91btdh.net Open in urlscan Pro
45.78.28.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://91btdh.net/
Submission: On July 19 via api (July 19th 2023, 11:24:12 am UTC) from US — Scanned from DE

Summary HTTP 211 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 59 IPs in 13 countries across 66 domains to perform 211 HTTP transactions. The main IP is 45.78.28.107, located in Hong Kong, Hong Kong and belongs to IT7NET, CA. The main domain is 91btdh.net.
TLS certificate: Issued by R3 on July 2nd 2023. Valid for: 3 months.

This is the only time 91btdh.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	45.78.28.107 45.78.28.107	25820 (IT7NET) (IT7NET)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	47.246.46.206 47.246.46.206	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:3d25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	8.136.177.174 8.136.177.174	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	107.167.16.140 107.167.16.140	46844 (SHARKTECH) (SHARKTECH)
2	2.59.155.28 2.59.155.28	136038 (HDTIDCCLO...) (HDTIDCCLOUD-AS-AP HDTIDC LIMITED)
1	2606:4700:303... 2606:4700:3036::ac43:818e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.88.14.62 154.88.14.62	40065 (CNSERVERS) (CNSERVERS)
1	210.56.49.48 210.56.49.48	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.28.86.9 149.28.86.9	20473 (AS-CHOOPA) (AS-CHOOPA)
1	23.224.99.3 23.224.99.3	40065 (CNSERVERS) (CNSERVERS)
1	91.208.206.46 91.208.206.46	200019 (ALEXHOST) (ALEXHOST)
1	64.64.253.246 64.64.253.246	25820 (IT7NET) (IT7NET)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	163.181.92.186 163.181.92.186	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	134.175.83.163 134.175.83.163	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	121.41.179.170 121.41.179.170	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	18.239.94.42 18.239.94.42	16509 (AMAZON-02) (AMAZON-02)
1	47.97.61.20 47.97.61.20	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	116.62.143.55 116.62.143.55	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	2a03:2880:f10... 2a03:2880:f10c:283:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:200... 2a04:4e42:200::591	54113 (FASTLY) (FASTLY)
1	148.251.232.132 148.251.232.132	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2606:4700:303... 2606:4700:3036::6815:3836	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.40.249.193 103.40.249.193	4816 (CHINANET-...) (CHINANET-IDC-GD China Telecom Group)
1	139.196.210.75 139.196.210.75	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	112.74.78.199 112.74.78.199	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1 1	180.163.203.20 180.163.203.20	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom Group)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	140.143.48.31 140.143.48.31	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	120.72.45.209 120.72.45.209	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	61.147.67.86 61.147.67.86	137697 (CHINATELE...) (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province)
1	154.85.69.6 154.85.69.6	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
1	223.4.26.84 223.4.26.84	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	2404:2280:12e... 2404:2280:12e:0:3::3fc	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	117.121.101.40 117.121.101.40	4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network)
1	240e:e9:d804:... 240e:e9:d804:0:3::3fd	23650 (CHINANET-...) (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone)
1	115.238.119.98 115.238.119.98	58461 (CT-HANGZH...) (CT-HANGZHOU-IDC No.288)
1	101.132.91.205 101.132.91.205	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3 6	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
5 27	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	74.121.143.245 74.121.143.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3 3	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 5	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
3 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:6b15:9865:39bc:dcdf	16509 (AMAZON-02) (AMAZON-02)
2 4	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.28.142.138 52.28.142.138	16509 (AMAZON-02) (AMAZON-02)
211	59

38 45.78.28.107 (Hong Kong, Hong Kong)

ASN25820 (IT7NET, CA)
PTR: 45.78.28.107.16clouds.com

91btdh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.46.206 (Milan, Italy)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3d25 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sokk9.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.136.177.174 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

juanjuansou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.167.16.140 (Los Angeles, United States)

ASN46844 (SHARKTECH, US)
PTR: customer.sharktech.net

kanliao1.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.59.155.28 (Hong Kong)

ASN136038 (HDTIDCCLOUD-AS-AP HDTIDC LIMITED, HK)

www.fbobo2.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sv20.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:818e (United States)

ASN13335 (CLOUDFLARENET, US)

www.alipansou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.88.14.62 (United States)

ASN40065 (CNSERVERS, US)

soupian.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.56.49.48 (Hong Kong)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

tg.qianfan.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

btmulu8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jujuso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.28.86.9 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.86.9.vultrusercontent.com

dapanso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.224.99.3 (United States)

ASN40065 (CNSERVERS, US)

www.upyunso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.208.206.46 (Moldova)

ASN200019 (ALEXHOST, MD)
PTR: mdcdn003

tellme.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.64.253.246 (Los Angeles, United States)

ASN25820 (IT7NET, CA)
PTR: 64.64.253.246.16clouds.com

cdn.anyshare.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.186 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

qncdn.aoscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.175.83.163 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

www.iamwawa.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.41.179.170 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.gaituba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.94.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-42.ams1.r.cloudfront.net

smallpdf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.97.61.20 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.uupoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.62.143.55 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

pan.newday.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10c:283:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

one.newday.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::591 (United States)

ASN54113 (FASTLY, US)

tampermonkey.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.232.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: adblockplus-org-2.adblockplus.org

adblockplus.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:3836 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

iguge.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

iguge.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.40.249.193 (China)

ASN4816 (CHINANET-IDC-GD China Telecom Group, CN)

www.pdfpai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.196.210.75 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.alltoall.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.74.78.199 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.wofficebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.163.203.20 (China) 1 redirects

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)

cctalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, CA)

www.cctalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.143.48.31 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

www.jikexueyuan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.72.45.209 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

www.koolearn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.147.67.86 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)

www.51zxw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.85.69.6 (None, )

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

www.runoob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 223.4.26.84 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

f1.howzhi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:2280:12e:0:3::3fc (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

edu-image.nosdn.127.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.121.101.40 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)

www.imooc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:e9:d804:0:3::3fd (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)

www.doyoudo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 115.238.119.98 (Hangzhou, China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)

study.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 101.132.91.205 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

huke88.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.164.11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.121.143.245 (United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.158.49 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.28 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:6b15:9865:39bc:dcdf (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.35.84 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.142.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-138.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 243	230 KB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	584 KB
38	91btdh.net 91btdh.net	2 MB
13	gstatic.com www.gstatic.com fonts.gstatic.com	200 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 3	761 B
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 892 r.turn.com — Cisco Umbrella Rank: 3746	3 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 601	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	281 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	6 KB
5	google.cn www.google.cn — Cisco Umbrella Rank: 8347
5	51.la sdk.51.la — Cisco Umbrella Rank: 46706 collect-v6.51.la — Cisco Umbrella Rank: 45322	26 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1328	948 B
3	ctnsnet.com 3 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7638	1 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 865	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 910	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	529 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 588	725 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 726	897 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 900	2 KB
2	cctalk.com 1 redirects cctalk.com www.cctalk.com	3 KB
2	newday.me pan.newday.me one.newday.me	17 KB
2	smallpdf.com smallpdf.com — Cisco Umbrella Rank: 43053	3 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8658 bdimg.share.baidu.com Failed	12 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 784	339 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 818	463 B
1	huke88.com huke88.com	3 KB
1	163.com study.163.com — Cisco Umbrella Rank: 162671	1 KB
1	doyoudo.com www.doyoudo.com	2 KB
1	imooc.com www.imooc.com — Cisco Umbrella Rank: 836291	12 KB
1	127.net edu-image.nosdn.127.net
1	howzhi.com f1.howzhi.com	1 KB
1	runoob.com www.runoob.com — Cisco Umbrella Rank: 304363	5 KB
1	51zxw.net www.51zxw.net	1 KB
1	koolearn.com www.koolearn.com	5 KB
1	jikexueyuan.com www.jikexueyuan.com	2 KB
1	wofficebox.com www.wofficebox.com	1 KB
1	alltoall.net www.alltoall.net	20 KB
1	pdfpai.com www.pdfpai.com	41 KB
1	iguge.xyz iguge.xyz	5 KB
1	iguge.app 1 redirects iguge.app	459 B
1	adblockplus.org adblockplus.org — Cisco Umbrella Rank: 2064	12 KB
1	fastly.net tampermonkey.freetls.fastly.net
1	uupoop.com www.uupoop.com	1 KB
1	gaituba.com www.gaituba.com	1 KB
1	iamwawa.cn www.iamwawa.cn	2 KB
1	aoscdn.com qncdn.aoscdn.com	13 KB
1	anyshare.icu cdn.anyshare.icu	857 B
1	tellme.pw tellme.pw	1 KB
1	jujuso.com jujuso.com	7 KB
1	upyunso.com www.upyunso.com	12 KB
1	dapanso.com dapanso.com	4 KB
1	btmulu8.com btmulu8.com	2 KB
1	qianfan.app tg.qianfan.app	2 KB
1	soupian.xyz soupian.xyz	12 KB
1	alipansou.com www.alipansou.com	4 KB
1	sv20.pw www.sv20.pw
1	fbobo2.pw www.fbobo2.pw
1	kanliao1.one kanliao1.one	3 KB
1	juanjuansou.com juanjuansou.com	2 KB
1	sokk9.one www.sokk9.one	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1771	241 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	601 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	80 KB
0	pcfreetime.com Failed www.pcfreetime.com Failed
0	flvcd.com Failed www.flvcd.com Failed
211	66

	Domain	Requested by
38	91btdh.net	91btdh.net
27	cm.g.doubleclick.net	5 redirects 91btdh.net googleads.g.doubleclick.net
24	tpc.googlesyndication.com	googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	91btdh.net pagead2.googlesyndication.com googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 91btdh.net
9	www.gstatic.com	googleads.g.doubleclick.net
5	c1.adform.net	5 redirects
5	www.google.com	1 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.google.cn	91btdh.net
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net 91btdh.net
4	fonts.gstatic.com	fonts.googleapis.com googleads.g.doubleclick.net
3	ius.ctnsnet.com	3 redirects
3	um.simpli.fi	3 redirects
3	r.turn.com	91btdh.net
3	ad.turn.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	collect-v6.51.la	sdk.51.la
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	sync.mathtag.com	2 redirects
2	smallpdf.com	91btdh.net
2	hm.baidu.com	91btdh.net
2	sdk.51.la	91btdh.net
1	onetag-sys.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	huke88.com	91btdh.net
1	study.163.com	91btdh.net
1	www.doyoudo.com	91btdh.net
1	www.imooc.com	91btdh.net
1	edu-image.nosdn.127.net	91btdh.net
1	f1.howzhi.com	91btdh.net
1	www.runoob.com	91btdh.net
1	www.51zxw.net	91btdh.net
1	www.koolearn.com	91btdh.net
1	www.jikexueyuan.com	91btdh.net
1	www.cctalk.com	91btdh.net
1	cctalk.com	1 redirects
1	www.wofficebox.com	91btdh.net
1	www.alltoall.net	91btdh.net
1	www.pdfpai.com	91btdh.net
1	iguge.xyz	91btdh.net
1	iguge.app	1 redirects
1	adblockplus.org	91btdh.net
1	tampermonkey.freetls.fastly.net	91btdh.net
1	one.newday.me	91btdh.net
1	pan.newday.me	91btdh.net
1	www.uupoop.com	91btdh.net
1	www.gaituba.com	91btdh.net
1	www.iamwawa.cn	91btdh.net
1	qncdn.aoscdn.com	91btdh.net
1	cdn.anyshare.icu	91btdh.net
1	tellme.pw	91btdh.net
1	jujuso.com	91btdh.net
1	www.upyunso.com	91btdh.net
1	dapanso.com	91btdh.net
1	btmulu8.com	91btdh.net
1	tg.qianfan.app	91btdh.net
1	soupian.xyz	91btdh.net
1	www.alipansou.com	91btdh.net
1	www.sv20.pw	91btdh.net
1	www.fbobo2.pw	91btdh.net
1	kanliao1.one	91btdh.net
1	juanjuansou.com	91btdh.net
1	www.sokk9.one	91btdh.net
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	91btdh.net
0	www.pcfreetime.com Failed	91btdh.net
0	www.flvcd.com Failed	91btdh.net
0	bdimg.share.baidu.com Failed	91btdh.net
211	75

This site contains links to these domains. Also see Links.

Domain
www.91btdh.com
www.wangzhanwo.com
t.me

Subject Issuer	Validity	Valid
91btdh.net R3	`2023-07-02` - `2023-09-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-20` - `2024-02-19`	a year	crt.sh
juanjuansou.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
kanliao1.one R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
img.wwoo.xyz TrustAsia TLS RSA CA	`2023-01-10` - `2024-01-09`	a year	crt.sh
soupian.xyz R3	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.qianfan.app R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
btmulu8.com GTS CA 1P5	`2023-05-24` - `2023-08-22`	3 months	crt.sh
dapanso.com R3	`2023-05-16` - `2023-08-14`	3 months	crt.sh
upyunso.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
jujuso.com Cloudflare Inc ECC CA-3	`2023-03-11` - `2024-03-10`	a year	crt.sh
tellme.pw R3	`2023-05-16` - `2023-08-14`	3 months	crt.sh
cdn.anyshare.icu R3	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.google.cn GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.aoscdn.com Xcc Trust DV SSL CA	`2023-03-29` - `2024-03-28`	a year	crt.sh
www.iamwawa.cn TrustAsia RSA DV TLS CA G2	`2023-03-14` - `2024-04-12`	a year	crt.sh
www.gaituba.com Encryption Everywhere DV TLS CA - G1	`2022-09-14` - `2023-09-14`	a year	crt.sh
smallpdf.com Amazon RSA 2048 M01	`2023-06-19` - `2024-07-16`	a year	crt.sh
*.uupoop.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-28` - `2024-02-07`	a year	crt.sh
newday.me R3	`2023-07-08` - `2023-10-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-05` - `2024-03-08`	a year	crt.sh
adblockplus.org R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
pdfpai.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-03` - `2024-03-04`	a year	crt.sh
alltoall.net R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
www.wofficebox.com Encryption Everywhere DV TLS CA - G2	`2023-03-21` - `2024-03-20`	a year	crt.sh
jikexueyuan.com TrustAsia RSA DV TLS CA G2	`2022-12-20` - `2023-12-20`	a year	crt.sh
*.koolearn.com GlobalSign RSA OV SSL CA 2018	`2022-12-15` - `2024-01-16`	a year	crt.sh
*.51zxw.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-08` - `2024-01-06`	a year	crt.sh
www.runoob.com Encryption Everywhere DV TLS CA - G1	`2022-09-23` - `2023-09-24`	a year	crt.sh
f1.howzhi.com TrustAsia TLS RSA CA	`2020-05-12` - `2021-05-13`	a year	crt.sh
*.nosdn.127.net GeoTrust RSA CN CA G2	`2023-06-01` - `2024-06-28`	a year	crt.sh
*.imooc.com RapidSSL RSA CA 2018	`2022-10-11` - `2023-11-10`	a year	crt.sh
*.doyoudo.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-20` - `2024-03-01`	a year	crt.sh
*.163.com GeoTrust RSA CN CA G2	`2023-03-23` - `2024-04-22`	a year	crt.sh
*.huke88.com GeoTrust RSA CN CA G2	`2022-08-30` - `2023-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://91btdh.net/
Frame ID: 1BF67509D436293954555FBE23BF16AB
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html
Frame ID: 0C4C32685F1E3100D0EBAB318B24685F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&adk=769381493&adf=1569964852&lmt=1689765838&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F91btdh.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765838001&bpp=5&bdt=870&idt=273&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3142677362122&frm=20&pv=2&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: F7F980F904E036B09C87EBD68269F133
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13
Frame ID: 4FEA48EFEA3707A93B870CED16B48ADA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3663128792&adf=3143537669&pi=t.aa~a.8507044~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280&nras=3&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=JZbsnSF5Cy&p=https%3A//91btdh.net&dtd=17
Frame ID: 678667C2029EFFF0169FC5B920C81819
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20
Frame ID: 300B341BC73754B3BE0707B2241DD4BA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3627612126&pi=t.aa~a.8506029~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=1&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280%2C980x280&nras=5&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2755&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=JRHOPLUPzf&p=https%3A//91btdh.net&dtd=23
Frame ID: 47F16A21D77EB20CA0AEBE13139937C0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1A8568B5AA0F39156146BBDFF55C2B37
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4DBA2B724D60C01557E90BFC41D2C503
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4E11B2FD5CBC3A797CC9064277516E9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EC77C1B4C22D7A966EEFEF70AA78C23
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FD6CBA6FF1EB7F682AF4B83518026402
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A689F89136E7C2BC0B73DD1DB26596F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31FFD4386809CAFD16C2E023158078E2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js
Frame ID: 3060FA4FCD7A1172DAF6A998BD3D02F1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js
Frame ID: EB2EF7059AD03F0480FED9E582F6DBFE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js
Frame ID: 7F63E7D9502905661C790F46832F21C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js
Frame ID: 76126F95A0B4460C9072CDA4D4051F0C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js
Frame ID: BB1B38404E7BD5937CD330DC9671B0EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

91BT-磁力引擎天堂-好用的资源导航网站

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

prism\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

211
Requests

84 %
HTTPS

34 %
IPv6

66
Domains

75
Subdomains

59
IPs

13
Countries

3326 kB
Transfer

5858 kB
Size

36
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.91btdh.com/
Title: 磁力引擎天堂

Search URL Search Domain Scan URL

URL: https://www.wangzhanwo.com/
Title: BT磁力搜索

Search URL Search Domain Scan URL

URL: https://t.me/yshjfh
Title: 广告合作

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://iguge.app/img/128ico.png HTTP 301
https://iguge.xyz/img/128ico.png

Request Chain 91

https://cctalk.com/favicon.ico HTTP 307
https://www.cctalk.com/favicon.ico

Request Chain 162

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGAwU3Gv4_fLNST_mabvHoE&google_cver=1&google_push=AaAOQGHdyOj7VxuZRIy8yg6Vki76zpW1TrprTGsbxSM2SCZDEWU4s1klaBFPHiXrR1vBNgnTad9yydF0GbHYMimtdlSnz-6X0rWPtC84 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2MTc2OTExOTYzNjUxNTU1Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1

Request Chain 163

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO6mUldA3MSFhnArywIBJxs&google_cver=1&google_push=AaAOQGH3cHLi8g6DKgmX0PZzLaftWhMsjBwJXlXO5uX7jSIlvxSIBumSc1SHxXCWf5l4mnGlDTr7HstswNVs_RtAjgXPZBcin7h99nFB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH3cHLi8g6DKgmX0PZzLaftWhMsjBwJXlXO5uX7jSIlvxSIBumSc1SHxXCWf5l4mnGlDTr7HstswNVs_RtAjgXPZBcin7h99nFB

Request Chain 164

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEE95i_l8nhYeAtyjqbGPPx0&google_cver=1&google_push=AaAOQGHO0ZRrbDv1972dmG6QIstQyIw_XJMWm7jEKdMwm28jc3GS197xlSuxihLopdRaiPJIijP5YFDkPG7XCohVhACTkZzRlus5910 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE95i_l8nhYeAtyjqbGPPx0&google_push=AaAOQGHO0ZRrbDv1972dmG6QIstQyIw_XJMWm7jEKdMwm28jc3GS197xlSuxihLopdRaiPJIijP5YFDkPG7XCohVhACTkZzRlus5910

Request Chain 165

https://um.simpli.fi/gp_match?google_gid=CAESELNKehFOifyyMBRIifsGuCU&google_cver=1&google_push=AaAOQGEPxTSVI3QonKiN2EdTkV1_c1cvHrDKkgITAZOVVheVmKjO5nzproH81loJkES1E_Tqm8iKA8I8hP-jLgieftZt0HfvxtXNzkFa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGEPxTSVI3QonKiN2EdTkV1_c1cvHrDKkgITAZOVVheVmKjO5nzproH81loJkES1E_Tqm8iKA8I8hP-jLgieftZt0HfvxtXNzkFa

Request Chain 167

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPVSaJQFPJcD4QCfnDPDGU4&google_cver=1&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJYHopd-SGor8OmQxD_8zHtmHt6Bm5V HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPVSaJQFPJcD4QCfnDPDGU4&google_cver=1&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJYHopd-SGor8OmQxD_8zHtmHt6Bm5V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc0ODkyNzIxNjA2MjgyMjc1NA&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJYHopd-SGor8OmQxD_8zHtmHt6Bm5V

Request Chain 168

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPiAwLpJ-QawfoRUaqg7Ap8&google_cver=1&google_push=AaAOQGFSmdJIEiVzRtAVJqdPSppsZXcNXNf55Xd34kQlGyu1xGO3SvcX6fAnW7EcjAKckJcvW9dmWnuaOmjybxGQ1tctTHZkx6C74MO2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFSmdJIEiVzRtAVJqdPSppsZXcNXNf55Xd34kQlGyu1xGO3SvcX6fAnW7EcjAKckJcvW9dmWnuaOmjybxGQ1tctTHZkx6C74MO2&google_hm=tWL1YRe3R4S1OH7pl7NaiSY

Request Chain 178

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJApDRQTZ8prQIa-SY2VQz0&google_cver=1&google_push=AaAOQGF2GTLEg-9Wu6fIJAj2yOHK_xFkUWzFHuS-pOok1ZRXGZCOyWka53XMI_N_vx4Ari48KZjYPSFCZv3ol6ZVtr7hkL8rhxmGUQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQzMzgyNjcxMzY3NDQ0MzQ5Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1

Request Chain 180

https://um.simpli.fi/gp_match?google_gid=CAESEEkW9nsYiO1czOUt-BcAFb4&google_cver=1&google_push=AaAOQGGIyK_oEnObADqZK8C-3VDgRDhVmfDs--y4_oLDbHosV4jmYnt4AS4P8vGGYULpk8dZgobmlKpBmRRx7gSZFkiAnAHUZlWljg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGGIyK_oEnObADqZK8C-3VDgRDhVmfDs--y4_oLDbHosV4jmYnt4AS4P8vGGYULpk8dZgobmlKpBmRRx7gSZFkiAnAHUZlWljg

Request Chain 183

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPNW6GEHH3KpWlBC1kk-Jbo&google_cver=1&google_push=AaAOQGH9rBMxuhlULW6HZ2CyzO-OdhvMESiwcVQKS4U62dlEFn9POeDg4P9g4WB2TJsvrALD7jHg1gJwZcKAMMvN8kjYplyuiYY2S9k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH9rBMxuhlULW6HZ2CyzO-OdhvMESiwcVQKS4U62dlEFn9POeDg4P9g4WB2TJsvrALD7jHg1gJwZcKAMMvN8kjYplyuiYY2S9k

Request Chain 184

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEFUIkYnHARIJDbPxJIZLSGU&google_cver=1&google_push=AaAOQGFHETB4bsRAyW1thR4xGkLObyxKaUBLGALaD8fjHY93sLo7s131JBl3uHaUXwM07l4vtyb9Rdob69tcJ0GRkK_Xac83cgndiK_8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFHETB4bsRAyW1thR4xGkLObyxKaUBLGALaD8fjHY93sLo7s131JBl3uHaUXwM07l4vtyb9Rdob69tcJ0GRkK_Xac83cgndiK_8&google_hm=tWL1YRe3R4S1OH7pl7NaiSY

Request Chain 192

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAQeLXMIusBFcQZQG_8IKo0&google_cver=1&google_push=AaAOQGFOT9VbwKX_mjAIev7O-Cr7UgsjqKPOzj56un3H0pe5mxOtDhVpZV5cd2bSvL05F942NqSiNwPRu9tRBjFZJiY-MRUBOokDDGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUwNTg4NDMwNzcxMjM3MTQyOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1

Request Chain 193

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFh4EELkdzPJcvnCCnAg0hA&google_cver=1&google_push=AaAOQGGDFuDaFTotPhTdZ8g5tbcT8hdXcc4G8s-fzmDA1C7tGF0Cbgxao_gnH0xQi4il872JLdVCK_f6s6IplyWwhJgBZ26RaW2i9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFh4EELkdzPJcvnCCnAg0hA&google_push=AaAOQGGDFuDaFTotPhTdZ8g5tbcT8hdXcc4G8s-fzmDA1C7tGF0Cbgxao_gnH0xQi4il872JLdVCK_f6s6IplyWwhJgBZ26RaW2i9A

Request Chain 194

https://um.simpli.fi/gp_match?google_gid=CAESEMYEtnx0BljM_Q6d6PURZQ0&google_cver=1&google_push=AaAOQGFsryS_fB1Cwz-uP7-wAX1C8bFEJyRrHrj1nyewScZBPaODJfvqvElvwlUlQFYpaUbpPPoLtTj0ecsAY2c3T6FYTcPBsP5IIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGFsryS_fB1Cwz-uP7-wAX1C8bFEJyRrHrj1nyewScZBPaODJfvqvElvwlUlQFYpaUbpPPoLtTj0ecsAY2c3T6FYTcPBsP5IIA

Request Chain 195

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBh1IYQ3yDgS_FXLwtT6jjA&google_cver=1&google_push=AaAOQGEsdoYfRY7FYeJO7yxa9ThNlE85RgqEy4oNrJcz2P54-APTEoOYi2kjwChNlxfh69IA9dhaPsZMRm_FaF7PRzmoKtMKD6zDR5s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEsdoYfRY7FYeJO7yxa9ThNlE85RgqEy4oNrJcz2P54-APTEoOYi2kjwChNlxfh69IA9dhaPsZMRm_FaF7PRzmoKtMKD6zDR5s&google_hm=eS12bElJZGJGRTJwRlJqdFZDdVZ2VXRfOTVKbHFITjFzOX5B

Request Chain 196

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKz4rFtOjQeNCn4Gpos29t8&google_cver=1&google_push=AaAOQGF_wEQc6L7YCBbLzxEhpbmcDlhHBz8atQs9syE-bBMt4yB7Xe27ua4AbVu-oHJXnEgvFo0eLO3dyZRZoc5NU-riTBarBIMteQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGF_wEQc6L7YCBbLzxEhpbmcDlhHBz8atQs9syE-bBMt4yB7Xe27ua4AbVu-oHJXnEgvFo0eLO3dyZRZoc5NU-riTBarBIMteQ

Request Chain 197

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENLgnNk2Sh3MhXiKLHU8OiA&google_cver=1&google_push=AaAOQGHjYR8I5O4heg5mFPiu-X5816F24cVOC9APfJN_ske51cscxwnzFq9cYo1X5Q_RlewRtekNg_JQaIZA6oQWLZawoDKwoIPcK6M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHjYR8I5O4heg5mFPiu-X5816F24cVOC9APfJN_ske51cscxwnzFq9cYo1X5Q_RlewRtekNg_JQaIZA6oQWLZawoDKwoIPcK6M&google_hm=tWL1YRe3R4S1OH7pl7NaiSY

Request Chain 198

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAwcEBNFpe9vH28Hz8WD5Ws&google_cver=1&google_push=AaAOQGHBruNLsCHwbobwzdhKBhKnSup9ScRjGunekuPWhJvI2SCjlrSelitN-D5sCBL7SfYvhPChsWcRsjW9x47PfDjJiyO1FVIAt3s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHBruNLsCHwbobwzdhKBhKnSup9ScRjGunekuPWhJvI2SCjlrSelitN-D5sCBL7SfYvhPChsWcRsjW9x47PfDjJiyO1FVIAt3s HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 200

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 202

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&google_cver=1&google_push=AaAOQGGzZuq7s2D5Z70Ui32ZDBC6MiKUFnBJcEd3uSI4IDM37GcpuENo_1P162ovNYlDhuCKTssFwtqiwFpTQ_T8qHwL-x5magacgvonERtuQ9_93l7937aPVvmSpxAP-6MOedReggoxURo3eLa74w5uxgdq0Q HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&google_cver=1&google_push=AaAOQGGzZuq7s2D5Z70Ui32ZDBC6MiKUFnBJcEd3uSI4IDM37GcpuENo_1P162ovNYlDhuCKTssFwtqiwFpTQ_T8qHwL-x5magacgvonERtuQ9_93l7937aPVvmSpxAP-6MOedReggoxURo3eLa74w5uxgdq0Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWVSeURqdVkxUW01aEs1&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&google_cver=1&google_push=AaAOQGGzZuq7s2D5Z70Ui32ZDBC6MiKUFnBJcEd3uSI4IDM37GcpuENo_1P162ovNYlDhuCKTssFwtqiwFpTQ_T8qHwL-x5magacgvonERtuQ9_93l7937aPVvmSpxAP-6MOedReggoxURo3eLa74w5uxgdq0Q

Request Chain 203

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOnPL2y2b5zXFPFJF-rOwsA&google_cver=1&google_push=AaAOQGH0f-vi3-t7IPmPraQiWhmjUa6Kp6srgt_DtNdq8INiKSAxZUGTa0CYf7dQ9zA-e2xJuffozj8Nc9VIS0c7laIeNwpbAvw4w3BZF7rstKMrcY4_SHJGj4kkLy7l2HjhCCn_ko0IKLLGD3NRPWrSzJXCtOk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH0f-vi3-t7IPmPraQiWhmjUa6Kp6srgt_DtNdq8INiKSAxZUGTa0CYf7dQ9zA-e2xJuffozj8Nc9VIS0c7laIeNwpbAvw4w3BZF7rstKMrcY4_SHJGj4kkLy7l2HjhCCn_ko0IKLLGD3NRPWrSzJXCtOk

Request Chain 205

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMI9l2bckvHwowKeiR_vOa8&google_cver=1&google_push=AaAOQGEm-kHzgiby0a0UlqpDm8kXMhKb0FwYxo2Pevw6rYIZfr9RKbjIRNvHp4mwmzSanxgXoEGLz3f03Plwd-dv308kjFWjeJvZhUhq1CYEdwJy5tYeK80r_INQcxBoV0niaD1e5C9wMoGE7k_fk0Dd7ovA4xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEm-kHzgiby0a0UlqpDm8kXMhKb0FwYxo2Pevw6rYIZfr9RKbjIRNvHp4mwmzSanxgXoEGLz3f03Plwd-dv308kjFWjeJvZhUhq1CYEdwJy5tYeK80r_INQcxBoV0niaD1e5C9wMoGE7k_fk0Dd7ovA4xw&google_hm=eS1pdDR6c3JsRTJwR2Y5cmJLZDRUQmtxT0ROVmZMZ3V0VH5B

Request Chain 206

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYYt7G8mljQMMz7zcM-foI&google_cver=1&google_push=AaAOQGEXnHSL1tGXZ_-xPUsEP4H8kwxg2m75NzZj8b_gS-i4zAZsrGIAHsmNEqk_fTNhN0owzxu9A640UKTJwiFO6kPmwdjgiDFBifOV2Qt0s4JsPDU1mkcwmLe1T6Ay3ZYz4Cq2Uk4mLlp7V7n0K3Cjv6pD2yc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGEXnHSL1tGXZ_-xPUsEP4H8kwxg2m75NzZj8b_gS-i4zAZsrGIAHsmNEqk_fTNhN0owzxu9A640UKTJwiFO6kPmwdjgiDFBifOV2Qt0s4JsPDU1mkcwmLe1T6Ay3ZYz4Cq2Uk4mLlp7V7n0K3Cjv6pD2yc

Request Chain 207

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYYt7G8mljQMMz7zcM-foI&google_cver=1&google_push=AaAOQGHSzOY3aE3tHgoPXvoQ0UYjDwow1smWmSldaypveeZW2bCDtdIvCNnr2bsdsEJUgQ76S-NBHX6yrCpg8pozn1jKdzAZNsP7ZIzJRpD-cba8s-Ie6HjZf_8rT9QjQphh_o9POjAvpIuCOYvDiSEb1SvdTds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGHSzOY3aE3tHgoPXvoQ0UYjDwow1smWmSldaypveeZW2bCDtdIvCNnr2bsdsEJUgQ76S-NBHX6yrCpg8pozn1jKdzAZNsP7ZIzJRpD-cba8s-Ie6HjZf_8rT9QjQphh_o9POjAvpIuCOYvDiSEb1SvdTds

Request Chain 208

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHuO9uRS28XOQAfB2P12Rfk&google_cver=1&google_push=AaAOQGFRKiqqXSaIVVZVfCycAuKs4Uq2BJ5VNszyT9LB5EXWBLFIi-dVDtJF_FpMXVAwMi2gWLMb61gl8nyy9eSyeC8gBd4REX3pOETMzSOgn4HF6JrbffHzXjevyHJGvrf5uMsaV4Ld8O6PxUnvSNrU3wvq-DcD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFRKiqqXSaIVVZVfCycAuKs4Uq2BJ5VNszyT9LB5EXWBLFIi-dVDtJF_FpMXVAwMi2gWLMb61gl8nyy9eSyeC8gBd4REX3pOETMzSOgn4HF6JrbffHzXjevyHJGvrf5uMsaV4Ld8O6PxUnvSNrU3wvq-DcD HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

211 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
91btdh.net/ 83 KB
23 KB 2201ms
542ms Document
text/html 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

d14d336231852d1f69b47a67d6fe24693f87f899ae0b5d785e377023031512b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 19 Jul 2023 11:23:56 GMT
product: Z-BlogPHP 1.7.3
server: nginx
strict-transport-security: max-age=31536000
upgrade-insecure-requests: 1
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 index.css
91btdh.net/zb_users/theme/hnysweb/style/ 18 KB
5 KB 210ms
205ms Stylesheet
text/css 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/theme/hnysweb/style/index.css

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

636a4b9ab4134ae5ea58eecba3ac696badd23fe2167754cc64a68077aefae6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 03:27:40 GMT
server: nginx
etag: W/"64ae1dac-476f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
91btdh.net/zb_system/script/ 84 KB
33 KB 284ms
278ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_system/script/jquery-2.2.4.min.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 17 Jun 2016 06:54:42 GMT
server: nginx
etag: W/"57639eb2-14e4e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 zblogphp.js Show response
91btdh.net/zb_system/script/ 7 KB
3 KB 359ms
354ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_system/script/zblogphp.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 18 Jun 2020 03:57:21 GMT
server: nginx
etag: W/"5eeae621-1c24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 c_html_js_add.php Show response
91btdh.net/zb_system/script/ 5 KB
2 KB 445ms
441ms Script
application/x-javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_system/script/c_html_js_add.php

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

503f0afbc6557551cffd934b4c884271aab3b05b17f40a5c35bd00d67d5b3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
product: Z-BlogPHP 1.7.3
etag: W/3a8c33663d02960b11cb1c75f84c9093
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8

GET
H2 200 hnysnet.js Show response
91btdh.net/zb_users/theme/hnysweb/style/js/ 2 KB
815 B 371ms
367ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/theme/hnysweb/style/js/hnysnet.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

3a01e0fd7cf735ce0a4b57d61d08df036565f99024974c9bbef382117ee10fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 03:27:40 GMT
server: nginx
etag: W/"64ae1dac-66c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 UmMsg.css
91btdh.net/zb_users/plugin/UmMsg/ 5 KB
2 KB 210ms
206ms Stylesheet
text/css 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/UmMsg/UmMsg.css

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

f3616e813005d51c4d3a561c7382f296f5182dea596cb3a9db13839f4d774fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 03:48:24 GMT
server: nginx
etag: W/"63706908-1456"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 wind.js Show response
91btdh.net/zb_users/plugin/dayuser/style/js/ 43 KB
13 KB 433ms
430ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/dayuser/style/js/wind.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

dec4ccafea60ce10efe719da1ebe8f8825a11d1c9a72317424d6a2f88eb478b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 08:35:23 GMT
server: nginx
etag: W/"64366d4b-aa27"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 txcstx.css
91btdh.net/zb_users/plugin/txtop/style/ 1 KB
731 B 371ms
368ms Stylesheet
text/css 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/txtop/style/txcstx.css

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

703ed94178bfef4379d20f188be41f22f7e60ad056712a48bceb09ddfd300d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 13:34:54 GMT
server: nginx
etag: W/"614c827e-487"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 jquery.reveal.js Show response
91btdh.net/zb_users/plugin/XF_DS/js/ 882 B
1 KB 433ms
430ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/XF_DS/js/jquery.reveal.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

e0dcf3d2edba66d4b545d6ea09060e146cad204d22d03963df6fa3de6ace6789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Jan 2020 14:25:11 GMT
server: nginx
etag: "5e0cabc7-372"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 882
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 iconfont.css
91btdh.net/zb_users/plugin/XF_DS/css/ 4 KB
2 KB 378ms
375ms Stylesheet
text/css 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.css

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

ca89a0afdacaf559e706d55a723dc9252786928a758aa74fdea86588a0f5805c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 01 Jan 2020 14:25:11 GMT
server: nginx
etag: W/"5e0cabc7-1007"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 202110051633399963299418.png
91btdh.net/zb_users/upload/2021/10/ 7 KB
7 KB 225ms
223ms Image
image/png 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/upload/2021/10/202110051633399963299418.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

f31f559dba6373fd722481e3e854d72026344666ff279b64028b0b3504baec7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 05 Oct 2021 02:12:43 GMT
server: nginx
etag: "615bb49b-1c15"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7189
expires: Fri, 18 Aug 2023 11:23:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 81ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3488987404829368

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34a36d434190c8524e407161e9dbb2410e6d7cdc63dac3aff8eeb542f1baf40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Origin: https://91btdh.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50568
x-xss-protection: 0
server: cafe
etag: 9169618362625770516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:23:57 GMT

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 651ms
32ms Script
application/javascript 47.246.46.206
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.46.206 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 16:07:26 GMT
via: cache15.l2de2[864,352,304-0,C], cache2.l2de2[353,0], cache1.it2[0,0,200-0,H], cache7.it2[1,0]
content-encoding: gzip
x-oss-request-id: 64A989BE2612B03038434929
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 933392
x-swift-cachetime: 1296000
x-cache: HIT TCP_MEM_HIT dirn:11:427564009
x-oss-cdn-auth: success
x-swift-savetime: Sat, 08 Jul 2023 16:07:26 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
etag: "24BB520E9517F2ED3ED987B46AEAF723"
vary: Accept-Encoding
ali-swift-global-savetime: 1688832446
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: 2ff62e9b16897658382057368e
x-oss-server-time: 3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 136ms
112ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d95355776f74039a84e1782cd2039084d196b4d47dd874fc0976e818acce2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50569
x-xss-protection: 0
server: cafe
etag: 5830270092054608091
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:23:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 63ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-63XQHXHW69

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b711ee0d24de69ec4884c5687df28417c497b7b648542862063611c4ba5a459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81373
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jul 2023 11:23:57 GMT

GET
H2 200 js-sdk-perf.min.js Show response
sdk.51.la/perf/ 34 KB
12 KB 644ms
36ms Script
application/javascript 47.246.46.206
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/perf/js-sdk-perf.min.js
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.46.206 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d3016ff54f8e4330e2206e805401c5db32091aff1ec4fe4663e7436cd262423e

Request headers

Referer: https://91btdh.net/
Origin: https://91btdh.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:38:39 GMT
via: cache19.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache6.it2[0,0,200-0,H], cache3.it2[3,0]
content-encoding: gzip
x-oss-request-id: 64A966DFEAA5E2343280E580
content-md5: s8NHADlMxkRP2CI+TvPilQ==
age: 942319
x-swift-cachetime: 1295926
x-cache: HIT TCP_MEM_HIT dirn:11:167368736
x-oss-cdn-auth: success
x-swift-savetime: Sat, 08 Jul 2023 13:39:53 GMT
content-length: 11317
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:25:02 GMT
server: Tengine
etag: "B3C34700394CC6444FD8223E4EF3E295"
vary: Accept-Encoding
ali-swift-global-savetime: 1688823519
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17785010825271957679
eagleid: 2ff62e9716897658382061923e
x-oss-server-time: 7

GET
H2 200 jquery.lazyload.js Show response
91btdh.net/zb_users/theme/hnysweb/style/js/ 9 KB
3 KB 192ms
190ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.3

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

93f992927d16d7f6437ff50f0a6ee05f0e4bd82e8b869af4463b6d3462ca419c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 03:27:40 GMT
server: nginx
etag: W/"64ae1dac-2360"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 sf_praise_sdk.js Show response
91btdh.net/zb_users/plugin/sf_praise_sdk/js/ 1 KB
831 B 194ms
192ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

1348987fdcb6628f4a30123640d18f3b7b97fc5bd43a6ab44f63a21d5e311cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 01 Jan 2020 14:24:18 GMT
server: nginx
etag: W/"5e0cab92-58c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 UmMsg.js Show response
91btdh.net/zb_users/plugin/UmMsg/js/ 12 KB
5 KB 196ms
195ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/UmMsg/js/UmMsg.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

ea907043013b1dce2c9390c92b206e6904e1cff946e7d73f99563b06ca3d1afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 03:48:24 GMT
server: nginx
etag: W/"63706908-3059"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 frontend.js Show response
91btdh.net/zb_users/plugin/dayuser/style/js/ 52 KB
10 KB 210ms
209ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/dayuser/style/js/frontend.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

32274fb3c8cf12d5190af36fd6916f70759725aefe1b17e1d3bfbd7fcd21362d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 08:35:23 GMT
server: nginx
etag: W/"64366d4b-d165"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 txtop.js Show response
91btdh.net/zb_users/plugin/txtop/js/ 814 B
1 KB 214ms
212ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/txtop/js/txtop.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

128e52d620b090749bdcfc157c016180684de8fb17f7461df611995ee8f3c9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Sep 2021 13:34:54 GMT
server: nginx
etag: "614c827e-32e"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 814
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 zfb.png
91btdh.net/zb_users/plugin/XF_DS/image/ 913 KB
914 KB 247ms
246ms Image
image/png 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/plugin/XF_DS/image/zfb.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

fb5b95d1087863ca1701ce991a39f8b153e11592200fcea4322a1efa78831223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17 Jun 2021 07:56:36 GMT
server: nginx
etag: "60cb0034-e441c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 934940
expires: Fri, 18 Aug 2023 11:23:57 GMT

GET
H2 200 wx.png
91btdh.net/zb_users/plugin/XF_DS/image/ 492 KB
492 KB 579ms
578ms Image
image/png 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/plugin/XF_DS/image/wx.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

be870166bacd8cb5ec99117f9c99201590530b16dbc57a1ba5cbcdc0e41a0565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 17 Jun 2021 07:53:28 GMT
server: nginx
etag: "60caff78-7aef3"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 503539
expires: Fri, 18 Aug 2023 11:23:57 GMT

GET
H2 200 prism.js Show response
91btdh.net/zb_users/plugin/UEditor/third-party/prism/ 60 KB
25 KB 209ms
209ms Script
application/javascript 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/UEditor/third-party/prism/prism.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/zb_system/script/c_html_js_add.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 18 Sep 2022 02:40:53 GMT
server: nginx
etag: W/"63268535-eecb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 prism.css
91btdh.net/zb_users/plugin/UEditor/third-party/prism/ 4 KB
2 KB 224ms
224ms Stylesheet
text/css 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/UEditor/third-party/prism/prism.css

Requested by

Host: 91btdh.net
URL: https://91btdh.net/zb_system/script/c_html_js_add.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 18 Sep 2022 02:40:53 GMT
server: nginx
etag: W/"63268535-1039"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 19 Jul 2023 23:23:57 GMT

GET
H2 200 iconfont.woff
91btdh.net/zb_users/plugin/XF_DS/css/ 3 KB
4 KB 574ms
574ms Font
font/woff 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.woff?t=1459669414

Requested by

Host: 91btdh.net
URL: https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

2f6a160e17a315d3486a25ffea950ae347d095fef179b0632c63dc6f65136c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.css
Origin: https://91btdh.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Jan 2020 14:25:11 GMT
server: nginx
etag: "5e0cabc7-d78"
content-type: font/woff
accept-ranges: bytes
content-length: 3448

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 357 KB
123 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3488987404829368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e0d9a702691f6bbb6ce2939fb7ee100032569ed46cb14efe847d1a4376408dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125719
x-xss-protection: 0
server: cafe
etag: 2703983930019588225
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:23:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/ Frame 0C4C 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3488987404829368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 19:25:45 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 19:25:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 403 collect Show response
collect-v6.51.la/v6/ 0
510 B 819ms
278ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://91btdh.net
Date: Wed, 19 Jul 2023 11:23:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1253ms
361ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?cc89cb642da27ec01f796f483d41558b

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d218b60caa3e206f5e6a6153f196db26ee8ba6dea4e510a24a19af6ebbb19445

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:23:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 19348c542029ecdee42f5471d7e4640a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11258

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 37ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=91btdh.net&callback=_gfp_s_&client=ca-pub-3488987404829368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94b593f5358d3d5858501915fb02b2404d8f88dcd3ab2490ef89f034bb9ab1d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
22ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=91btdh.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left-bar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:23:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:23:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7F9 228 KB
57 KB 1050ms
1050ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&adk=769381493&adf=1569964852&lmt=1689765838&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F91btdh.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765838001&bpp=5&bdt=870&idt=273&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3142677362122&frm=20&pv=2&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18dd61439b0cfc74297818f6e837695834e4aa2a41d03f79deace96127cfce93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57709
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:23:59 GMT
expires: Wed, 19 Jul 2023 11:23:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 403 collect Show response
collect-v6.51.la/v6/ 0
510 B 793ms
284ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://91btdh.net
Date: Wed, 19 Jul 2023 11:23:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
510 B 935ms
340ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://91btdh.net
Date: Wed, 19 Jul 2023 11:23:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 38ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63XQHXHW69&gtm=45je37h0&_p=1985731244&cid=96518685.1689765838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689765838&sct=1&seg=0&dl=https%3A%2F%2F91btdh.net%2F&dt=91BT-%E7%A3%81%E5%8A%9B%E5%BC%95%E6%93%8E%E5%A4%A9%E5%A0%82-%E5%A5%BD%E7%94%A8%E7%9A%84%E8%B5%84%E6%BA%90%E5%AF%BC%E8%88%AA%E7%BD%91%E7%AB%99&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-63XQHXHW69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:23:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://91btdh.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET share.js
bdimg.share.baidu.com/static/api/js/ 0
0

GET
H2 200 top.png
91btdh.net/zb_users/plugin/txtop/img/ 2 KB
3 KB 406ms
406ms Image
image/png 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/plugin/txtop/img/top.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/zb_users/plugin/txtop/style/txcstx.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

06717e5b34d53990e28deb7097b3d7fcc063ee780a6ce31675745dd4820de81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/zb_users/plugin/txtop/style/txcstx.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Sep 2021 13:34:54 GMT
server: nginx
etag: "614c827e-989"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2441
expires: Fri, 18 Aug 2023 11:23:58 GMT

GET
H2 200 load.gif
91btdh.net/zb_users/theme/hnysweb/style/images/ 19 KB
19 KB 475ms
474ms Image
image/gif 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/style/images/load.gif

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

fbcfb01b43c06622da482bb5ca2590d49e2b8e3da9555dc7d2703010e8d8ac26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Jul 2023 03:27:40 GMT
server: nginx
etag: "64ae1dac-4ba3"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19363
expires: Fri, 18 Aug 2023 11:23:58 GMT

GET
H2 200 favicon.ico
www.sokk9.one/assets/bc51d864/images/ 4 KB
2 KB 135ms
103ms Image
image/x-icon 2606:4700:3032::6815:3d25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sokk9.one/assets/bc51d864/images/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:3d25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678c79c4a4d7ddd075629d31fbe0d93512f60c35a33eae5a7d47c8bfbe5a82d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 15 Mar 2022 20:03:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6230f104-10be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnQaTBwusUEWglxJ8ctxYxz7gQkHN1q%2B4c1BsciMGAtfzPxJzTCdkeVT7NKsnvOyI8IB28fbGQ831R960d2aDG2gSOCUwVUdB6xdb4%2BIpavgqH%2B68Xwx57ewgtqXYNFfwQr1SpKdyBkVFTDi"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 7e92986a19392bb9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 %E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20230319163819.jpg
juanjuansou.com/wp-content/uploads/2023/03/ 1 KB
2 KB 1318ms
219ms Image
image/jpeg 8.136.177.174
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://juanjuansou.com/wp-content/uploads/2023/03/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20230319163819.jpg

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.136.177.174 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

044aa999cebea5ba8299c06b58cbc7040266e8e5eb3a6a3904d3fea86d51b2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Mar 2023 08:38:33 GMT
server: nginx
etag: "6416ca09-587"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1415
expires: Fri, 18 Aug 2023 11:23:59 GMT

GET
H2 200 favicon.ico
kanliao1.one/ 4 KB
3 KB 464ms
152ms Image
image/x-icon 107.167.16.140
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kanliao1.one/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.167.16.140 Los Angeles, United States, ASN46844 (SHARKTECH, US),

Reverse DNS

customer.sharktech.net

Software

nginx /

Resource Hash

73f674504493acb633006975ec880efed7f455ddbd3bbb4e64684d5821776939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 22 Jun 2022 05:00:13 GMT
server: nginx
etag: W/"62b2a1dd-10be"
vary: Accept-Encoding
content-type: image/x-icon

GET
H2 200 202002161581816645220877.jpeg
91btdh.net/zb_users/upload/2020/02/ 36 KB
36 KB 476ms
471ms Image
image/jpeg 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/upload/2020/02/202002161581816645220877.jpeg

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

8cffaf1889bd3165acec65f537b3dca268d76c4a6d55bd6f2402c03e2a74d7d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 16 Feb 2020 01:30:45 GMT
server: nginx
etag: "5e489b45-8f73"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36723
expires: Fri, 18 Aug 2023 11:23:58 GMT

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 1 KB
1 KB 481ms
476ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://199234.xyz/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

daebb3d5a30c97e41864788d8514c6a9ea60ad6dd771148c98ebc99b31d343dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H/1.1 404
Not Found favicon.ico
www.fbobo2.pw/ 0
0 1154ms
188ms Image
text/html 2.59.155.28
HDTIDCCLOUD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fbobo2.pw/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.59.155.28 , Hong Kong, ASN136038 (HDTIDCCLOUD-AS-AP HDTIDC LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H/1.1 404
Not Found favicon.ico
www.sv20.pw/ 0
0 1092ms
186ms Image
text/html 2.59.155.28
HDTIDCCLOUD-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sv20.pw/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.59.155.28 , Hong Kong, ASN136038 (HDTIDCCLOUD-AS-AP HDTIDC LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 9 KB
10 KB 482ms
477ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://www.cilipa223.shop/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

5a19f2390772b3f6380fbf22504b5cbc680dd784f4b780410409c20740931cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H2 200 favicon.ico
www.alipansou.com/ 15 KB
4 KB 739ms
199ms Image
image/vnd.microsoft.icon 2606:4700:3036::ac43:818e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alipansou.com/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:818e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a634e1b44a375a10b1725d183c5f7808f63d4d773a18ca5828274cf66bec5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 13:44:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmrxg1GejvAz6LscTzt2DFLP9n7LLODWzjYa0xY2oVzEQabUilF634VN%2F49LPkqC1P0lb5qT3qrK1h4OvPpe9n4QbTbWUxqxvcSh0AbmqB%2BOolCt2cUGDD4y242a%2FS%2B66cvOSTlh1Pw5BI3ug%2B7KbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 7e92986d49e8360e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 202211201668904447239157.png
91btdh.net/zb_users/upload/2022/11/ 2 KB
2 KB 479ms
474ms Image
image/png 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/upload/2022/11/202211201668904447239157.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

bacacad55d2e8ac8ed7420a2aa48b259d7c375fd2c3734a4d3b5d70b583360d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 20 Nov 2022 00:34:07 GMT
server: nginx
etag: "637975ff-6e5"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1765
expires: Fri, 18 Aug 2023 11:23:58 GMT

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 6 KB
6 KB 483ms
477ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://github.com/yuhuage/dizhi/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

2ee43237d196100210f1786e7b73b57cd140f6013c072c70dbdffd9e9bc695f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 824 B
916 B 483ms
478ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://xccl.live/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

ea6bc6bd34add18f4c196d80639c15fc7ef30b20743284517d941ad69a5b1758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H2 200 icon.png
soupian.xyz/images/ 12 KB
12 KB 709ms
230ms Image
image/png 154.88.14.62
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://soupian.xyz/images/icon.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.88.14.62 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3959f614a00059f3598911608d3057d81bcce2b564ebc275428da71d973bfdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
last-modified: Sat, 15 Oct 2022 09:44:30 GMT
server: nginx
accept-ranges: bytes
content-length: 12010
x-cache: HIT
content-type: image/png

GET
H2 200 logo.svg
tg.qianfan.app/static/img/ 1 KB
2 KB 1836ms
201ms Image
image/svg+xml 210.56.49.48
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.qianfan.app/static/img/logo.svg
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.56.49.48 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 18e3f9ea59296540a14c9fc4fb178abd9fc2f8c6f35ae460176520bb23c6a745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
last-modified: Mon, 25 Jul 2022 18:12:51 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "62dedd23-543"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1347
expires: Fri, 18 Aug 2023 11:24:00 GMT

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 492 B
584 B 701ms
696ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://xn--tfr036ez7d.com/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H2 200 favicon.ico
btmulu8.com/assets/1dbbdf40/images/ 4 KB
2 KB 174ms
119ms Image
image/x-icon 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://btmulu8.com/assets/1dbbdf40/images/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678c79c4a4d7ddd075629d31fbe0d93512f60c35a33eae5a7d47c8bfbe5a82d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 01 Apr 2021 17:12:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6065fee3-10be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KH2dzsqx35mEs5wkbsdpeJahYMv8knINotyenGuEaSYCSWS3xuYcERaW5de3%2FywUBTTSKvgIHbfzyUeZRzcTDiiKX7d%2FuNSke5yS9N1V2cImib2FU9yHkUMlXorl1V4Za%2B%2FskTc8pfWawg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 7e92986a4eb91915-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 favicon.ico
dapanso.com/ 4 KB
4 KB 454ms
145ms Image
image/x-icon 149.28.86.9
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dapanso.com/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.28.86.9 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

149.28.86.9.vultrusercontent.com

Software

nginx /

Resource Hash

c88859dfe873347f0f7b7cc81b713d01c9437de3d3700c4c2d74386aeeb3fb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 18 Jul 2023 00:56:46 GMT
server: nginx
etag: "64b5e34e-10be"
content-type: image/x-icon
accept-ranges: bytes
content-length: 4286

GET
H2 200 upso_mlogo.png
www.upyunso.com/static/img/ 11 KB
12 KB 1056ms
166ms Image
image/png 23.224.99.3
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upyunso.com/static/img/upso_mlogo.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.99.3 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

4e8c1124ab199edad5608f963da3d4cbfae3438c698d79d9c72a0d99bb5fcd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Jan 2022 11:01:51 GMT
server: nginx
etag: "61d96f1f-2ddc"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11740
expires: Fri, 18 Aug 2023 11:23:59 GMT

GET
H2 200 apple-touch-icon.png
jujuso.com/ 6 KB
7 KB 110ms
14ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jujuso.com/apple-touch-icon.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f982141a3b64101e815fe0cff8be34a843580232a8090ef0fcd28f242a4be07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Jul 2023 00:51:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4281
etag: "64b1eda7-184b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lhZB0YpuFvbs4zhRxqI7%2F1zipFZ076TAlH2qTbiMwZTjAaQoNf9ycMHAQwM%2BVqDGqdtjUWQJbrAnymNoTYnv6OsiClA%2BPXR7CFlnPUtjWbjwSlxU9QNUpj2PI8rKqZChAy5vzcsRwWv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e92986d6c2837ca-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6219

GET
H2 200 favicon.ico
tellme.pw/app/bts/View/img/ 1 KB
1 KB 1292ms
231ms Image
image/x-icon 91.208.206.46
ALEXHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tellme.pw/app/bts/View/img/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.208.206.46 , Moldova, ASN200019 (ALEXHOST, MD),

Reverse DNS

mdcdn003

Software

nginx /

Resource Hash

5fae8a8cd4295ebaaf3bf9015a3612d679cc12c15d9911865009c1da597dfb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: cache
date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Thu, 31 Oct 2019 01:40:59 GMT
server: nginx
age: 0
etag: "5dba3bab-47e"
x-cache: MISS
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1150
expires: Fri, 18 Aug 2023 11:22:07 GMT

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 5 KB
5 KB 482ms
478ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://www.nmme.xyz/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

438daafda2b1dfbfc2abc5c149de0d75b781dc10ede7ab302a1d80926035f4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H2 200 favicon.png
cdn.anyshare.icu/img/skrbt/ 553 B
857 B 461ms
147ms Image
image/png 64.64.253.246
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.anyshare.icu/img/skrbt/favicon.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.64.253.246 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.253.246.16clouds.com
Software: nginx /
Resource Hash: db5a7469a044258a1383a9b023447d23b6efbd65806cfbf97480410036c0f417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
last-modified: Wed, 12 Jul 2023 07:34:15 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 553
expires: Fri, 18 Aug 2023 11:23:59 GMT

GET
H2 403 favicons
www.google.cn/s2/ 0
0 118ms
85ms Image
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.cn/s2/favicons?domain=https://btsososo.com/
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 17 KB
17 KB 485ms
481ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://www.toolai.io

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

ebfb2d201ae8cf373cd79fed6c57225e31980ef0cc579724a941e5e800aa784d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 4 KB
4 KB 486ms
482ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://www.ieway.cn/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

4b05e9bfc1465ba8b0e5a5369fdbb55df77e0aa754dfb99b88da8d06b7198df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET
H2 200 apowersoft.png
qncdn.aoscdn.com/common/apple-touch-icon/ 13 KB
13 KB 1176ms
15ms Image
image/png 163.181.92.186
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qncdn.aoscdn.com/common/apple-touch-icon/apowersoft.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.186 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 777e049a9da8068085d238d7018eefb00591c345779de0b3b5488fe553f272b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 11:53:07 GMT
via: cache1.l2de2[0,0,200-0,H], cache19.l2de2[1,0], ens-cache13.de5[0,0,200-0,H], ens-cache15.de5[2,0]
x-oss-meta-region: cn-shenzhen
x-oss-request-id: 641877F633F7673739F9B046
content-md5: RFas3KgBe7IP0og8cf/apg==
age: 9502253
x-swift-cachetime: 22448367
x-cache: HIT TCP_HIT dirn:13:17280728
x-swift-savetime: Fri, 14 Jul 2023 16:13:40 GMT
content-length: 12934
x-m-reqid: bpACAAqqRnzUflEX
x-oss-object-type: Normal
x-m-log: QNM:lac61;QNM3
last-modified: Thu, 31 Mar 2022 07:45:51 GMT
server: Tengine
etag: "4456ACDCA8017BB20FD2883C71FFDAA6"
ali-swift-global-savetime: 1680263587
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: max-age=31536000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
x-oss-hash-crc64ecma: 2086071265414357036
x-qnm-cache: Hit
eagleid: a3b55ca316897658404083498e
x-oss-server-time: 16

GET
H2 200 favicon.png
www.iamwawa.cn/Public/img/ 2 KB
2 KB 1934ms
206ms Image
image/png 134.175.83.163
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iamwawa.cn/Public/img/favicon.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 134.175.83.163 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx /
Resource Hash: 103efcf01f9b246d875c237ea9eecfa9337f231848eea3abb4b84ce886929742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:01 GMT
last-modified: Sun, 13 Jan 2019 12:35:39 GMT
server: nginx
etag: "5c3b309b-6d5"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1749
expires: Fri, 18 Aug 2023 11:24:01 GMT

GET flvcd_logo.jpg
www.flvcd.com/ 0
0

GET
H/1.1 200
OK favicon.ico
www.gaituba.com/ 1 KB
1 KB 1520ms
216ms Image
image/x-icon 121.41.179.170
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gaituba.com/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

121.41.179.170 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

51206b2d4b03eef103737bd0079e69cffd7f608a43d814749d49b40907169348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:24:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Apr 2023 02:53:39 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "644b3533-47e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1150
X-XSS-Protection: 1; mode=block

GET
H2 200 favicon.ico
smallpdf.com/ 2 KB
2 KB 67ms
15ms Image
image/x-icon 18.239.94.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smallpdf.com/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-42.ams1.r.cloudfront.net

Software

Resource Hash

648870e2c4cf20949a42221027775103b33ff6606d3ff4e184909aa55c9ee083

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
date: Wed, 19 Jul 2023 11:21:36 GMT
via: 1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jul 2023 08:14:32 GMT
x-amz-cf-pop: AMS1-P3
age: 174
etag: W/"67e-1893eddd240"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/x-icon
cache-control: public, max-age=300, must-revalidate
accept-ranges: bytes
content-length: 1662
x-xss-protection: 1
x-amz-cf-id: qiz3yA_GN03j3eEIcIgnUnBBfWKNICMLbNfyLXiTp1kb1auQOi3rCQ==

GET
H2 200 favicon.ico
www.uupoop.com/ 1 KB
1 KB 3810ms
188ms Image
image/x-icon 47.97.61.20
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uupoop.com/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

47.97.61.20 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx/1.13.6 /

Resource Hash

9f89491daddbc50feae268d78185da5d959305251453fe3a88b170228a531ae2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.gaoding.com http://tongji.baidu.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:03 GMT
content-security-policy: frame-ancestors 'self' *.gaoding.com http://tongji.baidu.com
last-modified: Tue, 06 Jul 2021 13:54:43 GMT
server: nginx/1.13.6
etag: "60e460a3-47e"
content-type: image/x-icon
accept-ranges: bytes
content-length: 1150

GET favicons
www.google.cn/s2/ 0
0

GET
H2 200 favicon.ico
91btdh.net/ 1 KB
1 KB 478ms
474ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

ad29582e102013f8d3b1494cc57f4d02f43026d77cc99053a99e7c6f447a84c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 26 Feb 2023 05:26:41 GMT
server: nginx
etag: "63faed91-47e"
content-type: image/x-icon
accept-ranges: bytes
content-length: 1150

GET
H2 403 favicons
www.google.cn/s2/ 0
0 49ms
48ms Image
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.cn/s2/favicons?domain=https://tools.miku.ac/
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 403 favicons
www.google.cn/s2/ 0
0 81ms
80ms Image
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.cn/s2/favicons?domain=https://zh.numberempire.com/
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 favicon.ico
pan.newday.me/pan/ 17 KB
17 KB 1234ms
240ms Image
image/x-icon 116.62.143.55
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pan.newday.me/pan/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.62.143.55 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash: 95d32e0461963b4ce437815be9b96434b6cb89c1a9c94e87cabefaae98af56bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
last-modified: Fri, 24 Mar 2023 16:28:32 GMT
etag: "641dcfb0-423e"
content-type: image/x-icon
cache-control: max-age=864000
accept-ranges: bytes
content-length: 16958
expires: Sat, 29 Jul 2023 11:24:00 GMT

GET
H2 200 202108201629425954141798.png
91btdh.net/zb_users/upload/2021/08/ 872 B
1 KB 478ms
475ms Image
image/png 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/upload/2021/08/202108201629425954141798.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

13eb6c855c1b4db6cf5b345fd55254b148e24a98f6873bff1a1b2c423eb32516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 20 Aug 2021 02:19:14 GMT
server: nginx
etag: "611f1122-368"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 872
expires: Fri, 18 Aug 2023 11:23:58 GMT

GET
H3 403 favicons
www.google.cn/s2/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.cn/s2/favicons?domain=http://www.hippter.com/
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 403 favicons
www.google.cn/s2/ 0
0 85ms
84ms Image
text/html 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.cn/s2/favicons?domain=https://www.cgown.com/
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 400 favicon.ico
one.newday.me/one/ 0
0 1393ms
379ms Image
text/html 2a03:2880:f10c:283:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://one.newday.me/one/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f10c:283:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 500 icon180.png
tampermonkey.freetls.fastly.net/images/ 0
0 46ms
7ms Image
text/html 2a04:4e42:200::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tampermonkey.freetls.fastly.net/images/icon180.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H/1.1 200
OK navbar-logo.svg
adblockplus.org/img/ 12 KB
12 KB 35ms
8ms Image
image/svg+xml 148.251.232.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adblockplus.org/img/navbar-logo.svg?2959957655

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

148.251.232.132 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

adblockplus-org-2.adblockplus.org

Software

Apache/2.4.38 (Debian) /

Resource Hash

d6e732d62a931614cfa82746273595002ddc36432cd3d9cdaf95bd28d64b0836

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:24:00 GMT
Last-Modified: Tue, 18 Jul 2023 14:28:04 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2f85-600c3b917c1ab"
Vary: Accept-Language,Origin
X-Frame-Options: sameorigin
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12165

GET
H2

200

128ico.png
iguge.xyz/img/
Redirect Chain

https://iguge.app/img/128ico.png
https://iguge.xyz/img/128ico.png

5 KB
5 KB

289ms
185ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iguge.xyz/img/128ico.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a339b0c23a6c05385d160a565d9d0ec3b3214321633571416a580a95d50e3fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Feb 2020 01:59:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "131e-59da2463289ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4TxAZhDikbBnP4f2jhOTaEZszdDmqV5pc6H90gS4cvinyvo8jtZ%2BagfVI75eZSG0BM%2Fkj7e3pLBwZ83cL%2Fkmjd3bzJmcq%2FRhEcPSHZWsfVy%2BzEytG5JoV335VppzSAL6JI25Dyctjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e9298769b3f30d8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4894

Redirect headers

date: Wed, 19 Jul 2023 11:24:00 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Xngo54J%2FWKNLhWLD613TYRjg1itY6ds2dKsZV4Uq5v3ziYYgoGTa6u4PEHeK%2BlqOhH07MO8uZD8%2Bl%2BD8xfbTcdGKII40PJTkacXnO%2BfcPnBjOmRlnhJjXhyoQdQy28Rq8NLmDMGQLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://iguge.xyz/img/128ico.png
cache-control: max-age=14400
cf-ray: 7e929874881603a6-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200 favicon.ico
www.pdfpai.com/statics/images/ 41 KB
41 KB 1345ms
430ms Image
image/x-icon 103.40.249.193
CHINANET-IDC-GD C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pdfpai.com/statics/images/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.40.249.193 , China, ASN4816 (CHINANET-IDC-GD China Telecom Group, CN),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

c1b5481e403f273b7297a7a45f1ef1e7cc5ea2e7d5eee47f82353a840bfdcf9c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:24:00 GMT
Content-Security-Policy: upgrade-insecure-requests
Last-Modified: Wed, 29 Jun 2022 02:23:52 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 42166
Content-Type: image/x-icon

GET
H2 200 favicon.png
smallpdf.com/ 119 B
519 B 13ms
13ms Image
image/png 18.239.94.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smallpdf.com/favicon.png

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-42.ams1.r.cloudfront.net

Software

Resource Hash

4ca90e6029969b0b8b3eb2005328c1eef1b9a7f48658e208fca5377a4f3a49ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
date: Wed, 19 Jul 2023 11:23:34 GMT
via: 1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jul 2023 08:14:32 GMT
x-amz-cf-pop: AMS1-P3
age: 30
etag: W/"77-1893eddd240"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=300, must-revalidate
accept-ranges: bytes
content-length: 119
x-xss-protection: 1
x-amz-cf-id: 8UB060-oLsxF5pWi2N5VgIdhijXpEYri6tl9gVL9uUg4_pPxHQ_VJw==

GET favicon.ico
www.pcfreetime.com/ 0
0

GET
H/1.1 200
OK fa70f63e4bbcc259632aae74746ce5d6.png
www.alltoall.net/qfy-content/uploads/2016/06/ 20 KB
20 KB 1655ms
187ms Image
image/png 139.196.210.75
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.alltoall.net/qfy-content/uploads/2016/06/fa70f63e4bbcc259632aae74746ce5d6.png
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.196.210.75 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d1a1d237650685c12ba6ff94affb2385bd114827f0c096e793c8efefff545779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:24:01 GMT
Last-Modified: Fri, 16 Dec 2022 09:45:52 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4f1d-5efeed5d03400"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=60
Content-Length: 20253

GET
H2 200 favicon.ico
www.wofficebox.com/ 1 KB
1 KB 3109ms
214ms Image
image/x-icon 112.74.78.199
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wofficebox.com/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.74.78.199 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: tengine /
Resource Hash: 088b65d364b96512db032c139f938bc2b20a4b6c10ab72099448e7ee298c340c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:03 GMT
last-modified: Thu, 09 Jul 2020 09:36:19 GMT
server: tengine
accept-ranges: bytes
etag: "5f06e513-47e"
content-length: 1150
content-type: image/x-icon

GET
H2 200 get.php
91btdh.net/zb_users/theme/hnysweb/functions/ 4 KB
4 KB 485ms
483ms Image
image/x-icon 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=http://zihua.com.cn/

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

7cb8421025a19e9f3a4c321fd10a69d7ce418f38fdc2005be3fe326fdc941630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/x-icon

GET favicons
www.google.cn/s2/ 0
0

GET
H2

200

favicon.ico
www.cctalk.com/
Redirect Chain

https://cctalk.com/favicon.ico
https://www.cctalk.com/favicon.ico

2 KB
2 KB

1673ms
9ms

Image
image/x-icon

163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cctalk.com/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),

Reverse DNS

Software

API-GATEWAYSSL/1.0 /

Resource Hash

1aa9e5ca2fb6e7c7a11911bc06013c2cf06b29da14895db9e1ba88c39a1c4ac5

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://class.hujiang.com/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:02 GMT
x-in-apigatewayssl: ali-176
server: API-GATEWAYSSL/1.0
age: 1
x-in-apigateway: ali-cc-208
x-frame-options: ALLOW-FROM https://class.hujiang.com/
content-type: image/x-icon
x-via: 1.1 dx141:8 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01TJx38:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:13 (Cdn Cache Server V2.0)
cache-control: public, max-age=86400
x-ws-request-id: 64b7c7d2_PSdgflkfFRA1gi91_20115-60683
content-length: 2109

Redirect headers

Location: https://www.cctalk.com/favicon.ico
Date: Wed, 19 Jul 2023 11:24:01 GMT
X-IN-APIGATEWAYSSL: ali-238
Server: API-GATEWAYSSL/1.0
Connection: keep-alive
Content-Length: 180
Content-Type: text/html

GET
H2 200 favicon.ico
www.jikexueyuan.com/ 17 KB
2 KB 1202ms
176ms Image
image/x-icon 140.143.48.31
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.jikexueyuan.com/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 140.143.48.31 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.19.2 /
Resource Hash: 9eda2cddffdf540977e3d8dec7c3d478eac2bdd10629414e31f30d6ea17f533a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 10:12:07 GMT
server: nginx/1.19.2
etag: W/"64ad2af7-423e"
vary: Accept-Encoding
content-type: image/x-icon

GET
H/1.1 200
OK favicon.ico
www.koolearn.com/ 4 KB
5 KB 2776ms
266ms Image
image/x-icon 120.72.45.209
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.koolearn.com/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

120.72.45.209 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

Resource Hash

f42608813df573272e2807a82aa05cf0b23f37978dd8730325116f330dcc32b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:24:03 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 03 Jan 2023 03:43:08 GMT
ETag: "63b3a44c-10be"
X-Frame-Options: SAMEORIGIN
X-Via-JSL: 1d8ee5c,-
Content-Type: image/x-icon
X-Cache: bypass
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4286

GET
H/1.1 200
OK favicon.ico
www.51zxw.net/ 1 KB
1 KB 1801ms
211ms Image
image/x-icon 61.147.67.86
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51zxw.net/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

61.147.67.86 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),

Reverse DNS

Software

Microsoft-IIS/7.5 / ASP.NET

Resource Hash

3c6681685b6881bad7562f94245f4d316b0af1e53984d445fafa6681a0f84684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15769000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15769000
Date: Wed, 19 Jul 2023 11:23:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Oct 2013 17:34:22 GMT
Server: Microsoft-IIS/7.5
ETag: "20686877ccbece1:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 1150
X-XSS-Protection: 1

GET
H2 200 favicon.ico
www.runoob.com/ 4 KB
5 KB 1056ms
8ms Image
image/x-icon 154.85.69.6
LDPL-AS-AP LEGEND...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.runoob.com/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.85.69.6 -, , ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: a4fac8550d33bb7d3332a1a7cf255a22c1dda05a85aba9aa36e68970253fad5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Fri, 18 Aug 2023 05:14:42 GMT
date: Wed, 19 Jul 2023 11:24:02 GMT
last-modified: Sat, 28 Oct 2017 06:16:36 GMT
etag: "59f420c4-10be"
x-cache: HIT from BC5_DE-Frankfurt-Frankfurt-11-cache-1(baishan)
content-type: image/x-icon
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4286
x-ser: BC46_dx-lt-yd-shandong-jinan-5-cache-6, BC106_US-DistColumbia-washingtonDC-1-cache-1, BC130_IT-Lombardia-Milan-1-cache-1, BC5_DE-Frankfurt-Frankfurt-11-cache-1

GET
H/1.1 200
OK 113613d6a857327741.ico
f1.howzhi.com/system/2016/03-31/ 1 KB
1 KB 1426ms
236ms Image
image/x-icon 223.4.26.84
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f1.howzhi.com/system/2016/03-31/113613d6a857327741.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 223.4.26.84 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1866f41632b52c440e5f7134ad58c4a2368d182d06d0d8f34d0712365142af1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:24:02 GMT
Last-Modified: Thu, 31 Mar 2016 03:36:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "56fc9b2d-47e"
Content-Type: image/x-icon
Cache-Control: max-age=94608000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1150
Expires: Sat, 18 Jul 2026 11:24:02 GMT

GET
H2 403 32a8dd2a-b9aa-4ec9-abd5-66cd8751befb.png
edu-image.nosdn.127.net/ 0
0 1572ms
261ms Image
text/html 2404:2280:12e:0:3::3fc
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edu-image.nosdn.127.net/32a8dd2a-b9aa-4ec9-abd5-66cd8751befb.png?imageView&quality=100
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2404:2280:12e:0:3::3fc , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H/1.1 200
OK favicon.ico
www.imooc.com/ 12 KB
12 KB 1182ms
225ms Image
image/x-icon 117.121.101.40
CHINA169-BJ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imooc.com/favicon.ico

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

117.121.101.40 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),

Reverse DNS

Software

openresty /

Resource Hash

f461c991a73847d5dbda0ebf8fe014ae33e986b97f8b8c8db653a99e7f8e2f06

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://.open.com.cn,http://.imooc.com,https://*.imooc.com

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 11:24:02 GMT
Via: 1.1 varnish (Varnish/6.0)
Last-Modified: Wed, 16 Jan 2019 08:41:21 GMT
Server: openresty
Age: 876031
ETag: "5c3eee31-2f56"
X-Frame-Options: ALLOW-FROM https://*.open.com.cn,http://*.imooc.com,https://*.imooc.com
X-Cache: HIT from CS43
Content-Type: image/x-icon
X-Varnish: 863032009 784418520
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12118
Expires: Tue, 08 Aug 2023 08:03:31 GMT

GET
H2 200 favicon.ico
www.doyoudo.com/ 2 KB
2 KB 3435ms
900ms Image
image/vnd.microsoft.icon 240e:e9:d804:0:3::3fd
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.doyoudo.com/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:e9:d804:0:3::3fd , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ef3964c131c2ed2496d53ac0af2f029f350e83c5ed28c7713fa7990429459c9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 10:39:21 GMT
via: cache55.l2cn3036[69,68,304-0,M], cache4.l2cn3036[70,0], kunlun10.cn192[0,0,200-0,H], kunlun2.cn192[1,0]
x-oss-request-id: 64B7BD5943844E3336A5FDB9
content-md5: t18iULla+21gb4GmmpD3YA==
age: 2684
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:11:826842611
x-oss-cdn-auth: success
x-swift-savetime: Wed, 19 Jul 2023 10:39:21 GMT
content-length: 1784
x-oss-object-type: Normal
last-modified: Thu, 16 Jun 2022 04:19:37 GMT
server: Tengine
etag: "B75F2250B95AFB6D606F81A69A90F760"
ali-swift-global-savetime: 1689763161
content-type: image/vnd.microsoft.icon
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17243823581596959601
eagleid: 3adad01616897658453861525e
x-oss-server-time: 32

GET
H2 200 favicon.ico
study.163.com/ 1 KB
1 KB 2316ms
245ms Image
image/x-icon 115.238.119.98
CT-HANGZHOU-IDC N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://study.163.com/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.238.119.98 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software: nginx /
Resource Hash: 31e6c87389623d92ca9a6811fc212b0af61f8ce8099a8819b5683bea278a4a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:04 GMT
last-modified: Tue, 18 Jul 2023 01:43:12 GMT
server: nginx
content-type: image/x-icon
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1150
expires: Wed, 26 Jul 2023 11:24:04 GMT

GET
H2 200 favicon.ico
huke88.com/ 3 KB
3 KB 764ms
236ms Image
image/x-icon 101.132.91.205
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://huke88.com/favicon.ico
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.132.91.205 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 6442ace6cb6ad1260653c82fe111c6a05f19be113239a3e08bdf2752390e32f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:03 GMT
last-modified: Fri, 25 Sep 2020 04:21:10 GMT
server: nginx
accept-ranges: bytes
etag: "5f6d7036-ba2"
content-length: 2978
content-type: image/x-icon

GET
H2 200 iconfont.woff2
91btdh.net/zb_users/theme/hnysweb/style/iconfont/ 39 KB
40 KB 398ms
397ms Font
font/woff2 45.78.28.107
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://91btdh.net/zb_users/theme/hnysweb/style/iconfont/iconfont.woff2

Requested by

Host: 91btdh.net
URL: https://91btdh.net/zb_users/theme/hnysweb/style/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA),

Reverse DNS

45.78.28.107.16clouds.com

Software

nginx /

Resource Hash

29449c53f2d0046c97d703b1aed7c86e637989322c75f6cde5dd3bb761c9edf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://91btdh.net/zb_users/theme/hnysweb/style/index.css
Origin: https://91btdh.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:58 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Jul 2023 03:27:40 GMT
server: nginx
etag: "64ae1dac-9d54"
content-type: font/woff2
accept-ranges: bytes
content-length: 40276

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ 154 KB
52 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0de79f6d0c6cd1a6bcb9159c1277ee8ab94bdada2c3ee6deedf27642b44103b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53467
x-xss-protection: 0
server: cafe
etag: 12858093744473061889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:23:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=91btdh.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FEA 118 KB
40 KB 602ms
601ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9644050e1df2b56d516c76cbc7fd9d3d638c1d4a412de82212074c738023444e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40843
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:24:00 GMT
expires: Wed, 19 Jul 2023 11:24:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6786 114 KB
40 KB 513ms
513ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3663128792&adf=3143537669&pi=t.aa~a.8507044~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280&nras=3&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=JZbsnSF5Cy&p=https%3A//91btdh.net&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29ba832a32ee0ec6e4247c52cd4a75ba297b62bc4b6162db82aef00749fabed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40548
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:23:59 GMT
expires: Wed, 19 Jul 2023 11:23:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 300B 120 KB
41 KB 669ms
669ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e21e59ae9b5bf051f93e117d7a9c7ed9f703fe1ea8a504d6d53806f87bd9a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41545
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:24:00 GMT
expires: Wed, 19 Jul 2023 11:24:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47F1 116 KB
40 KB 522ms
522ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3627612126&pi=t.aa~a.8506029~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=1&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280%2C980x280&nras=5&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2755&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=JRHOPLUPzf&p=https%3A//91btdh.net&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8a05303e3ef4a5e37e5a1d0ad9680768ea50d8ce782f9186db5e7fee24b40f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40682
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:23:59 GMT
expires: Wed, 19 Jul 2023 11:23:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=91btdh.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/ Frame 1A85 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91btdh.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:32:24 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 21:32:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1A85 4 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 11:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 10:51:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 11:23:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A85 205 B
651 B 35ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 09:18:57 GMT
x-content-type-options: nosniff
age: 439502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Jul 2024 09:18:57 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A85 604 B
695 B 36ms
8ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 07:56:08 GMT
x-content-type-options: nosniff
age: 98871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Jul 2024 07:56:08 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 1A85 14 KB
7 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d7405fc94e171d45658f9a25ebf09530ca7622d23a3f7623d15c3a1bd009f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6325
x-xss-protection: 0
server: cafe
etag: 8771891585566167871
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:25:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 1A85 20 KB
9 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8597
x-xss-protection: 0
server: cafe
etag: 17435004113268094812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:19:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4DBA 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 11:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 11:13:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 11:23:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 4DBA 2 KB
973 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 4DBA 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 4DBA 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 09:28:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 4DBA 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DBA 179 KB
57 KB 493ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H2 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 4DBA 33 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 bd9dfbb5914ff58f8f53260c6898e03c.js Show response
www.gstatic.com/mysidia/ Frame 6786 9 KB
4 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bd9dfbb5914ff58f8f53260c6898e03c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3663128792&adf=3143537669&pi=t.aa~a.8507044~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280&nras=3&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=JZbsnSF5Cy&p=https%3A//91btdh.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b4b8a7c7f8c6f3c35d50274738abf52351ddd9561b006002d80e6a48a7305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3957
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:38 GMT

GET
H3 200 be1c55307d155d15842552e1d6ad8a78.js Show response
www.gstatic.com/mysidia/ Frame 6786 10 KB
4 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/be1c55307d155d15842552e1d6ad8a78.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42497b8e4a8a73413b2216469321d125916e92b088a4542339bbb3ec17722ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4199
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:25:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6786 7 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 09:36:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6786 2 KB
892 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 6786 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6786 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 09:28:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6786 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6786 0
0 17ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNHYK1UwHdjpkrRqgWVjXqRkK2LcH96E3UeZrG5y7qIMm7cbITtwjRZm5PQooM5Q_ZpVBbPcgwaBz123TTjny6rUVauw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3663128792&adf=3143537669&pi=t.aa~a.8507044~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280&nras=3&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=JZbsnSF5Cy&p=https%3A//91btdh.net&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6786 179 KB
56 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 6786 33 KB
14 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 47F1 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3627612126&pi=t.aa~a.8506029~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=1&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280%2C980x280&nras=5&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2755&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=JRHOPLUPzf&p=https%3A//91btdh.net&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 09:41:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 47F1 2 KB
892 B 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 47F1 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 47F1 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 09:28:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 47F1 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 47F1 0
0 39ms
16ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYUs5-NMzpKnA5qNteXwS6aojZGjz7qejI_elx3VGD9Ciacrvx9HxrFPSGVFfS0sTZ30ECZVPT7qi5yq5v6yWM5iptuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3627612126&pi=t.aa~a.8506029~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=1&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280%2C980x280&nras=5&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2755&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=JRHOPLUPzf&p=https%3A//91btdh.net&dtd=23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47F1 179 KB
56 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 47F1 33 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B4E1 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 332ms
331ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1868875402&si=cc89cb642da27ec01f796f483d41558b&v=1.3.0&lv=1&sn=11400&r=0&ww=1600&u=https%3A%2F%2F91btdh.net%2F&tt=91BT-%E7%A3%81%E5%8A%9B%E5%BC%95%E6%93%8E%E5%A4%A9%E5%A0%82-%E5%A5%BD%E7%94%A8%E7%9A%84%E8%B5%84%E6%BA%90%E5%AF%BC%E8%88%AA%E7%BD%91%E7%AB%99

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://91btdh.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 11:24:03 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 css
fonts.googleapis.com/ Frame 4FEA 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 10:01:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 4FEA 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 4FEA 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 09:28:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 4FEA 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4FEA 0
0 16ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXIwSl9p3jhPmwcjqnjDRBGxliQRleLVAGDfAbmYnisXvqHxiTBxy1TAAGmz4WhRBywsptNYlWy_35r0bM4_BJDTCyEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FEA 179 KB
56 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 4FEA 33 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5467730046441975227/ Frame 47F1 70 KB
70 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5467730046441975227/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8ab68e772cafae5935d79c407e2c29f3337b51b758cc6aabaf6b649d2c0454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 03:36:58 GMT
x-content-type-options: nosniff
age: 287222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71697
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 15:39:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jul 2024 03:36:58 GMT

GET
DATA 200
OK truncated
/ Frame 47F1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 47F1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9EC7 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7971059754194586894/ Frame 4FEA 26 KB
26 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7971059754194586894/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ece052d1c624a80fd1c620a4d06d5a05b747bdc09f12a5f9767ebad212a17fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 14:52:27 GMT
x-content-type-options: nosniff
age: 419493
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26415
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:25:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 14:52:27 GMT

GET
DATA 200
OK truncated
/ Frame 4FEA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4FEA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4FEA 33 KB
34 KB 56ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 58483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD6C 143 B
166 B 9ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3663128792&adf=3143537669&pi=t.aa~a.8507044~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280&nras=3&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=JZbsnSF5Cy&p=https%3A//91btdh.net&dtd=17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A68 1 KB
643 B 10ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6786 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94f6b2b27098403fe998a235b10dc80dfa979f837dd7b448616f98787b96de63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 47F1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b37be904823b864cb1da1a6af2e6f24d3c6b6c905fd135c67964b27732bb72c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B4E1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGAwU3Gv4_fLNST_mabvHoE&google_cver=1&google_push=AaAOQGHdyOj7VxuZRIy8yg6Vki76zpW1TrprTGsbxSM2SCZDEWU4s1klaBFPHiXrR1vBNgnTad9yydF0GbHYMimtdlSnz-6X0rWPtC84
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM2MTc2OTExOTYzNjUxNTU1Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1

43 B
398 B

63ms
20ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4E1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO6mUldA3MSFhnArywIBJxs&google_cver=1&google_push=AaAOQGH3cHLi8g6DKgmX0PZzLaftWhMsjBwJXlXO5uX7jSIlvxSIBumSc1SHxXCWf5l4mnGlDTr7HstswNVs_RtA...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH3cHLi8g6DKgmX0PZzLaftWhMsjBwJXlXO5uX7jSIlvxSIBumSc1SHxXCWf5l4mnGlDTr7HstswNVs_RtAjgXPZBcin7h99nFB

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH3cHLi8g6DKgmX0PZzLaftWhMsjBwJXlXO5uX7jSIlvxSIBumSc1SHxXCWf5l4mnGlDTr7HstswNVs_RtAjgXPZBcin7h99nFB

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 19 Jul 2023 11:24:00 GMT
Server: MT3 1031 59fd23a master pao pao-pixel-x25 config_version:"386"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH3cHLi8g6DKgmX0PZzLaftWhMsjBwJXlXO5uX7jSIlvxSIBumSc1SHxXCWf5l4mnGlDTr7HstswNVs_RtAjgXPZBcin7h99nFB
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 19 Jul 2023 11:23:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4E1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE95i_l8nhYeAtyjqbGPPx0&google_push=AaAOQGHO0ZRrbDv1972dmG6QIstQyIw_XJMWm7jEKdMwm28jc3GS197xlS...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE95i_l8nhYeAtyjqbGPPx0&google_push=AaAOQGHO0ZRrbDv1972dmG6QIstQyIw_XJMWm7jEKdMwm28jc3GS197xlSuxihLopdRaiPJIijP5YFDkPG7XCohVhACTkZzRlus5910

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230031-FRA
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1689765840.199710,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE95i_l8nhYeAtyjqbGPPx0&google_push=AaAOQGHO0ZRrbDv1972dmG6QIstQyIw_XJMWm7jEKdMwm28jc3GS197xlSuxihLopdRaiPJIijP5YFDkPG7XCohVhACTkZzRlus5910
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4E1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELNKehFOifyyMBRIifsGuCU&google_cver=1&google_push=AaAOQGEPxTSVI3QonKiN2EdTkV1_c1cvHrDKkgITAZOVVheVmKjO5nzproH81loJkES1E_Tqm8iKA8I8hP-jLgieftZt0HfvxtXNzkFa
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGEPxTSVI3QonKiN2EdTkV1_c1cvHrDKkgITAZOVVheVmKjO5nzproH81loJkES1E_Tqm8iKA8I8hP-jLgi...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGEPxTSVI3QonKiN2EdTkV1_c1cvHrDKkgITAZOVVheVmKjO5nzproH81loJkES1E_Tqm8iKA8I8hP-jLgieftZt0HfvxtXNzkFa

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGEPxTSVI3QonKiN2EdTkV1_c1cvHrDKkgITAZOVVheVmKjO5nzproH81loJkES1E_Tqm8iKA8I8hP-jLgieftZt0HfvxtXNzkFa
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 18 Jul 2023 11:24:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B4E1 43 B
363 B 47ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESECwM-DDNOy59CDFUb23kz0w&google_cver=1&google_push=AaAOQGFuHPQ427gFV4dDamql84Zj2KQLbqHzBnfnN2TqLH-TKqNENR0NrQX5z02YjrEXl1edZjkPN-icVpD8-tTgvW_E2ViRo38HtuY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 206157
expires: Wed, 19 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4E1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPVSaJQFPJcD4QCfnDPDGU4&google_cver=1&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJYHopd...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPVSaJQFPJcD4QCfnDPDGU4&google_cver=1&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc0ODkyNzIxNjA2MjgyMjc1NA&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJYHo...

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc0ODkyNzIxNjA2MjgyMjc1NA&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJYHopd-SGor8OmQxD_8zHtmHt6Bm5V

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc0ODkyNzIxNjA2MjgyMjc1NA&google_push=AaAOQGHiAyFLAOdT1UPILeFbD8abJtUsA_xjiBUSeF5RRIa-9YN023Tmxl8jIrBefSHuZ0-vpBJYHopd-SGor8OmQxD_8zHtmHt6Bm5V
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4E1
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPiAwLpJ-QawfoRUaqg7Ap8&google_cver=1&google_push=AaAOQGFSmdJIEiVzRtAVJqdPSppsZXcNXNf55Xd34kQlGyu1xGO3SvcX6fAnW7EcjA...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFSmdJIEiVzRtAVJqdPSppsZXcNXNf55Xd34kQlGyu1xGO3SvcX6fAnW7EcjAKckJcvW9dmWnuaOmjybxGQ1tctTHZkx6C74MO2&google_hm...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFSmdJIEiVzRtAVJqdPSppsZXcNXNf55Xd34kQlGyu1xGO3SvcX6fAnW7EcjAKckJcvW9dmWnuaOmjybxGQ1tctTHZkx6C74MO2&google_hm=tWL1YRe3R4S1OH7pl7NaiSY

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:23:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFSmdJIEiVzRtAVJqdPSppsZXcNXNf55Xd34kQlGyu1xGO3SvcX6fAnW7EcjAKckJcvW9dmWnuaOmjybxGQ1tctTHZkx6C74MO2&google_hm=tWL1YRe3R4S1OH7pl7NaiSY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B4E1 0
130 B 67ms
17ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JW8Ak-9k_wsmZewJmvKQcLyjY_mbDKMw8p7kJrtUpzSpaOA-yZMAPBREmv19pUdVO31x0EsA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 300B 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 300B 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 300B 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Aug 2023 09:28:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 300B 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 300B 0
0 16ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbCoPEsxi8IRqknsoCA6jK8iwHZhB3K6yjEIxunjqHvv8wuTau4QWNUwRvwt0O2H6sxzxhL9JV3V1xiIs6QXcY5CeqYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 300B 179 KB
56 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 11:24:00 GMT

GET
H3 200 db0cdd5d6449829815370f69ba3f47bd.js Show response
www.gstatic.com/mysidia/ Frame 300B 33 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 17:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14165
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 17:15:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 17:24:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 31FF 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 13:46:59 GMT
etag: 48472445140208031
expires: Wed, 19 Jul 2023 13:46:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9EC7
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJApDRQTZ8prQIa-SY2VQz0&google_cver=1&google_push=AaAOQGF2GTLEg-9Wu6fIJAj2yOHK_xFkUWzFHuS-pOok1ZRXGZCOyWka53XMI_N_vx4Ari48KZjYPSFCZv3ol6ZVtr7hkL8rhxmGUQs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQzMzgyNjcxMzY3NDQ0MzQ5Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1

43 B
398 B

55ms
20ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9EC7 35 B
463 B 36ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG8wz-cMY6_9nNt7dHbVvlA&google_cver=1&google_push=AaAOQGGgLiu5BwPk9_23OLcIQux3BbX-KTHr1wOsWBgYatDUyjfq_a2RF1Lu69ybJwx6H7RBKCh2rqZas2tdgf1-bViZhQDGc58palc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EC7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEkW9nsYiO1czOUt-BcAFb4&google_cver=1&google_push=AaAOQGGIyK_oEnObADqZK8C-3VDgRDhVmfDs--y4_oLDbHosV4jmYnt4AS4P8vGGYULpk8dZgobmlKpBmRRx7gSZFkiAnAHUZlWljg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGGIyK_oEnObADqZK8C-3VDgRDhVmfDs--y4_oLDbHosV4jmYnt4AS4P8vGGYULpk8dZgobmlKpBmRRx7gS...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGGIyK_oEnObADqZK8C-3VDgRDhVmfDs--y4_oLDbHosV4jmYnt4AS4P8vGGYULpk8dZgobmlKpBmRRx7gSZFkiAnAHUZlWljg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGGIyK_oEnObADqZK8C-3VDgRDhVmfDs--y4_oLDbHosV4jmYnt4AS4P8vGGYULpk8dZgobmlKpBmRRx7gSZFkiAnAHUZlWljg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 18 Jul 2023 11:24:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9EC7 70 B
264 B 215ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELacrgGgQ8ucMJMw78-sMJM&google_cver=1&google_push=AaAOQGFt3O8dkGJQVTRR5EqZoq9mdEAZwYfrpaaf5avwwtY-ktMDv1kNJ9FZi_yroIFb8hd9QMapl1AMqWh50ug672SPEILjALgnMzo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 9EC7 43 B
362 B 16ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESEI6KaMqbA6WiP8MNRNPcThY&google_cver=1&google_push=AaAOQGH8rW5DGALLP2SBlNTBCbrFreOwAg26pujQ3SybWEiVxevqbQCuChz-sHt3o-Dh268C_lfFgA2asYkilqrWoAJNQp9tqbOCZ4s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 225704
expires: Wed, 19 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EC7
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPNW6GEHH3KpWlBC1kk-Jbo&google_cver=1&google_push=AaAOQGH9rBMxuhlULW6HZ2CyzO-OdhvMESiwcVQKS4U62dlEFn9POeDg4P9g4WB2TJsvrALD7jHg1gJwZcKA...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH9rBMxuhlULW6HZ2CyzO-OdhvMESiwcVQKS4U62dlEFn9POeDg4P9g4WB2TJsvrALD7jHg1gJwZcKAMMvN8kjYplyuiYY2S9k

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH9rBMxuhlULW6HZ2CyzO-OdhvMESiwcVQKS4U62dlEFn9POeDg4P9g4WB2TJsvrALD7jHg1gJwZcKAMMvN8kjYplyuiYY2S9k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGH9rBMxuhlULW6HZ2CyzO-OdhvMESiwcVQKS4U62dlEFn9POeDg4P9g4WB2TJsvrALD7jHg1gJwZcKAMMvN8kjYplyuiYY2S9k
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EC7
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEFUIkYnHARIJDbPxJIZLSGU&google_cver=1&google_push=AaAOQGFHETB4bsRAyW1thR4xGkLObyxKaUBLGALaD8fjHY93sLo7s131JBl3uHaUXw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFHETB4bsRAyW1thR4xGkLObyxKaUBLGALaD8fjHY93sLo7s131JBl3uHaUXwM07l4vtyb9Rdob69tcJ0GRkK_Xac83cgndiK_8&google_hm...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFHETB4bsRAyW1thR4xGkLObyxKaUBLGALaD8fjHY93sLo7s131JBl3uHaUXwM07l4vtyb9Rdob69tcJ0GRkK_Xac83cgndiK_8&google_hm=tWL1YRe3R4S1OH7pl7NaiSY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:23:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGFHETB4bsRAyW1thR4xGkLObyxKaUBLGALaD8fjHY93sLo7s131JBl3uHaUXwM07l4vtyb9Rdob69tcJ0GRkK_Xac83cgndiK_8&google_hm=tWL1YRe3R4S1OH7pl7NaiSY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9EC7 0
40 B 20ms
17ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Irgb-JNQiiMlwYmsS3QxAOLt3yZjAvZ8kbceaTXqgzaS89PEzP6YWMUI0FXB0W0uIr-qBf-g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3060 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 09:28:13 GMT

GET
DATA 200
OK truncated
/ Frame 4FEA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c604b9a6a55d19ae4c9dc399a856f896c27016e98e2bbdd25b506fff432a309d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/534906151595395083/ Frame 300B 29 KB
29 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/534906151595395083/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ad7dad7bb7a21000ab8d434d5dd1bac32c0095395fae98b7d2abb39fe9ec80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:32:19 GMT
x-content-type-options: nosniff
age: 64301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29713
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:39:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 17:32:19 GMT

GET
DATA 200
OK truncated
/ Frame 300B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 300B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 300B 33 KB
33 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 58483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5A68
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAQeLXMIusBFcQZQG_8IKo0&google_cver=1&google_push=AaAOQGFOT9VbwKX_mjAIev7O-Cr7UgsjqKPOzj56un3H0pe5mxOtDhVpZV5cd2bSvL05F942NqSiNwPRu9tRBjFZJiY-MRUBOokDDGw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUwNTg4NDMwNzcxMjM3MTQyOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1

43 B
398 B

55ms
21ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGxoRXqS9GEfDhEjwNQeUx8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFh4EELkdzPJcvnCCnAg0hA&google_push=AaAOQGGDFuDaFTotPhTdZ8g5tbcT8hdXcc4G8s-fzmDA1C7tGF0Cbgxao_...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFh4EELkdzPJcvnCCnAg0hA&google_push=AaAOQGGDFuDaFTotPhTdZ8g5tbcT8hdXcc4G8s-fzmDA1C7tGF0Cbgxao_gnH0xQi4il872JLdVCK_f6s6IplyWwhJgBZ26RaW2i9A

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230031-FRA
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1689765840.284896,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFh4EELkdzPJcvnCCnAg0hA&google_push=AaAOQGGDFuDaFTotPhTdZ8g5tbcT8hdXcc4G8s-fzmDA1C7tGF0Cbgxao_gnH0xQi4il872JLdVCK_f6s6IplyWwhJgBZ26RaW2i9A
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMYEtnx0BljM_Q6d6PURZQ0&google_cver=1&google_push=AaAOQGFsryS_fB1Cwz-uP7-wAX1C8bFEJyRrHrj1nyewScZBPaODJfvqvElvwlUlQFYpaUbpPPoLtTj0ecsAY2c3T6FYTcPBsP5IIA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGFsryS_fB1Cwz-uP7-wAX1C8bFEJyRrHrj1nyewScZBPaODJfvqvElvwlUlQFYpaUbpPPoLtTj0ecsAY2c...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGFsryS_fB1Cwz-uP7-wAX1C8bFEJyRrHrj1nyewScZBPaODJfvqvElvwlUlQFYpaUbpPPoLtTj0ecsAY2c3T6FYTcPBsP5IIA

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26ADBA9E68F48B1BBA301F0F8F53306&google_push=AaAOQGFsryS_fB1Cwz-uP7-wAX1C8bFEJyRrHrj1nyewScZBPaODJfvqvElvwlUlQFYpaUbpPPoLtTj0ecsAY2c3T6FYTcPBsP5IIA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 18 Jul 2023 11:24:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBh1IYQ3yDgS_FXLwtT6jjA&google_cver=1&google_push=AaAOQGEsdoYfRY7FYeJO7yxa9ThNlE85RgqEy4oNrJcz2P54-APTEoOYi2kjwChNlxfh69IA9dhaPsZMRm_FaF7PRzmoKtM...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEsdoYfRY7FYeJO7yxa9ThNlE85RgqEy4oNrJcz2P54-APTEoOYi2kjwChNlxfh69IA9dhaPsZMRm_FaF7PRzmoKtMKD6zDR5s&google_hm=eS12bElJZGJGRTJwRlJ...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEsdoYfRY7FYeJO7yxa9ThNlE85RgqEy4oNrJcz2P54-APTEoOYi2kjwChNlxfh69IA9dhaPsZMRm_FaF7PRzmoKtMKD6zDR5s&google_hm=eS12bElJZGJGRTJwRlJqdFZDdVZ2VXRfOTVKbHFITjFzOX5B

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEsdoYfRY7FYeJO7yxa9ThNlE85RgqEy4oNrJcz2P54-APTEoOYi2kjwChNlxfh69IA9dhaPsZMRm_FaF7PRzmoKtMKD6zDR5s&google_hm=eS12bElJZGJGRTJwRlJqdFZDdVZ2VXRfOTVKbHFITjFzOX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKz4rFtOjQeNCn4Gpos29t8&google_cver=1&google_push=AaAOQGF_wEQc6L7YCBbLzxEhpbmcDlhHBz8atQs9syE-bBMt4yB7Xe27ua4AbVu-oHJXnEgvFo0eLO3d...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGF_wEQc6L7YCBbLzxEhpbmcDlhHBz8atQs9syE-bBMt4yB7Xe27ua4AbVu-oHJXnEgvFo0eLO...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGF_wEQc6L7YCBbLzxEhpbmcDlhHBz8atQs9syE-bBMt4yB7Xe27ua4AbVu-oHJXnEgvFo0eLO3dyZRZoc5NU-riTBarBIMteQ

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGF_wEQc6L7YCBbLzxEhpbmcDlhHBz8atQs9syE-bBMt4yB7Xe27ua4AbVu-oHJXnEgvFo0eLO3dyZRZoc5NU-riTBarBIMteQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESENLgnNk2Sh3MhXiKLHU8OiA&google_cver=1&google_push=AaAOQGHjYR8I5O4heg5mFPiu-X5816F24cVOC9APfJN_ske51cscxwnzFq9cYo1X5Q...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHjYR8I5O4heg5mFPiu-X5816F24cVOC9APfJN_ske51cscxwnzFq9cYo1X5Q_RlewRtekNg_JQaIZA6oQWLZawoDKwoIPcK6M&google_hm=...

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHjYR8I5O4heg5mFPiu-X5816F24cVOC9APfJN_ske51cscxwnzFq9cYo1X5Q_RlewRtekNg_JQaIZA6oQWLZawoDKwoIPcK6M&google_hm=tWL1YRe3R4S1OH7pl7NaiSY

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:23:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGHjYR8I5O4heg5mFPiu-X5816F24cVOC9APfJN_ske51cscxwnzFq9cYo1X5Q_RlewRtekNg_JQaIZA6oQWLZawoDKwoIPcK6M&google_hm=tWL1YRe3R4S1OH7pl7NaiSY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 5A68
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAwcEBNFpe9v...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGHBruNLsCHwbobwzdhKBhKnSup9ScRjGunekuPWhJvI2SCjlrSelitN-D5sCBL7SfYvhPChsWcRsjW9x47PfDjJiyO1FVIAt3s
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

43ms
43ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3663128792&adf=3143537669&pi=t.aa~a.8507044~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280&nras=3&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=JZbsnSF5Cy&p=https%3A//91btdh.net&dtd=17
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Wed, 19 Jul 2023 11:24:00 GMT
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A68 0
12 B 18ms
16ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IdCoJ7mWFte62RAk_T5PkdUeEtt_HheUE3F79EQLgKvZruUUQ47XchG2e4RYoiYqfDoP70vYY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD6C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:24:00 GMT
expires: Wed, 19 Jul 2023 11:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 11:24:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6786 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:35:47 GMT
x-content-type-options: nosniff
age: 492493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 18:35:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31FF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWVSeURqdVkxUW01aEs1&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&google_cver=1&google_push=AaAOQGGzZuq7s2D5Z70Ui32ZDBC6MiKUFnBJcEd3uSI4IDM...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWVSeURqdVkxUW01aEs1&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&google_cver=1&google_push=AaAOQGGzZuq7s2D5Z70Ui32ZDBC6MiKUFnBJcEd3uSI4IDM37GcpuENo_1P162ovNYlDhuCKTssFwtqiwFpTQ_T8qHwL-x5magacgvonERtuQ9_93l7937aPVvmSpxAP-6MOedReggoxURo3eLa74w5uxgdq0Q

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 11:24:00 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-039373edd24dbbb61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MWVSeURqdVkxUW01aEs1&google_gid=CAESEO2ybYV0MxG80lJPrW_55f4&google_cver=1&google_push=AaAOQGGzZuq7s2D5Z70Ui32ZDBC6MiKUFnBJcEd3uSI4IDM37GcpuENo_1P162ovNYlDhuCKTssFwtqiwFpTQ_T8qHwL-x5magacgvonERtuQ9_93l7937aPVvmSpxAP-6MOedReggoxURo3eLa74w5uxgdq0Q
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31FF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOnPL2y2b5zXFPFJF-rOwsA&google_cver=1&google_push=AaAOQGH0f-vi3-t7IPmPraQiWhmjUa6Kp6srgt_DtNdq8INiKSAxZUGTa0CYf7dQ9zA-e2xJuffozj8Nc9VIS0c7...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH0f-vi3-t7IPmPraQiWhmjUa6Kp6srgt_DtNdq8INiKSAxZUGTa0CYf7dQ9zA-e2xJuffozj8Nc9VIS0c7laIeNwpbAvw4w3BZF7rstKMrcY4_SH...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH0f-vi3-t7IPmPraQiWhmjUa6Kp6srgt_DtNdq8INiKSAxZUGTa0CYf7dQ9zA-e2xJuffozj8Nc9VIS0c7laIeNwpbAvw4w3BZF7rstKMrcY4_SHJGj4kkLy7l2HjhCCn_ko0IKLLGD3NRPWrSzJXCtOk

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 19 Jul 2023 11:24:00 GMT
Server: MT3 1031 59fd23a master pao pao-pixel-x18 config_version:"386"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGH0f-vi3-t7IPmPraQiWhmjUa6Kp6srgt_DtNdq8INiKSAxZUGTa0CYf7dQ9zA-e2xJuffozj8Nc9VIS0c7laIeNwpbAvw4w3BZF7rstKMrcY4_SHJGj4kkLy7l2HjhCCn_ko0IKLLGD3NRPWrSzJXCtOk
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 19 Jul 2023 11:23:59 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 31FF 70 B
265 B 103ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELQkjKspQKTEC8Iz1NEIzZU&google_cver=1&google_push=AaAOQGEOSka-UQ0JgbNq1gwx9v8-FjzVvkZp7pEi7qTpJdmfIzw3Ci_YmzFcX7pTIzq8oQ2u0-buwIzNrFxx6y332JkB8tErv8gyiX40vJAYwX8lhstA7eS8-8ZY-Qlnd2-SFti1lBxeif-U7JOscpeoQQ4WSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31FF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMI9l2bckvHwowKeiR_vOa8&google_cver=1&google_push=AaAOQGEm-kHzgiby0a0UlqpDm8kXMhKb0FwYxo2Pevw6rYIZfr9RKbjIRNvHp4mwmzSanxgXoEGLz3f03Plwd-dv308kjFW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEm-kHzgiby0a0UlqpDm8kXMhKb0FwYxo2Pevw6rYIZfr9RKbjIRNvHp4mwmzSanxgXoEGLz3f03Plwd-dv308kjFWjeJvZhUhq1CYEdwJy5tYeK80r_INQcxBoV0nia...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEm-kHzgiby0a0UlqpDm8kXMhKb0FwYxo2Pevw6rYIZfr9RKbjIRNvHp4mwmzSanxgXoEGLz3f03Plwd-dv308kjFWjeJvZhUhq1CYEdwJy5tYeK80r_INQcxBoV0niaD1e5C9wMoGE7k_fk0Dd7ovA4xw&google_hm=eS1pdDR6c3JsRTJwR2Y5cmJLZDRUQmtxT0ROVmZMZ3V0VH5B

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEm-kHzgiby0a0UlqpDm8kXMhKb0FwYxo2Pevw6rYIZfr9RKbjIRNvHp4mwmzSanxgXoEGLz3f03Plwd-dv308kjFWjeJvZhUhq1CYEdwJy5tYeK80r_INQcxBoV0niaD1e5C9wMoGE7k_fk0Dd7ovA4xw&google_hm=eS1pdDR6c3JsRTJwR2Y5cmJLZDRUQmtxT0ROVmZMZ3V0VH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31FF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYYt7G8mljQMMz7zcM-foI&google_cver=1&google_push=AaAOQGEXnHSL1tGXZ_-xPUsEP4H8kwxg2m75NzZj8b_gS-i4zAZsrGIAHsmNEqk_fTNhN0owzxu9A640...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGEXnHSL1tGXZ_-xPUsEP4H8kwxg2m75NzZj8b_gS-i4zAZsrGIAHsmNEqk_fTNhN0owzxu9A6...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGEXnHSL1tGXZ_-xPUsEP4H8kwxg2m75NzZj8b_gS-i4zAZsrGIAHsmNEqk_fTNhN0owzxu9A640UKTJwiFO6kPmwdjgiDFBifOV2Qt0s4JsPDU1mkcwmLe1T6Ay3ZYz4Cq2Uk4mLlp7V7n0K3Cjv6pD2yc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGEXnHSL1tGXZ_-xPUsEP4H8kwxg2m75NzZj8b_gS-i4zAZsrGIAHsmNEqk_fTNhN0owzxu9A640UKTJwiFO6kPmwdjgiDFBifOV2Qt0s4JsPDU1mkcwmLe1T6Ay3ZYz4Cq2Uk4mLlp7V7n0K3Cjv6pD2yc
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31FF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYYt7G8mljQMMz7zcM-foI&google_cver=1&google_push=AaAOQGHSzOY3aE3tHgoPXvoQ0UYjDwow1smWmSldaypveeZW2bCDtdIvCNnr2bsdsEJUgQ76S-NBHX6y...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGHSzOY3aE3tHgoPXvoQ0UYjDwow1smWmSldaypveeZW2bCDtdIvCNnr2bsdsEJUgQ76S-NBHX...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGHSzOY3aE3tHgoPXvoQ0UYjDwow1smWmSldaypveeZW2bCDtdIvCNnr2bsdsEJUgQ76S-NBHX6yrCpg8pozn1jKdzAZNsP7ZIzJRpD-cba8s-Ie6HjZf_8rT9QjQphh_o9POjAvpIuCOYvDiSEb1SvdTds

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjEwNTQzMDUyMTAzMzY3NDcyOQ&google_push=AaAOQGHSzOY3aE3tHgoPXvoQ0UYjDwow1smWmSldaypveeZW2bCDtdIvCNnr2bsdsEJUgQ76S-NBHX6yrCpg8pozn1jKdzAZNsP7ZIzJRpD-cba8s-Ie6HjZf_8rT9QjQphh_o9POjAvpIuCOYvDiSEb1SvdTds
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 31FF
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHuO9uRS28XO...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFRKiqqXSaIVVZVfCycAuKs4Uq2BJ5VNszyT9LB5EXWBLFIi-dVDtJF_FpMXVAwMi2gWLMb61gl8nyy9eSyeC8gBd4REX3pOETMzSOgn4HF6Jrbf...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

44ms
44ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 91btdh.net
URL: https://91btdh.net/
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires: Wed, 19 Jul 2023 11:24:00 GMT
pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 31FF 0
12 B 15ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lyc0BgNEPI1DKNjCiZTW_PK_DgLOtaYxm3yXf16MzMM0UO1umLhrIpxPP7n0EPHH92SaW4FQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 11:24:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 47F1 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 58483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47F1 0
19 B 70ms
69ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIqw5z8e3ZKinIZO6kwOZjpzwAsDg19ZxkLnF3uAR_-CivcABEAEg9JjvVmCVgoCAmAegAc_qu4wDyAEJqAMByAPLBKoEwwFP0MphRx3-3YpH4KK5ZpVMiZNGD-3G7Xq_Oye8MahB4AED1AtNjDYhhjCgX1psRaGhmqhQLdqofsbo26R06cFNvo6kdyfzLyZm_GOkiuKs8IHfQ2sXBeqcm4EL1nwD2fx4YekgRKbwCa-yy9JpDZUcdQx33RodFGzPlRKCOmFqvmhqnIDoc0tlBUH7KJR54IsyFo5tvBFc7DxIqxw1BofVGmbafLQ8fJF15NqwFEOOg0pNCdg-s8xLGtfBNCbjFGOCV2zABIScp4eyBJIFBAgEGAGSBQQIBRgEoAYugAfo48DdAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKnKBtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzQ4ODk4NzQwNDgyOTM2OBgA&sigh=7wVsbqTabHo&uach_m=[UACH]&cid=CAQSOwBpAlJWJk2dinErdAhYzE5ro7wfxpjDRwixofzTmZh4XH-SYfm2aDZqDXmP_6TfhfQWlqQ5RCxbKPSlGAE&template_id=5000&cbvp=2&vis=1

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3627612126&pi=t.aa~a.8506029~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=1&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280%2C980x280&nras=5&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=2755&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=JRHOPLUPzf&p=https%3A//91btdh.net&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 11:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4FEA 0
19 B 61ms
61ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB8Mtz8e3ZJjxIM205LcP2OyUmAHOxrPWbZ_Dhpv3EGQQASD0mO9WYJWCgICsB6AB4uvB2wPIAQmpAk7MbFfT1rI-qAMByAPLBKoEywFP0OszPHbi4w3VuQ1GYY3TSFCIt5Pv0UFTxY1hbLygCj6iHFnAuRA8QBi1vqGYWlowTry4gJqoGagad03UQi6FhIDGnHO5bebbWLQOp-KJ0nIibzHf_Z75s8ojYV2eboUSzxefC26CZGFgFZ43I-jz1DgEnwiQc9QfvPRXmmH_tXmEdtdZ0dhSgAEpA53d9T-3M7w3G6EHesRI8q5RoUA2QfCzpYP8Rx_6h_7vkitoj0z3nrNYCJMw7UGsI_k_8V2-f4yMSdOtWBEVS8AEwOXssaMEkgUECAQYAZIFBAgFGASgBi6AB4aUviSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCszgXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTM0ODg5ODc0MDQ4MjkzNjgYAA&sigh=VL9apS7MlG8&uach_m=[UACH]&cid=CAQSOwBpAlJWqlY7aiYAs4jDUQ7Xw_XY5wzo8HbJUTU-4XArPrIAh9BZL1S1un7KCOfe44P5opYhA7obDTP2GAE&template_id=5000&cbvp=2&vis=1

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 11:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame EB2E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 09:28:13 GMT

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F63 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=1998122432&pi=t.aa~a.8507044~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=2&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0&nras=2&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=IyAIZ5zHK6&p=https%3A//91btdh.net&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 09:28:13 GMT

GET
DATA 200
OK truncated
/ Frame 300B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50dcf1a363fb2f3bcf0601912623d11ff5dcb0a9eb35617f32702bd4c2f8164c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 300B 0
19 B 52ms
51ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqMv7z8e3ZM-XIZSO5LcPwbiz2A6Z3-zZb7Dh5o6lDK-BuuPXAhABIPSY71ZglYKAgKwHoAGumIqiAsgBCakCTsxsV9PWsj6oAwHIA8sEqgTcAU_QsypqhERqFETxUmpT7mn7GV0Xs03yujNLNiu0uXl6gcY6gnftCD7-ubun0HI-M8aOWoYHEYB7oMxDNVMBGWk1_qfNO9HSevrfyw5OclWmuJJQLKYK2fD5ykS0uUcqaOcHVTlW31ggVurbqMZXM5DEZFImMj5pzKTb_eEwVi6YiDYnSi-7YkoU4fDJ8B9b6zCzcLphlKZ9k8-Tikh7Z2vxy_95tCW5s8oOh5vXTZjmB96M59_szBBUPjxI9zgO6hwvB4-a8j4eA1nAYjCu3hzx9Xlb3iZ5pGM5a2fABJ6BxOv_ApIFBAgEGAGSBQQIBRgEoAYugAe65_XdAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEI560ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi0zNDg4OTg3NDA0ODI5MzY4GAA&sigh=9VxWhDGOZJE&uach_m=[UACH]&cid=CAQSOwBpAlJWoj_TBSkEskthowCmh7KF5tNChGVEOI3zRcGDADDoeNwPzMG3Og8TNudwbs1_b8Hy_WcoHuYVGAE&template_id=5000&cbvp=2&vis=1

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 11:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7612 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=2083184557&adf=3680554866&pi=t.aa~a.8503591~rp.4&daaos=1689705225254&w=980&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=980x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280%2C930x280&nras=4&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=G3uZSFkAHW&p=https%3A//91btdh.net&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 09:28:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6786 0
19 B 53ms
52ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cumhpz8e3ZL6nIf-E5LcPnLGskAijmpzYca6Py5DjEcCNtwEQASD0mO9WYJWCgICsB6AB8_Pl-SnIAQGpAtmimKS9zz4-qAMByAPDBKoE0QFP0KuXnKUb6t5wemOKDtC4KFadONVvFoUttFimRbJpEKFTnC1pGiysM7t7vMSk9rZN2DmRmFIKJhsDhWuFd-3jCFBYEEbtjmsx66R0_RyOF6DWjQ7pMeRKxFQFSvv60QgOilktn-UFM1HuWjOSWBKvjPsDn7A-iTFZjE54apRno-xnZsuQUMEfhDhPL9NbdveS4gt0H0Xx3vfSNcIYI4G_2yPNrJxTgKBCMakJyhSxCyj1Z1wcs7KB4utkHBQHj8kY7U4yuHGsGAA9yo56ocPEcMAE5PSi3bkEkgUECAQYAZIFBAgFGASgBmaAB_OrttkEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrr0G0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0zNDg4OTg3NDA0ODI5MzY4GAA&sigh=4RQK882ABWU&uach_m=[UACH]&cid=CAQSOwBpAlJWOS2nUsJpjyhiwbqp366yTt_9dvjc9CRGJ1xsZUlECP5jfEkc-vlnhEPND2fx3l5riYTj2bk5GAE&cbvp=2&vis=1

Requested by

Host: 91btdh.net
URL: https://91btdh.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3663128792&adf=3143537669&pi=t.aa~a.8507044~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765839&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765839427&bpp=1&bdt=2296&idt=-M&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c1d417b08440b67-2222ad2e30de00a7%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ&gpic=UID%3D00000c40049774ba%3AT%3D1689765838%3ART%3D1689765838%3AS%3DALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA&prev_fmts=0x0%2C980x280&nras=3&correlator=3142677362122&frm=20&pv=1&ga_vid=96518685.1689765838&ga_sid=1689765838&ga_hid=1985731244&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1651&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C44788442%2C44796479&oid=2&pvsid=3783192178229646&tmod=1251551755&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=JZbsnSF5Cy&p=https%3A//91btdh.net&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Jul 2023 11:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame BB1B 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jul 2024 09:28:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=469378

Domain: www.flvcd.com
URL: https://www.flvcd.com/flvcd_logo.jpg

Domain: www.google.cn
URL: https://www.google.cn/s2/favicons?domain=https://www.pullywood.com/ImageAssistant/

Domain: www.pcfreetime.com
URL: https://www.pcfreetime.com/favicon.ico

Domain: www.google.cn
URL: https://www.google.cn/s2/favicons?domain=http://www.koovin.com/

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
91btdh.net/	1970-01-20 22:58:45	Name: __51uvsct__JRsI9VPu8ppRkMfV Value: 1
91btdh.net/	1970-01-20 22:58:45	Name: __51vcke__JRsI9VPu8ppRkMfV Value: cbcb28b6-06f1-5873-9c12-95183e129867
91btdh.net/	1970-01-20 22:58:45	Name: __51vuft__JRsI9VPu8ppRkMfV Value: 1689765838263
91btdh.net/	1969-12-31 23:59:59	Name: __vtins__JRsI9VPu8ppRkMfV Value: %7B%22sid%22%3A%20%22973b374e-b6e6-5194-bccc-89f1366aa740%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2057%2C%20%22dr%22%3A%2057%2C%20%22expires%22%3A%201689767638316%2C%20%22ct%22%3A%201689765838316%7D
91btdh.net/	1969-12-31 23:59:59	Name: __vtins__K34HlztsV49BFXlq Value: %7B%22sid%22%3A%20%227cde8335-4ad0-56b0-8aa9-9205feb0d972%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201689767638320%2C%20%22ct%22%3A%201689765838320%7D
91btdh.net/	1970-01-20 22:58:45	Name: __51uvsct__K34HlztsV49BFXlq Value: 1
91btdh.net/	1970-01-20 22:58:45	Name: __51vcke__K34HlztsV49BFXlq Value: fcd53155-7220-5127-8125-cb231659660d
91btdh.net/	1970-01-20 22:58:45	Name: __51vuft__K34HlztsV49BFXlq Value: 1689765838322
.91btdh.net/	1970-01-20 22:58:45	Name: _ga_63XQHXHW69 Value: GS1.1.1689765838.1.0.1689765838.0.0.0
.91btdh.net/	1970-01-20 22:58:45	Name: _ga Value: GA1.1.96518685.1689765838
91btdh.net/	1969-12-31 23:59:59	Name: timezone Value: 0
.91btdh.net/	1970-01-20 22:44:21	Name: __gads Value: ID=1c1d417b08440b67-2222ad2e30de00a7:T=1689765838:RT=1689765838:S=ALNI_Ma5qXT7Xvph7WS9h84rC-D5sb2LnQ
.91btdh.net/	1970-01-20 22:44:21	Name: __gpi Value: UID=00000c40049774ba:T=1689765838:RT=1689765838:S=ALNI_Maalp8ZjhUnYqB33sSr5MmJZ9qEGA
.hm.baidu.com/	1970-01-20 22:58:45	Name: HMACCOUNT_BFESS Value: 5D66438AB97702C3
.91btdh.net/	1970-01-20 22:08:21	Name: Hm_lvt_cc89cb642da27ec01f796f483d41558b Value: 1689765840
.91btdh.net/	1969-12-31 23:59:59	Name: Hm_lpvt_cc89cb642da27ec01f796f483d41558b Value: 1689765840
.doubleclick.net/	1970-01-20 22:44:21	Name: IDE Value: AHWqTUkx-Yw3dqjuCj4oZf5ua56ZzSBa7gmvzaagEyDA_8AKgNauD_svt0zmMjsulXo
.ctnsnet.com/	1970-01-20 22:08:21	Name: gid_CAESEPiAwLpJ-QawfoRUaqg7Ap8 Value: 1
.simpli.fi/	1970-01-20 22:09:48	Name: suid Value: C26ADBA9E68F48B1BBA301F0F8F53306
.adform.net/	1970-01-20 14:07:24	Name: C Value: 1
.ctnsnet.com/	1970-01-20 22:08:21	Name: cid Value: b562f56117b74784b5387ee997b35a89
.ctnsnet.com/	1970-01-20 22:08:21	Name: gid_CAESEFUIkYnHARIJDbPxJIZLSGU Value: 1
.quantserve.com/	1970-01-20 15:32:21	Name: d Value: EHEBCQHAKYEA
.quantserve.com/	1970-01-20 22:53:00	Name: mc Value: 64b7c7d0-3f4ea-15329-2bd95
.ctnsnet.com/	1970-01-20 22:08:21	Name: gid_CAESENLgnNk2Sh3MhXiKLHU8OiA Value: 1
.adform.net/	1970-01-20 14:49:09	Name: uid Value: 6105430521033674729
.everesttech.net/	1970-01-20 22:08:21	Name: everest_g_v2 Value: g_surferid~ZLfH0AAB-bdFbgA_
.w55c.net/	1970-01-20 22:54:26	Name: wfivefivec Value: 1eRyDjuY1Qm5hK5
.yahoo.com/	1970-01-20 22:08:43	Name: A3 Value: d=AQABBNDHt2QCEN9oVrgOrS__gOkNQaTJixMFEgEBAQEZuWTBZAAAAAAA_eMAAA&S=AQAAAuW808j2k4MqaMzHdoeIpac
.w55c.net/	1970-01-20 14:05:57	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-20 13:22:49	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 17:41:57	Name: uid Value: 2505884307712371429
.mathtag.com/	1970-01-20 22:48:41	Name: uuid Value: 0a7d64b7-c7d0-4f00-afd0-803bca8cca2b
.mathtag.com/	1970-01-20 14:05:57	Name: mt_mop Value: 4:1689765840
91btdh.net/	1970-01-20 13:23:29	Name: isClose Value: yes
www.koolearn.com/	1970-01-20 22:08:21	Name: __jsluid_s Value: d752dbab776b15b4fd0546b9c7a745e4

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://91btdh.net/(Line 549) Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure script 'http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=469378'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.fbobo2.pw/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.sv20.pw/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://soupian.xyz/images/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.gaituba.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.pcfreetime.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.alltoall.net/qfy-content/uploads/2016/06/fa70f63e4bbcc259632aae74746ce5d6.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.wofficebox.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.runoob.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://f1.howzhi.com/system/2016/03-31/113613d6a857327741.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.doyoudo.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://study.163.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://collect-v6.51.la/v6/collect?dt=4 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://collect-v6.51.la/v6/collect?dt=4 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.google.cn/s2/favicons?domain=https://btsososo.com/ Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://soupian.xyz/images/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.sv20.pw/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.fbobo2.pw/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.google.cn/s2/favicons?domain=https://tools.miku.ac/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.google.cn/s2/favicons?domain=https://zh.numberempire.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.google.cn/s2/favicons?domain=https://www.cgown.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.google.cn/s2/favicons?domain=http://www.hippter.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.flvcd.com/flvcd_logo.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://tampermonkey.freetls.fastly.net/images/icon180.png Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://www.pcfreetime.com/favicon.ico Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.gaituba.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://one.newday.me/one/favicon.ico Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.alltoall.net/qfy-content/uploads/2016/06/fa70f63e4bbcc259632aae74746ce5d6.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.runoob.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://f1.howzhi.com/system/2016/03-31/113613d6a857327741.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://edu-image.nosdn.127.net/32a8dd2a-b9aa-4ec9-abd5-66cd8751befb.png?imageView&quality=100 Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.wofficebox.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://study.163.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://91btdh.net/ Message: Mixed Content: The page at 'https://91btdh.net/' was loaded over HTTPS, but requested an insecure element 'http://www.doyoudo.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91btdh.net
ad.turn.com
adblockplus.org
adservice.google.com
bdimg.share.baidu.com
btmulu8.com
c1.adform.net
cctalk.com
cdn.anyshare.icu
cm.g.doubleclick.net
cms.quantserve.com
collect-v6.51.la
dapanso.com
dis.criteo.com
edu-image.nosdn.127.net
f1.howzhi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hm.baidu.com
huke88.com
iguge.app
iguge.xyz
ius.ctnsnet.com
juanjuansou.com
jujuso.com
kanliao1.one
match.adsrvr.org
one.newday.me
onetag-sys.com
pagead2.googlesyndication.com
pan.newday.me
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
qncdn.aoscdn.com
r.turn.com
region1.google-analytics.com
sdk.51.la
smallpdf.com
soupian.xyz
study.163.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tampermonkey.freetls.fastly.net
tellme.pw
tg.qianfan.app
tpc.googlesyndication.com
um.simpli.fi
www.51zxw.net
www.alipansou.com
www.alltoall.net
www.cctalk.com
www.doyoudo.com
www.fbobo2.pw
www.flvcd.com
www.gaituba.com
www.google.cn
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.iamwawa.cn
www.imooc.com
www.jikexueyuan.com
www.koolearn.com
www.pcfreetime.com
www.pdfpai.com
www.runoob.com
www.sokk9.one
www.sv20.pw
www.upyunso.com
www.uupoop.com
www.wofficebox.com
bdimg.share.baidu.com
www.flvcd.com
www.google.cn
www.pcfreetime.com
101.132.91.205
103.235.46.191
103.40.249.193
104.102.35.84
107.167.16.140
112.74.78.199
115.238.119.98
116.62.143.55
117.121.101.40
120.72.45.209
121.41.179.170
134.175.83.163
139.196.210.75
140.143.48.31
142.250.186.162
148.251.232.132
149.28.86.9
151.101.130.49
154.85.69.6
154.88.14.62
163.171.128.148
163.181.92.186
178.250.1.9
18.239.94.42
180.163.203.20
2.59.155.28
2001:4860:4802:32::36
203.107.86.226
210.56.49.48
223.4.26.84
23.224.99.3
2404:2280:12e:0:3::3fc
240e:e9:d804:0:3::3fd
2606:4700:3032::6815:3d25
2606:4700:3036::6815:3836
2606:4700:3036::ac43:818e
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a03:2880:f10c:283:face:b00c:0:25de
2a04:4e42:200::591
2a05:d018:d29:3601:6b15:9865:39bc:dcdf
2a06:98c1:3120::3
2a06:98c1:3121::3
35.186.193.173
35.204.158.49
35.71.131.137
37.157.3.28
45.78.28.107
46.228.164.11
47.246.46.206
47.97.61.20
51.89.9.254
52.28.142.138
61.147.67.86
64.64.253.246
74.121.143.245
8.136.177.174
91.208.206.46
044aa999cebea5ba8299c06b58cbc7040266e8e5eb3a6a3904d3fea86d51b2bb
06717e5b34d53990e28deb7097b3d7fcc063ee780a6ce31675745dd4820de81a
088b65d364b96512db032c139f938bc2b20a4b6c10ab72099448e7ee298c340c
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de79f6d0c6cd1a6bcb9159c1277ee8ab94bdada2c3ee6deedf27642b44103b8
103efcf01f9b246d875c237ea9eecfa9337f231848eea3abb4b84ce886929742
11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332
128e52d620b090749bdcfc157c016180684de8fb17f7461df611995ee8f3c9cf
1348987fdcb6628f4a30123640d18f3b7b97fc5bd43a6ab44f63a21d5e311cfb
13eb6c855c1b4db6cf5b345fd55254b148e24a98f6873bff1a1b2c423eb32516
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866f41632b52c440e5f7134ad58c4a2368d182d06d0d8f34d0712365142af1c
18dd61439b0cfc74297818f6e837695834e4aa2a41d03f79deace96127cfce93
18e3f9ea59296540a14c9fc4fb178abd9fc2f8c6f35ae460176520bb23c6a745
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1aa9e5ca2fb6e7c7a11911bc06013c2cf06b29da14895db9e1ba88c39a1c4ac5
26b4b8a7c7f8c6f3c35d50274738abf52351ddd9561b006002d80e6a48a7305c
29449c53f2d0046c97d703b1aed7c86e637989322c75f6cde5dd3bb761c9edf8
29ba832a32ee0ec6e4247c52cd4a75ba297b62bc4b6162db82aef00749fabed2
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
2ee43237d196100210f1786e7b73b57cd140f6013c072c70dbdffd9e9bc695f8
2f6a160e17a315d3486a25ffea950ae347d095fef179b0632c63dc6f65136c9b
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e6c87389623d92ca9a6811fc212b0af61f8ce8099a8819b5683bea278a4a88
32274fb3c8cf12d5190af36fd6916f70759725aefe1b17e1d3bfbd7fcd21362d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34a36d434190c8524e407161e9dbb2410e6d7cdc63dac3aff8eeb542f1baf40c
3a01e0fd7cf735ce0a4b57d61d08df036565f99024974c9bbef382117ee10fb1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c6681685b6881bad7562f94245f4d316b0af1e53984d445fafa6681a0f84684
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
42497b8e4a8a73413b2216469321d125916e92b088a4542339bbb3ec17722ecc
438daafda2b1dfbfc2abc5c149de0d75b781dc10ede7ab302a1d80926035f4fa
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b05e9bfc1465ba8b0e5a5369fdbb55df77e0aa754dfb99b88da8d06b7198df4
4ca90e6029969b0b8b3eb2005328c1eef1b9a7f48658e208fca5377a4f3a49ae
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8ab68e772cafae5935d79c407e2c29f3337b51b758cc6aabaf6b649d2c0454
4e8c1124ab199edad5608f963da3d4cbfae3438c698d79d9c72a0d99bb5fcd1b
4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380
503f0afbc6557551cffd934b4c884271aab3b05b17f40a5c35bd00d67d5b3405
50dcf1a363fb2f3bcf0601912623d11ff5dcb0a9eb35617f32702bd4c2f8164c
51206b2d4b03eef103737bd0079e69cffd7f608a43d814749d49b40907169348
5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc
5a19f2390772b3f6380fbf22504b5cbc680dd784f4b780410409c20740931cd3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e0d9a702691f6bbb6ce2939fb7ee100032569ed46cb14efe847d1a4376408dc
5fae8a8cd4295ebaaf3bf9015a3612d679cc12c15d9911865009c1da597dfb23
636a4b9ab4134ae5ea58eecba3ac696badd23fe2167754cc64a68077aefae6db
6442ace6cb6ad1260653c82fe111c6a05f19be113239a3e08bdf2752390e32f7
648870e2c4cf20949a42221027775103b33ff6606d3ff4e184909aa55c9ee083
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
678c79c4a4d7ddd075629d31fbe0d93512f60c35a33eae5a7d47c8bfbe5a82d4
703ed94178bfef4379d20f188be41f22f7e60ad056712a48bceb09ddfd300d3f
73f674504493acb633006975ec880efed7f455ddbd3bbb4e64684d5821776939
777e049a9da8068085d238d7018eefb00591c345779de0b3b5488fe553f272b8
7b711ee0d24de69ec4884c5687df28417c497b7b648542862063611c4ba5a459
7cb8421025a19e9f3a4c321fd10a69d7ce418f38fdc2005be3fe326fdc941630
7d7405fc94e171d45658f9a25ebf09530ca7622d23a3f7623d15c3a1bd009f5a
8cffaf1889bd3165acec65f537b3dca268d76c4a6d55bd6f2402c03e2a74d7d2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e21e59ae9b5bf051f93e117d7a9c7ed9f703fe1ea8a504d6d53806f87bd9a56
93f992927d16d7f6437ff50f0a6ee05f0e4bd82e8b869af4463b6d3462ca419c
94b593f5358d3d5858501915fb02b2404d8f88dcd3ab2490ef89f034bb9ab1d2
94f6b2b27098403fe998a235b10dc80dfa979f837dd7b448616f98787b96de63
95d32e0461963b4ce437815be9b96434b6cb89c1a9c94e87cabefaae98af56bf
9644050e1df2b56d516c76cbc7fd9d3d638c1d4a412de82212074c738023444e
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9eda2cddffdf540977e3d8dec7c3d478eac2bdd10629414e31f30d6ea17f533a
9f89491daddbc50feae268d78185da5d959305251453fe3a88b170228a531ae2
9f982141a3b64101e815fe0cff8be34a843580232a8090ef0fcd28f242a4be07
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a339b0c23a6c05385d160a565d9d0ec3b3214321633571416a580a95d50e3fba
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fac8550d33bb7d3332a1a7cf255a22c1dda05a85aba9aa36e68970253fad5d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad29582e102013f8d3b1494cc57f4d02f43026d77cc99053a99e7c6f447a84c1
b37be904823b864cb1da1a6af2e6f24d3c6b6c905fd135c67964b27732bb72c3
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
bacacad55d2e8ac8ed7420a2aa48b259d7c375fd2c3734a4d3b5d70b583360d7
be870166bacd8cb5ec99117f9c99201590530b16dbc57a1ba5cbcdc0e41a0565
c1b5481e403f273b7297a7a45f1ef1e7cc5ea2e7d5eee47f82353a840bfdcf9c
c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc
c604b9a6a55d19ae4c9dc399a856f896c27016e98e2bbdd25b506fff432a309d
c88859dfe873347f0f7b7cc81b713d01c9437de3d3700c4c2d74386aeeb3fb02
c8a05303e3ef4a5e37e5a1d0ad9680768ea50d8ce782f9186db5e7fee24b40f2
ca89a0afdacaf559e706d55a723dc9252786928a758aa74fdea86588a0f5805c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14d336231852d1f69b47a67d6fe24693f87f899ae0b5d785e377023031512b2
d1a1d237650685c12ba6ff94affb2385bd114827f0c096e793c8efefff545779
d1ad7dad7bb7a21000ab8d434d5dd1bac32c0095395fae98b7d2abb39fe9ec80
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d218b60caa3e206f5e6a6153f196db26ee8ba6dea4e510a24a19af6ebbb19445
d2a634e1b44a375a10b1725d183c5f7808f63d4d773a18ca5828274cf66bec5f
d3016ff54f8e4330e2206e805401c5db32091aff1ec4fe4663e7436cd262423e
d6e732d62a931614cfa82746273595002ddc36432cd3d9cdaf95bd28d64b0836
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d95355776f74039a84e1782cd2039084d196b4d47dd874fc0976e818acce2a64
daebb3d5a30c97e41864788d8514c6a9ea60ad6dd771148c98ebc99b31d343dd
db5a7469a044258a1383a9b023447d23b6efbd65806cfbf97480410036c0f417
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
dec4ccafea60ce10efe719da1ebe8f8825a11d1c9a72317424d6a2f88eb478b8
e0dcf3d2edba66d4b545d6ea09060e146cad204d22d03963df6fa3de6ace6789
e3959f614a00059f3598911608d3057d81bcce2b564ebc275428da71d973bfdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149
ea6bc6bd34add18f4c196d80639c15fc7ef30b20743284517d941ad69a5b1758
ea907043013b1dce2c9390c92b206e6904e1cff946e7d73f99563b06ca3d1afd
ebfb2d201ae8cf373cd79fed6c57225e31980ef0cc579724a941e5e800aa784d
ece052d1c624a80fd1c620a4d06d5a05b747bdc09f12a5f9767ebad212a17fd3
ef3964c131c2ed2496d53ac0af2f029f350e83c5ed28c7713fa7990429459c9e
f31f559dba6373fd722481e3e854d72026344666ff279b64028b0b3504baec7c
f3616e813005d51c4d3a561c7382f296f5182dea596cb3a9db13839f4d774fc0
f42608813df573272e2807a82aa05cf0b23f37978dd8730325116f330dcc32b1
f461c991a73847d5dbda0ebf8fe014ae33e986b97f8b8c8db653a99e7f8e2f06
fb5b95d1087863ca1701ce991a39f8b153e11592200fcea4322a1efa78831223
fbcfb01b43c06622da482bb5ca2590d49e2b8e3da9555dc7d2703010e8d8ac26

91btdh.net Open in urlscan Pro 45.78.28.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

84 %HTTPS

34 %IPv6

66 Domains

75 Subdomains

59 IPs

13 Countries

3326 kBTransfer

5858 kBSize

36 Cookies

3 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

91btdh.net Open in urlscan Pro
45.78.28.107 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

84 %
HTTPS

34 %
IPv6

66
Domains

75
Subdomains

59
IPs

13
Countries

3326 kB
Transfer

5858 kB
Size

36
Cookies

211 HTTP transactions
10 data transactions