0,0,200-0,H], kunlun9.cn1310[4,0]
x-oss-request-id: 62D222101F48743637062B66
content-md5: FigiPMVrnmR1ZEYGL79qOA==
age: 2091
x-cache: HIT TCP_MEM_HIT dirn:0:169173097
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:27:28 GMT
content-encoding: gzip
content-length: 21572
x-oss-object-type: Normal
last-modified: Thu, 06 Sep 2018 06:26:29 GMT
server: Tengine
etag: "1628223CC56B9E64756446062FBF6A38"
vary: Accept-Encoding
ali-swift-global-savetime: 1657938448
content-type: text/css
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 10073388271340420065
eagleid: 3ad8769d16579405392578852e
x-oss-server-time: 16

GET
H2 200 vhost.png
static.oneinstack.com/images/ 379 KB
380 KB 1939ms
1207ms Image
image/png 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/vhost.png
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:13:22 GMT
via: cache40.l2cn3047[0,0,304-0,H], cache69.l2cn3047[1,0], kunlun5.cn1310[0,0,200-0,H], kunlun9.cn1310[6,0]
x-oss-request-id: 62D21EC21F487431380DB058
content-md5: vRkM4GHxj1RKHmypU9jYJg==
age: 2937
x-cache: HIT TCP_MEM_HIT dirn:11:608686736
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:14:29 GMT
content-length: 388325
x-oss-object-type: Normal
last-modified: Tue, 17 Apr 2018 00:44:34 GMT
server: Tengine
etag: "BD190CE061F18F544A1E6CA953D8D826"
ali-swift-global-savetime: 1657937602
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 13855228782985020134
eagleid: 3ad8769d16579405392588861e
x-oss-server-time: 117

GET
H2 200 vhost_del.png
static.oneinstack.com/images/ 47 KB
48 KB 1680ms
968ms Image
image/png 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/vhost_del.png
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:23:33 GMT
via: cache46.l2cn2656[135,135,304-0,M], cache7.l2cn2656[136,0], kunlun7.cn1310[0,0,200-0,H], kunlun9.cn1310[5,0]
x-oss-request-id: 62D22125FE87B7383167AA8F
content-md5: xuKDQl+fITtDLX9ueypXFg==
age: 2326
x-cache: HIT TCP_MEM_HIT dirn:10:446940046
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:23:33 GMT
content-length: 48386
x-oss-object-type: Normal
last-modified: Fri, 05 Jan 2018 01:33:22 GMT
server: Tengine
etag: "C6E283425F9F213B432D7F6E7B2A5716"
ali-swift-global-savetime: 1657938213
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16888844593495608369
eagleid: 3ad8769d16579405392588858e
x-oss-server-time: 55

GET
H2 200 pureftpd.png
static.oneinstack.com/images/ 131 KB
132 KB 1429ms
717ms Image
image/png 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/pureftpd.png
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:20:48 GMT
via: cache33.l2cn2656[152,152,304-0,M], cache20.l2cn2656[153,0], kunlun5.cn1310[0,0,200-0,H], kunlun9.cn1310[4,0]
x-oss-request-id: 62D22080DC44E03431DB27E2
content-md5: 7zl7AuEWDSHbL5+n0OL7KQ==
age: 2491
x-cache: HIT TCP_MEM_HIT dirn:10:256614217
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:20:48 GMT
content-length: 134303
x-oss-object-type: Normal
last-modified: Sun, 30 Dec 2018 14:25:48 GMT
server: Tengine
etag: "EF397B02E1160D21DB2F9FA7D0E2FB29"
ali-swift-global-savetime: 1657938048
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 4738377704576296990
eagleid: 3ad8769d16579405392588857e
x-oss-server-time: 55

GET
H2 200 backup_setup.png
static.oneinstack.com/images/ 118 KB
119 KB 1909ms
1197ms Image
image/png 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/backup_setup.png
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:20:51 GMT
via: cache38.l2cn2656[122,121,304-0,M], cache20.l2cn2656[123,0], kunlun5.cn1310[0,0,200-0,H], kunlun9.cn1310[5,0]
x-oss-request-id: 62D220837CF84233354A6378
content-md5: 659MR5IfDYlO/K4Ns6bNqg==
age: 2488
x-cache: HIT TCP_MEM_HIT dirn:11:629019648
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:20:51 GMT
content-length: 121215
x-oss-object-type: Normal
last-modified: Sat, 08 Dec 2018 15:01:47 GMT
server: Tengine
etag: "EB9F4C47921F0D894EFCAE0DB3A6CDAA"
ali-swift-global-savetime: 1657938051
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 12530950749996754773
eagleid: 3ad8769d16579405392588860e
x-oss-server-time: 19

GET
H2 200 upgrade.png
static.oneinstack.com/images/ 145 KB
146 KB 958ms
956ms Image
image/png 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/upgrade.png
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:34:23 GMT
via: cache37.l2cn3047[63,62,304-0,M], cache31.l2cn3047[64,0], kunlun5.cn1310[0,0,200-0,H], kunlun9.cn1310[2,0]
x-oss-request-id: 62D223AF074793363610FEDC
content-md5: 2ibJCCM3lIIVt2qK7tU4hA==
age: 1676
x-cache: HIT TCP_MEM_HIT dirn:10:208342448
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:34:23 GMT
content-length: 148741
x-oss-object-type: Normal
last-modified: Sun, 30 Dec 2018 14:25:48 GMT
server: Tengine
etag: "DA26C9082337948215B76A8AEED53884"
ali-swift-global-savetime: 1657938863
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 6318895251282152936
eagleid: 3ad8769d16579405397451509e
x-oss-server-time: 38

GET
H2 200 uninstall.png
static.oneinstack.com/images/ 234 KB
235 KB 958ms
957ms Image
image/png 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/uninstall.png
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:17:18 GMT
via: cache5.l2cn2656[145,147,304-0,M], cache20.l2cn2656[149,0], kunlun1.cn1310[0,0,200-0,H], kunlun9.cn1310[1,0]
x-oss-request-id: 62D21FAE7CF842343646F874
content-md5: FkrQbxLhJFdkNtUcZZ7+YA==
age: 2701
x-cache: HIT TCP_MEM_HIT dirn:0:560598729
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:17:18 GMT
content-length: 240040
x-oss-object-type: Normal
last-modified: Sun, 24 Nov 2019 02:31:03 GMT
server: Tengine
etag: "164AD06F12E124576436D51C659EFE60"
ali-swift-global-savetime: 1657937838
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 13914716929911636181
eagleid: 3ad8769d16579405397461510e
x-oss-server-time: 75

GET
H2 200 Paypal-donate-green.svg
img.shields.io/badge/ 1 KB
1 KB 41ms
13ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Paypal-donate-green.svg
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:18 GMT
via: 2 fly.io
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55916
fly-request-id: 01G80SZFNY163255A8F3ECBDD9-fra
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Jul 2022 04:30:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BPS11YSsXMcbms5Iy3BIlEEFwvLrk0ZqSzT5GLBBDIH%2Frib8SGqnNIyvnVcfSfHQX8TIBXPuzw1A5kpYa6WDXVEu2LKI5IhJyUeUuvxuUpfAuJ5SclLYDB42MkTSdYbhfgsA%2F0SfxnBZ1gy0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
cf-ray: 72b77f8d883f9bf2-FRA

GET
H2 200 Alipay-donate-green.svg
img.shields.io/badge/ 1 KB
815 B 142ms
115ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Alipay-donate-green.svg
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a2953e02d27e18441f20bcc24a588f2c5d9c16417e037b8af71c5dbb3aa64e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:18 GMT
via: 2 fly.io
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 15 Jul 2022 12:49:53 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01G82F9X4BS84CQ6V4NSMNHN7J-fra
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIMax8rjU3ZZ1UN87F39lZyvSw3HRvQSW8bT%2B0lcZhnqHVC7%2FMjWU3L5Z1JatCU6TQFR63QgCgcL%2B1gV80xFjWt2iR6dN5185%2BADYcbrfLMtzT815tuaoXvMShVjMGqYT1TO2QMdfT4%2FhsaKnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
cf-ray: 72b77f8d88429bf2-FRA

GET
H2 200 Wechat-donate-green.svg
img.shields.io/badge/ 1 KB
788 B 143ms
116ms Image
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shields.io/badge/Wechat-donate-green.svg
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e16ade5192e597f322741b340137a21dc9947febf9dc464f03a5421c782b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:18 GMT
via: 2 fly.io
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 15 Jul 2022 12:49:53 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id: 01G82F9X495F3YGVB8T69H4MXS-fra
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vH68NWCHW%2FUldydiht%2FTF9XS8otpsg5yT5pZfv6phbQmXz1TdfEl%2FG1dJ9wLSz6%2Bhly1MiLoXH2tEcvzzuFCgFsApGR7cgTNxwKUg%2Bp1lifbHHHup8zYhXQH2jkGTZNKp9IWCosBxuWxdWce5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
cf-ray: 72b77f8d88449bf2-FRA

GET
H2 200 pay.png
static.oneinstack.com/images/ 47 KB
47 KB 959ms
957ms Image
image/png 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.oneinstack.com/images/pay.png
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f510208b9a91e7b867214ba22e49dda278b9a72e087ee1195691d259cbab43b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:17:18 GMT
via: cache39.l2cn2656[90,91,304-0,M], cache4.l2cn2656[92,0], kunlun4.cn1310[0,0,200-0,H], kunlun9.cn1310[2,0]
x-oss-request-id: 62D21FAE6FB42B3735A49F7B
content-md5: Da5McVQvWo9YWLv2tLjKyw==
age: 2701
x-cache: HIT TCP_MEM_HIT dirn:11:601689221
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:17:18 GMT
content-length: 47891
x-oss-object-type: Normal
last-modified: Sun, 24 Nov 2019 02:32:35 GMT
server: Tengine
etag: "0DAE4C71542F5A8F5858BBF6B4B8CACB"
ali-swift-global-savetime: 1657937838
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16342502823700331070
eagleid: 3ad8769d16579405397461513e
x-oss-server-time: 58

GET
H2 200 ois20190114.js Show response
static.oneinstack.com/assets/ 203 KB
61 KB 2149ms
1437ms Script
text/javascript 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/assets/ois20190114.js
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:06:51 GMT
via: cache55.l2cn3047[0,0,304-0,H], cache62.l2cn3047[1,0], kunlun1.cn1310[0,0,200-0,H], kunlun9.cn1310[6,0]
x-oss-request-id: 62D21D3B94C77F3635604A01
content-md5: CC5iM3IZ7F7//K/8Y/qkQA==
age: 3328
x-cache: HIT TCP_MEM_HIT dirn:0:177350175
x-oss-cdn-auth: success
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:44:23 GMT
content-encoding: gzip
x-oss-object-type: Normal
last-modified: Mon, 14 Jan 2019 05:54:34 GMT
server: Tengine
etag: W/"082E62337219EC5EFFFCAFFC63FAA440"
vary: Accept-Encoding
ali-swift-global-savetime: 1657937211
content-type: text/javascript
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 3207812737332285755
eagleid: 3ad8769d16579405392588855e
x-oss-server-time: 34

GET
H2 200 ad_buttom.html Show response
static.oneinstack.com/ Frame C198 629 B
1000 B 1193ms
484ms Document
text/html 58.216.118.223
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oneinstack.com/ad_buttom.html
Requested by: Host: gjny.art
URL: http://gjny.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.216.118.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea

Request headers

Referer: http://gjny.art/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2633
ali-swift-global-savetime: 1657937906
content-length: 629
content-md5: gWFx4w/zIFhZf/Kir0XzVw==
content-type: text/html
date: Sat, 16 Jul 2022 02:18:26 GMT
eagleid: 3ad8769d16579405392588854e
etag: "816171E30FF32058597FF2A2AF45F357"
last-modified: Mon, 16 Apr 2018 13:01:19 GMT
server: Tengine
timing-allow-origin: *
via: cache21.l2cn2656[0,0,304-0,H], cache4.l2cn2656[1,0], kunlun5.cn1310[0,0,200-0,H], kunlun9.cn1310[4,0]
x-cache: HIT TCP_MEM_HIT dirn:11:585632342
x-oss-cdn-auth: success
x-oss-hash-crc64ecma: 8982108081913538273
x-oss-object-type: Normal
x-oss-request-id: 62D21FF29BB92036392EEFB5
x-oss-server-time: 3
x-oss-storage-class: Standard
x-swift-cachetime: 3600
x-swift-savetime: Sat, 16 Jul 2022 02:53:53 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C198 103 KB
36 KB 67ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: static.oneinstack.com
URL: https://static.oneinstack.com/ad_buttom.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d6f4f65fa3ecbdf8d3f01acb074c57e88cffd0bd19c8fc9f2e59f5d1f822463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36330
x-xss-protection: 0
server: cafe
etag: 40518399840149127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Jul 2022 03:02:19 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/ Frame C198 340 KB
120 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4157113266001782&plah=static.oneinstack.com&bust=31068442

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be929325b887c0777a5ef8ebec2801380a18bbdb677baf6dcda17a0b540d9e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122751
x-xss-protection: 0
server: cafe
etag: 8748781231735212644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Jul 2022 03:02:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C198 107 B
792 B 61ms
26ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=static.oneinstack.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4157113266001782&plah=static.oneinstack.com&bust=31068442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C198 107 B
549 B 59ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=static.oneinstack.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B68 67 KB
28 KB 348ms
310ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1657940539848&bpp=27&bdt=179&idt=106&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=453242098540&frm=22&ife=1&pv=2&ga_vid=1006861464.1657940540&ga_sid=1657940540&ga_hid=1115852782&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44761793%2C31068196%2C31068442&oid=2&pvsid=2130621393442180&uas=0&nvt=1&top=http%3A%2F%2Fgjny.art%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.jfzv2h4v2djs&fsb=1&xpc=3DfNqN2R76&p=https%3A//static.oneinstack.com&dtd=124

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fdf752eed0b5371cc9d265708176474a4fe3cba90fafff5f7b054c75451019b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27715
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 03:02:20 GMT
expires: Sat, 16 Jul 2022 03:02:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 195561286303341969
tpc.googlesyndication.com/daca_images/simgad/ Frame 9B68 9 KB
9 KB 81ms
19ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/195561286303341969

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1657940539848&bpp=27&bdt=179&idt=106&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=453242098540&frm=22&ife=1&pv=2&ga_vid=1006861464.1657940540&ga_sid=1657940540&ga_hid=1115852782&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44761793%2C31068196%2C31068442&oid=2&pvsid=2130621393442180&uas=0&nvt=1&top=http%3A%2F%2Fgjny.art%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.jfzv2h4v2djs&fsb=1&xpc=3DfNqN2R76&p=https%3A//static.oneinstack.com&dtd=124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a17bbe3963abe0aa9683e83d7a348fb1d1beec0a89489af1fe80c30adcd45d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 08:09:52 GMT
x-content-type-options: nosniff
age: 499948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9243
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 22:52:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 10 Jul 2023 08:09:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 9B68 21 KB
9 KB 75ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:59:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 9B68 3 KB
1 KB 74ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:50:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B68 138 KB
43 KB 68ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 03:02:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 9B68 17 KB
7 KB 73ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:37:54 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 9B68 31 KB
13 KB 83ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Jul 2022 11:16:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B68 0
0 108ms
59ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSCSbPCrSYpuKApau3wOk276QBMnf1e9qmaKYm48QusKj8_sbEAEg9sGYFWCVwqaCsAegAfGaoNAByAECqAMByAPJBKoE3gFP0Hx67fBE7AUQZdu_O3zY3jgcnTfycDjo2oSTqgGZjBgIsyJFeNcEA7Oof66AzEA5FrH-T7FZA5vvrgkjbGYRdvB7boqwJ3Y0DZngBHmTi9mmO2Ir2GZB32GW6uIW1M2f1VQ7Z0EyASSprLYEMyDFjHpwqBSJQiQJFoydHGN8hCVf1RlIZ1DCNIsd85HKOOeTrdKYcRMV1JbOCTj9OXN1aBUi7QdP_IHQ18bmrclA9KwLSGJoiu9BkOjTCUuC9wng95kzRElzAZCx7m8F274u5iFElGIufpKjyVFSAWrABJOi2uuTBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf35N-vAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMODLNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTQxNTcxMTMyNjYwMDE3ODIYAA&sigh=YfWnqRZfsls&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1657940539848&bpp=27&bdt=179&idt=106&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=453242098540&frm=22&ife=1&pv=2&ga_vid=1006861464.1657940540&ga_sid=1657940540&ga_hid=1115852782&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44761793%2C31068196%2C31068442&oid=2&pvsid=2130621393442180&uas=0&nvt=1&top=http%3A%2F%2Fgjny.art%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.jfzv2h4v2djs&fsb=1&xpc=3DfNqN2R76&p=https%3A//static.oneinstack.com&dtd=124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Jul 2022 03:02:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 16 Jul 2022 03:02:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2B5 143 B
163 B 13ms
13ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4157113266001782&output=html&h=60&slotname=9167095357&adk=3499594460&adf=3383700283&pi=t.ma~as.9167095357&w=468&lmt=1523883679&url=https%3A%2F%2Fstatic.oneinstack.com%2Fad_buttom.html&wgl=1&dt=1657940539848&bpp=27&bdt=179&idt=106&shv=r20220707&mjsv=m202207120101&ptt=5&saldr=sa&correlator=453242098540&frm=22&ife=1&pv=2&ga_vid=1006861464.1657940540&ga_sid=1657940540&ga_hid=1115852782&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=475&ish=150&ifk=3031236263&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44761793%2C31068196%2C31068442&oid=2&pvsid=2130621393442180&uas=0&nvt=1&top=http%3A%2F%2Fgjny.art%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C475%2C150&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.jfzv2h4v2djs&fsb=1&xpc=3DfNqN2R76&p=https%3A//static.oneinstack.com&dtd=124
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 16 Jul 2022 02:50:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9B68 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3378f71aa5643c9d1e8df8e706301ffb75c26e6b2befb578b70fd17e60e0ef0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C198 14 KB
11 KB 57ms
29ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9bf530abc1756b4cd2794dd0669db15eef28d9a9c19ac55203c841474b9b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10931
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2B5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

42ms
41ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Jul 2022 03:02:20 GMT
expires: Sat, 16 Jul 2022 03:02:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Jul 2022 03:02:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame BB82 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 06:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 06:51:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C198 17 KB
6 KB 79ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 03:02:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80A5 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 23:29:51 GMT
expires: Sat, 15 Jul 2023 23:29:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 05F7 783 B
535 B 52ms
23ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5fe4b220f3d56e2770cfca338c7db1cfc7483d1310387217632d28d2bf88bb67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d59sIfEkAYjtEOK11fYSFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.oneinstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-d59sIfEkAYjtEOK11fYSFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 03:02:20 GMT
expires: Sat, 16 Jul 2022 03:02:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

HEAD
H/1.1 502
Bad Gateway phpinfo.php Show response
gjny.art/ 0
154 B 148ms
148ms XHR
text/html 23.224.249.28
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://gjny.art/phpinfo.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 23.224.249.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 03:02:20 GMT
Server: openresty
Connection: keep-alive
Content-Length: 556
Content-Type: text/html

HEAD
H/1.1 502
Bad Gateway ocp.php Show response
gjny.art/ 0
154 B 169ms
169ms XHR
text/html 23.224.249.28
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://gjny.art/ocp.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 23.224.249.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 03:02:20 GMT
Server: openresty
Connection: keep-alive
Content-Length: 556
Content-Type: text/html

HEAD
H/1.1 502
Bad Gateway index.php Show response
gjny.art/phpMyAdmin/ 0
154 B 148ms
148ms XHR
text/html 23.224.249.28
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://gjny.art/phpMyAdmin/index.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 23.224.249.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 03:02:21 GMT
Server: openresty
Connection: keep-alive
Content-Length: 556
Content-Type: text/html

HEAD
H/1.1 502
Bad Gateway xprober.php Show response
gjny.art/ 0
154 B 148ms
148ms XHR
text/html 23.224.249.28
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://gjny.art/xprober.php
Requested by: Host: static.oneinstack.com
URL: https://static.oneinstack.com/assets/ois20190114.js
Protocol: HTTP/1.1
Server: 23.224.249.28 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gjny.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 03:02:21 GMT
Server: openresty
Connection: keep-alive
Content-Length: 556
Content-Type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 05F7 0
0 80ms
79ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=2130621393442180&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 80A5 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 06:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 06:51:12 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 80A5 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w16p0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 03:02:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C198 0
0 66ms
66ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=2130621393442180&bg=!zc6lzorNAAaYcLjmuHA7ACkAdvg8Wnbo0hduu8FkESIJP5pdJBI_8e1R_Xn2Xi5fsA88my9_LDfGMQIAAABKUgAAAANoAQcKALd0GLzrZnKvSrAL1pznTFUIieOHnUbVDd3vFEcjC8yXUorM2TC8t8Usa9F4JcBiiQeE9C_MHmLsjb8TJmehyBeGU9Qp4WveLkDk7xXORn2txDJu_XGfE34N5UhAuMsSH5TAjwhxlQ2oXC8mWVqJjeF9hfsIY5Z8ZYixWS5GDc3H3r5X5ZA-NItSsZb3JTHat85OPTQEUFSj_GPTcZNIMLzGzZpqx8xnYORGEruYe_fMp0r1z4BzmK2ZArH-KtbZynZGDJMuA6Z2g6FS5OjmEtfJUKf52K1caqd17oPgYWMamwsyv7_rvVFlYkxJP1sEEiA6qpkEat_jHu9LTzWV2caHBlcSgghc49DbJWpubOg1JWlKwGqVtHrXgimzzJnfBzcw0jDpuQmXRmdnDvUFe42Rnb122nrHEyLRXr4XS_8SDexbj140RsfwFygvSKbFwYYh4kIDw3MdovDE38ICpt2Czij5493lfqsvMw7-3oPeujTXaCMj36xM9dI001JsIAVMQT2cN5tJMhrnCo-Y7NHs9EXl_rFmKEB4KcYRqa8HkFds5W41-1ROuBm7lKSgSELfoJVSWRVhYu4qZwV4vSXyu7nBrFNx4Jxebhdj0Qzr52ij6fVpWxeOjCgR8yfPo-KNiFaw7bTwsxt7kPuq-6wPOwtDXb5YC-SkFQ1rse3q-H7ZKPqjRtEz9G_hMT6kHHspgbYJbaHv1EAgTK7A6GTOYDYvOtMd7hvhB7pMPZ-Szs8nI5Cz4z-hNUiukGsNIeAIh53KHMsM9JDovfoJT7KTh4Dbecg20yNFElhoEm2KpihMwqIWzC5Fzk3ZpSSuqGo8Oweq_4_5JEQK_ucSzoj8GIdlsVbF7ioCShUBGklqJ5g4l9n7MsCLWqRYLqtCzBI3v9cecTbl53GBzfU0DSWfA_Hl-3NG2jMJ8N0AhHG2DdEN6ge2Kilio5woBXJ6RntSIHpd2DNljCKMik2OTEdh8z01s7-SFB1Cn6dqYr-g2bWpTFxLu4AufO0_ML_E_eSatnBxrDjvxzRE3RTVXlkVcnVC3RKIs0HnmYg6XAL7GZEHRstEzBYjzwFswxTYRvY-Ar0tWZAHubENPk_YXyCUbV88G_spzl9xJs_C58bznSrpdbT0Swwkp50QWJvg-3AzXeYIcW7r57k0QA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.oneinstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B68 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus5yqT6slnlZ4B9wANedHToPSBtekOaDI4RiT6FsAQJcFwtzlKOLS-rjBJ0d4y0jZtNAWb7koy9qHTGutFPbvHahV9CrY1etM8QOvLGK1PQZ4g4PlXQLrYZAuLLhKJu3Ny0gK9jEvYk9eQ&sai=AMfl-YSy-bgRORPjec7zM1omWxZmKkwzaK7D7JWC9s0Fo2P89cRjf_mE6JE9Q7j1AtdP454erBMHdS5aUDiT&sig=Cg0ArKJSzI4sY50Kw8wOEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3499594460&rs=2&la=0&cr=0&vs=4&r=v&rst=1657940539974&rpt=488&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 03:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 13:53:56	Name: IDE Value: AHWqTUlFhpdUsbnilYqWBGbqQNMej5mkSOofuoxyNwK5QlRL-SamBEbNQhkySL1tN-o
			.doubleclick.net/	1970-01-20 04:32:24	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36) Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36) Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36) Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://static.oneinstack.com/assets/ois20190114.js(Line 36) Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
gjny.art
googleads.g.doubleclick.net
img.shields.io
pagead2.googlesyndication.com
static.oneinstack.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
23.224.249.28
2606:4700:3034::ac43:813c
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
58.216.118.223
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2531d3aa1e0ad4b47128bd65ebef65024ed7d3b4c38c3960d715266adde3a919
2e875dfd1cef8d797e4b90fb96cab53a7de748859fb1205e2de8eae247b7a4e5
3378f71aa5643c9d1e8df8e706301ffb75c26e6b2befb578b70fd17e60e0ef0d
3a17bbe3963abe0aa9683e83d7a348fb1d1beec0a89489af1fe80c30adcd45d3
3e9bf530abc1756b4cd2794dd0669db15eef28d9a9c19ac55203c841474b9b55
434de1f778f8606a5bbaca450e1a3c52489871a58c94f27ab3f91f4206dc9340
49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12
49f92e9795d87035ec87b7f6e1fac330ae32968e38c6d0d4686a4f556d269bca
4fdf752eed0b5371cc9d265708176474a4fe3cba90fafff5f7b054c75451019b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d6f4f65fa3ecbdf8d3f01acb074c57e88cffd0bd19c8fc9f2e59f5d1f822463
5fe4b220f3d56e2770cfca338c7db1cfc7483d1310387217632d28d2bf88bb67
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6975b63f1c065e20f8d1f8071ba090e0ef238ea925ea18837516d4dc855c27b7
72a2953e02d27e18441f20bcc24a588f2c5d9c16417e037b8af71c5dbb3aa64e
7b84db6e0735e9b836055467384362fe3e963e979e2904d08663be513dca7eea
84c830ca02a2494c46380db44abafa1fac571b0d80123941439597adc285f513
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
9ad7d8b0735087d6c9840b8bf3874a59c1360324284a2a193ca5913aae7b6195
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b723df4db73313a01f5e2f807c069567c1a1942001ba97fd90c8a01aad18ba02
b8e16ade5192e597f322741b340137a21dc9947febf9dc464f03a5421c782b80
be929325b887c0777a5ef8ebec2801380a18bbdb677baf6dcda17a0b540d9e9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10f5a0047839567c88593dca9f7b9cf9c9a204a36ad0a533773e35b1355e49f
f510208b9a91e7b867214ba22e49dda278b9a72e087ee1195691d259cbab43b8
f8ee909e2d4c114b0b251ad90903b8b68ec6c1d28b2b731e30b507b399e872f2

gjny.art Open in urlscan Pro 23.224.249.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

88 %HTTPS

78 %IPv6

8 Domains

10 Subdomains

10 IPs

3 Countries

1515 kBTransfer

2311 kBSize

2 Cookies

17 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gjny.art Open in urlscan Pro
23.224.249.28 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

88 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1515 kB
Transfer

2311 kB
Size

2
Cookies

42 HTTP transactions
1 data transactions