urlscan.io logo urlscan.io
SecurityTrails logo

ld246.com Open in urlscan Pro
117.25.133.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ld246.com/
Effective URL: https://ld246.com/
Submission: On April 01 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 65 HTTP transactions. The main IP is 117.25.133.177, located in China and belongs to CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN. The main domain is ld246.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 7th 2021. Valid for: a year.
This is the only time ld246.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 117.25.133.177 133775 (CHINATELE...)
5 2a04:4e42:1b:... 54113 (FASTLY)
2 103.235.46.191 55967 (BAIDU Bei...)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 124.225.167.218 4134 (CHINANET-...)
5 5 118.31.188.179 37963 (CNNIC-ALI...)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
65 12
7    117.25.133.177 (China)

ASN133775 (CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN)
ld246.com
5    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
7    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
27    124.225.167.218 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
b3logfile.com
5    118.31.188.179 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
img.hacpai.com
7    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
27 b3logfile.com ld246.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com ld246.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
7 ld246.com 1 redirects ld246.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 img.hacpai.com 5 redirects
5 cdn.jsdelivr.net ld246.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 hm.baidu.com ld246.com
1 www.google.com 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
65 13

This site contains links to these domains. Also see Links.

Domain
b3log.org
github.com
link.ld246.com
weibo.com
beian.miit.gov.cn
Subject Issuer Validity Valid
ld246.com
Encryption Everywhere DV TLS CA - G1		 2021-02-07 -
2022-02-07		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-25 -
2022-03-26		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
88250.b3log.org
R3		 2021-01-22 -
2021-04-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://ld246.com/
Frame ID: D0E0083253C04200BDFF846647196132
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html
Frame ID: BDDB056603A8223E93B21B539711CC95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Frame ID: 5BB50A6DB7749B81C5EFCBD5994FDD61
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&adk=1812271804&adf=3025194257&lmt=1617268577&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fld246.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617268577095&bpp=4&bdt=833&idt=42&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=1503021992109&frm=20&pv=1&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=54
Frame ID: E6ADF36BA55C7B7B87864850DF7796F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A9BD94A686F830800306FC4C37B8B0E8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: FEC34F9FC6FB0FB3C9606C4DA2D2ADA4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E62E1162B2F346589033295EEEBE3D9E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ld246.com/ HTTP 301
    https://ld246.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Tengine/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

65
Requests

100 %
HTTPS

62 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

719 kB
Transfer

1714 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ld246.com/ HTTP 301
    https://ld246.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://img.hacpai.com/avatar/1353745196544_1562941454569.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100 HTTP 301
  • https://b3logfile.com/avatar/1353745196544_1562941454569.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Request Chain 30
  • https://img.hacpai.com/avatar/1566208688080?imageView2/1/w/64/h/64/interlace/0/q/100 HTTP 301
  • https://b3logfile.com/avatar/1566208688080?imageView2/1/w/64/h/64/interlace/0/q/100
Request Chain 31
  • https://img.hacpai.com/avatar/1492642420947_1546608327618.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100 HTTP 301
  • https://b3logfile.com/avatar/1492642420947_1546608327618.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Request Chain 32
  • https://img.hacpai.com/avatar/1369914649233_1498353453085.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100 HTTP 301
  • https://b3logfile.com/avatar/1369914649233_1498353453085.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Request Chain 45
  • https://img.hacpai.com/avatar/1543456325268_1543456590488.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100 HTTP 301
  • https://b3logfile.com/avatar/1543456325268_1543456590488.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Request Chain 55
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ld246.com/
Redirect Chain
  • http://ld246.com/
  • https://ld246.com/
146 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.25.133.177 , China, ASN133775 (CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN),
Reverse DNS
Software
Tengine /
Resource Hash
52b35d077990c54f2500aca07b6b174e57811365b52f5104d0c9436124428204
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

:method
GET
:authority
ld246.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
Tengine
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31104000
date
Thu, 01 Apr 2021 09:16:16 GMT
x-xss-options
1; mode=block
x-frame-options
deny
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
via
cache15.l2cn1800[38,0], kunlun5.cn210[41,0]
content-encoding
br
timing-allow-origin
*
eagleid
6e5084a316172685761062134e

Redirect headers

Server
Tengine
Date
Thu, 01 Apr 2021 09:16:15 GMT
Content-Type
text/html
Content-Length
278
Connection
keep-alive
Location
https://ld246.com/
Via
kunlun1.cn210[,0]
Timing-Allow-Origin
*
EagleId
6e50849f16172685753515833e
icon.js
cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/classic/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/classic/icon.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
441552b98b52701f227bea4b17f5c1f93f35fd6b720c0960aebf7a127c43bd50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2493772
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
28890
etag
W/"13d06-BzKiBItZU5bJjIXH9HhG1YqlF0Y"
x-served-by
cache-fra19123-FRA, cache-hhn4049-HHN
date
Thu, 01 Apr 2021 09:16:16 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4357026
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
30948
etag
W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
x-served-by
cache-fra19133-FRA, cache-hhn4049-HHN
date
Thu, 01 Apr 2021 09:16:16 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
lib.js
cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/lib.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6074cf1763a8e736bf5210f32b605268e1e36ce51caa83e88c411eb9ed3e5f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2451105
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
10043
etag
W/"66ba-y1Ur8FXrRhvVJiXHWOW1v/w6P48"
x-served-by
cache-fra19163-FRA, cache-hhn4049-HHN
date
Thu, 01 Apr 2021 09:16:16 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
index.min.js
cdn.jsdelivr.net/npm/vditor@3.8.4/dist/ 		266 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vditor@3.8.4/dist/index.min.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54e3366aea0fb236c97a6348577c44f2940a57853cce9de10716b78570f5d2d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
137613
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
67065
etag
W/"42948-49XEXZ8+GnIrNhyWFnUyeucjCzY"
x-served-by
cache-fra19166-FRA, cache-hhn4049-HHN
date
Thu, 01 Apr 2021 09:16:16 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
index.633257880cdddc89ddbc.css
ld246.com/dist/skins/classic/ 		108 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ld246.com/dist/skins/classic/index.633257880cdddc89ddbc.css
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.25.133.177 , China, ASN133775 (CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6c1141090b244739b24846c17b2b87b33ad2da1889c83a3c8251813b90062dac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31104000
via
cache41.l2cn1801[35,200-0,M], cache38.l2cn1801[37,0], kunlun8.cn210[59,59,200-0,M], kunlun5.cn210[61,0]
x-content-type-options
nosniff
x-xss-options
1; mode=block
x-swift-cachetime
0
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Thu, 01 Apr 2021 09:16:16 GMT
content-encoding
br
server
Tengine
x-frame-options
deny
date
Thu, 01 Apr 2021 09:16:16 GMT
vary
Accept-Encoding
ali-swift-global-savetime
1617268576
content-type
text/css
content-security-policy
upgrade-insecure-requests
timing-allow-origin
*
eagleid
6e5084a316172685763932716e
index.2c1c59616d2ca996ee29.js
ld246.com/dist/skins/classic/ 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ld246.com/dist/skins/classic/index.2c1c59616d2ca996ee29.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.25.133.177 , China, ASN133775 (CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5a50c70836c3c1fdf0564396ed8aac442011c25238ca9c923755ba907f0f40f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31104000
via
cache44.l2cn1801[40,200-0,M], cache38.l2cn1801[41,0], kunlun2.cn210[67,66,200-0,M], kunlun5.cn210[68,0]
x-content-type-options
nosniff
x-xss-options
1; mode=block
x-swift-cachetime
0
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Thu, 01 Apr 2021 09:16:16 GMT
content-encoding
br
server
Tengine
x-frame-options
deny
date
Thu, 01 Apr 2021 09:16:16 GMT
vary
Accept-Encoding
ali-swift-global-savetime
1617268576
content-type
application/javascript
content-security-policy
upgrade-insecure-requests
timing-allow-origin
*
eagleid
6e5084a316172685763972726e
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?d6db0a56925d1efc64698d473b2f0734
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
4196a28436fa31fa3ea7118879b51db286a01c158506329657abc9b54e695a60
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 09:16:17 GMT
Content-Encoding
gzip
Server
apache
Etag
ca36fba9b05b2096db102f74c55409d9
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14038
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d83607d271d287418fdb2b503d0d282c0cdf91c6b3c8c574d3dc4e3674d8b6eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47643
x-xss-protection
0
server
cafe
etag
4916182422922681706
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 09:16:16 GMT
banner.png
ld246.com/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ld246.com/images/banner.png
Requested by
Host: ld246.com
URL: https://ld246.com/dist/skins/classic/index.633257880cdddc89ddbc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.25.133.177 , China, ASN133775 (CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3815f77c560a3b5999cd5a6c25e0c36711eecaa07abbe4a93312b7e01a37a777
Security Headers
Name Value
Strict-Transport-Security max-age=31104000

Request headers

Referer
https://ld246.com/dist/skins/classic/index.633257880cdddc89ddbc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31104000
via
cache24.l2cn1801[39,304-0,M], cache43.l2cn1801[41,0], kunlun1.cn210[0,0,200-0,H], kunlun5.cn210[1,0]
etag
"6063dfb4-b9ea"
age
1069
x-cache
HIT TCP_MEM_HIT dirn:11:600572603
x-swift-cachetime
3600
x-swift-savetime
Thu, 01 Apr 2021 08:58:28 GMT
content-length
47594
last-modified
Wed, 31 Mar 2021 02:34:28 GMT
server
Tengine
date
Thu, 01 Apr 2021 08:58:28 GMT
ali-swift-global-savetime
1617158293
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
eagleid
6e5084a316172685770223983e
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/ 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86637
x-xss-protection
0
server
cafe
etag
7600525576280132900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 09:16:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/ Frame BDDB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210329/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 31 Mar 2021 22:50:27 GMT
expires
Wed, 14 Apr 2021 22:50:27 GMT
content-type
text/html; charset=UTF-8
etag
13254444762018554669
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4647
x-xss-protection
0
age
37550
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user-thumbnail.png
ld246.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ld246.com/images/user-thumbnail.png
Requested by
Host: ld246.com
URL: https://ld246.com/dist/skins/classic/index.633257880cdddc89ddbc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.25.133.177 , China, ASN133775 (CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d20701e6ea1e1e137c4b63042b698a95551218b6073e0569e852bba510b251e0
Security Headers
Name Value
Strict-Transport-Security max-age=31104000

Request headers

Referer
https://ld246.com/dist/skins/classic/index.633257880cdddc89ddbc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31104000
via
cache10.l2cn1801[0,304-0,H], cache11.l2cn1801[1,0], kunlun1.cn210[0,0,200-0,H], kunlun5.cn210[0,0]
etag
"6063dfb4-dc8"
age
2532
x-cache
HIT TCP_MEM_HIT dirn:10:684239782
x-swift-cachetime
3600
x-swift-savetime
Thu, 01 Apr 2021 08:36:43 GMT
content-length
3528
last-modified
Wed, 31 Mar 2021 02:34:28 GMT
server
Tengine
date
Thu, 01 Apr 2021 08:34:05 GMT
ali-swift-global-savetime
1617158293
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
eagleid
6e5084a316172685771214178e
index-bg.svg
ld246.com/images/ 		1 KB
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ld246.com/images/index-bg.svg
Requested by
Host: ld246.com
URL: https://ld246.com/dist/skins/classic/index.633257880cdddc89ddbc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.25.133.177 , China, ASN133775 (CHINATELECOM-FUJIAN-XIAMEN-IDC1 Xiamen, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5a550dc09be1d9e776542d55379a2c72595e280158ca2cfc00be77300debbc0e
Security Headers
Name Value
Strict-Transport-Security max-age=31104000

Request headers

Referer
https://ld246.com/dist/skins/classic/index.633257880cdddc89ddbc.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31104000
via
cache3.l2cn1801[0,304-0,H], cache5.l2cn1801[0,0], kunlun4.cn210[0,0,200-0,H], kunlun5.cn210[1,0]
etag
W/"6063dfb4-4dd"
age
1307
x-cache
HIT TCP_MEM_HIT dirn:10:389228523
x-swift-cachetime
3600
x-swift-savetime
Thu, 01 Apr 2021 08:55:00 GMT
content-encoding
br
last-modified
Wed, 31 Mar 2021 02:34:28 GMT
server
Tengine
date
Thu, 01 Apr 2021 08:54:30 GMT
vary
Accept-Encoding
ali-swift-global-savetime
1617159328
content-type
image/svg+xml
access-control-allow-origin
*
timing-allow-origin
*
eagleid
6e5084a316172685771214179e
light.css
cdn.jsdelivr.net/npm/vditor@3.8.4/dist/css/content-theme/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vditor@3.8.4/dist/css/content-theme/light.css
Requested by
Host: ld246.com
URL: https://ld246.com/dist/skins/classic/index.2c1c59616d2ca996ee29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
179e795aac2ebe391c288a6fb8dd4b3bcfc40dfefd8a2a5f8a3250b67f8d5159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
539597
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
1122
etag
W/"90b-3YWo5Pa2cabX+W7BBmWf4vCO1+Q"
x-served-by
cache-fra19139-FRA, cache-hhn4049-HHN
date
Thu, 01 Apr 2021 09:16:17 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cookie.js
partner.googleadservices.com/gampad/ 		199 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ld246.com&callback=_gfp_s_&client=ca-pub-5357405790190342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
56a6479287e6721ee9c2e10a689b1a7086ae673669ffc8defa8f5f9881309c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ld246.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 09:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ld246.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 09:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5BB5 		55 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e15ddecaca0ffd07fc07bee074e5255a1bb21d92bc17acb1b4e6b0252806a9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Apr 2021 09:16:17 GMT
server
cafe
content-length
20953
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 09:31:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 09:16:17 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017733465819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28245
x-xss-protection
0
expires
Thu, 01 Apr 2021 09:16:17 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E6AD 		0
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&adk=1812271804&adf=3025194257&lmt=1617268577&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fld246.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617268577095&bpp=4&bdt=833&idt=42&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=1503021992109&frm=20&pv=1&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=54
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5357405790190342&output=html&adk=1812271804&adf=3025194257&lmt=1617268577&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fld246.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617268577095&bpp=4&bdt=833&idt=42&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=1503021992109&frm=20&pv=1&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=54
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 09:16:17 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 09:31:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 09:16:17 GMT
cache-control
private
1610205759005_1610205899060.jpeg
b3logfile.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1610205759005_1610205899060.jpeg?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
702f8f755dcbfc6aada2be0a7180d87ad52fdad264e114441a6edd5a1c444ee4

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:49;BOOTS-PROXY:50;BOOTS-PROXY:51;BOOTS-PIPE:51;BOOTS-PROXY:52;BOOTS-PROXY:53;X-Log;FUSIONGATE:59;DORA-PROXY:60
date
Thu, 01 Apr 2021 01:14:47 GMT
via
cache63.l2cn2639[0,304-0,H], cache62.l2cn2639[1,0], cache62.l2cn2639[1,0], kunlun4.cn2466[0,0,200-0,H], kunlun3.cn2466[2,0]
x-svr
IO
age
28891
x-cache
HIT TCP_MEM_HIT dirn:10:377678884
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1610205759005_1610205899060.jpeg"; filename*=utf-8''1610205759005_1610205899060.jpeg
x-swift-savetime
Thu, 01 Apr 2021 07:17:16 GMT
content-length
1856
x-m-reqid
W28AAHlqrG7tlnEW
x-m-log
QNM:xs447;QNM3/304
server
Tengine
etag
"AD9iWqkFU_qbP-ta74OSvhEAxETw"
access-control-max-age
2592000
ali-swift-global-savetime
1615237490
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783255353e
x-reqid
ciMAAAiMH3XweWoW
1353745196544_1562941454569.jpeg
b3logfile.com/avatar/
Redirect Chain
  • https://img.hacpai.com/avatar/1353745196544_1562941454569.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
  • https://b3logfile.com/avatar/1353745196544_1562941454569.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1353745196544_1562941454569.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8545db5f0a70499f240a751485030131ba6ea1573bcbcce497387a410cc995c9

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:13;BOOTS-PROXY:14;BOOTS-PROXY:15;BOOTS-PIPE:15;BOOTS-PROXY:16;BOOTS-PROXY:17;X-Log;FUSIONGATE:25;DORA-PROXY:25
date
Mon, 29 Mar 2021 02:28:00 GMT
via
cache2.l2cn2639[0,304-0,H], cache46.l2cn2639[1,0], cache46.l2cn2639[1,0], kunlun9.cn2466[0,0,200-0,H], kunlun3.cn2466[6,0]
x-svr
IO
age
283698
x-cache
HIT TCP_HIT dirn:10:564317249
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1353745196544_1562941454569.jpeg"; filename*=utf-8''1353745196544_1562941454569.jpeg
x-swift-savetime
Wed, 31 Mar 2021 06:44:07 GMT
content-length
2145
x-m-reqid
0nUAABw0soour3AW
x-m-log
QNM:xs462;QNM3/304
server
Tengine
etag
"ACl-RPrIBrv7EXyGrcMHLvw_Wi1_"
access-control-max-age
2592000
ali-swift-global-savetime
1611847760
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783275367e
x-reqid
0nUAAE9bNMwmhm4W

Redirect headers

location
https://b3logfile.com/avatar/1353745196544_1562941454569.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
date
Thu, 01 Apr 2021 09:16:18 GMT
server
nginx
content-length
162
content-type
text/html
MyBatis-FAXAzGY.png
b3logfile.com/tag/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/tag/MyBatis-FAXAzGY.png?imageView2/2/w/96/h/96/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7b167cf76e494a16083798dbee93483ca30ef83c10ea82cf0a69a49fb6574a7e

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:37;BOOTS-PROXY:37;BOOTS-PROXY:38;BOOTS-PIPE:38;BOOTS-PROXY:39;BOOTS-PROXY:39;X-Log;FUSIONGATE:43;DORA-PROXY:44
date
Thu, 01 Apr 2021 07:44:30 GMT
via
cache30.l2cn2639[0,304-0,H], cache64.l2cn2639[1,0], cache64.l2cn2639[1,0], kunlun6.cn2466[0,9,200-0,H], kunlun3.cn2466[12,0]
x-svr
IO
age
5508
x-cache
HIT TCP_HIT dirn:9:245676584
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="MyBatis-FAXAzGY.png"; filename*=utf-8''MyBatis-FAXAzGY.png
x-swift-savetime
Thu, 01 Apr 2021 09:04:13 GMT
content-length
9204
x-m-reqid
bzYAAAUs10QyrHEW
x-m-log
QNM:xs441;QNM3/304
server
Tengine
etag
"AMYeu3R4tzBJnnjswcQYY7eL9mkq"
access-control-max-age
2592000
ali-swift-global-savetime
1613048079
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783255356e
x-reqid
pVwAADInOE-vsmIW
1598868981252_1599879367840.png
b3logfile.com/avatar/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1598868981252_1599879367840.png?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f570353a114bf9e480ee39860f58714086af4505534ff33ec721d5bb8b9bfad7

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:26;BOOTS-PROXY:27;BOOTS-PROXY:27;BOOTS-PIPE:28;BOOTS-PROXY:28;BOOTS-PROXY:29;X-Log;FUSIONGATE:33;DORA-PROXY:34
date
Mon, 29 Mar 2021 00:59:11 GMT
via
cache58.l2cn2639[0,206-0,H], cache31.l2cn2639[0,0], cache31.l2cn2639[1,0], kunlun5.cn2466[0,0,200-0,H], kunlun3.cn2466[6,0]
x-svr
IO
age
289027
x-cache
HIT TCP_HIT dirn:10:687571044
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1598868981252_1599879367840.png"; filename*=utf-8''1598868981252_1599879367840.png
x-swift-savetime
Wed, 31 Mar 2021 02:39:45 GMT
content-length
5958
x-m-reqid
3osAAFCBE7NVqnAW
x-m-log
QNM:xs1180;SRCPROXY:xs488;QNM:xs462;SRCPROXY:xs481;SRC:1;SRCPROXY:1;QNM3:2;SRCPROXY:35;QNM3:65
server
Tengine
etag
"AOS68C_88ypvym768Lcvzzfh9KuN"
access-control-max-age
2592000
ali-swift-global-savetime
1616979551
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Miss, Miss,RawProxy
eagleid
7ce1a71716172685783275369e
x-reqid
3osAAFCBE7NVqnAW
1606641665913_1607068212318.jpeg
b3logfile.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1606641665913_1607068212318.jpeg?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5036d9a15036021fbc1502d31ba6cf9764681c0adf82420a2fbb80df223ecfdd

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:40;BOOTS-PROXY:41;BOOTS-PROXY:42;BOOTS-PIPE:42;BOOTS-PROXY:43;BOOTS-PROXY:44;X-Log;FUSIONGATE:50;DORA-PROXY:51
date
Tue, 30 Mar 2021 06:40:06 GMT
via
cache27.l2cn2639[0,206-0,H], cache35.l2cn2639[1,0], cache35.l2cn2639[1,0], kunlun5.cn2466[0,0,200-0,H], kunlun3.cn2466[2,0]
x-svr
IO
age
182172
x-cache
HIT TCP_HIT dirn:11:87109997
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1606641665913_1607068212318.jpeg"; filename*=utf-8''1606641665913_1607068212318.jpeg
x-swift-savetime
Tue, 30 Mar 2021 11:11:49 GMT
content-length
1883
x-m-reqid
LC8AABHTPO-EC3EW
x-m-log
QNM:xs1172;QNM3
server
Tengine
etag
"ANRP9zovBqrCsHYLfpNzJY_c4JLF"
access-control-max-age
2592000
ali-swift-global-savetime
1617086406
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783415397e
x-reqid
LC8AAHT6uHPusnAW
1353745196354_1611386411315.jpeg
b3logfile.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1353745196354_1611386411315.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7060040df6bffac74508cb78f47ad843887fd1492c1a7d61410945c0ed26c4b7

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:47;BOOTS-PROXY:48;BOOTS-PROXY:49;BOOTS-PIPE:50;BOOTS-PROXY:50;BOOTS-PROXY:52;X-Log;FUSIONGATE:58;DORA-PROXY:59
date
Mon, 29 Mar 2021 02:20:23 GMT
via
cache46.l2cn1832[0,304-0,H], cache74.l2cn1832[1,0], cache74.l2cn1832[1,0], kunlun7.cn2466[0,0,200-0,H], kunlun3.cn2466[7,0]
x-svr
IO
age
284155
x-cache
HIT TCP_HIT dirn:11:345569784
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1353745196354_1611386411315.jpeg"; filename*=utf-8''1353745196354_1611386411315.jpeg
x-swift-savetime
Tue, 30 Mar 2021 12:04:33 GMT
content-length
2977
x-m-reqid
em8AAG8nnw_ErnAW
x-m-log
QNM:xs466;QNM3/304
server
Tengine
etag
"AMoy4XAidwNpMOI2f8l-GboFDRNQ"
access-control-max-age
2592000
ali-swift-global-savetime
1611847751
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783275378e
x-reqid
em8AAIpwKLCwimoW
1606641665913_1607068212318.jpeg
b3logfile.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1606641665913_1607068212318.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
71b8636bb5641c9fbaa02c7aca782dbef530d64ec19d071250bb5ce375df9633

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:31;BOOTS-PROXY:32;BOOTS-PROXY:33;BOOTS-PIPE:34;BOOTS-PROXY:34;BOOTS-PROXY:35;X-Log;FUSIONGATE:42;DORA-PROXY:43
date
Wed, 31 Mar 2021 00:18:45 GMT
via
cache56.l2cn2639[0,206-0,H], cache3.l2cn2639[2,0], cache3.l2cn2639[2,0], kunlun5.cn2466[0,0,200-0,H], kunlun3.cn2466[9,0]
x-svr
IO
age
118653
x-cache
HIT TCP_HIT dirn:10:393146864
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1606641665913_1607068212318.jpeg"; filename*=utf-8''1606641665913_1607068212318.jpeg
x-swift-savetime
Thu, 01 Apr 2021 06:49:50 GMT
content-length
2950
x-m-reqid
vBgAAL5qPwpKRXEW
x-m-log
QNM:xs458;QNM3
server
Tengine
etag
"ADLsPMPeEbzmC5PvBHBt2faRoZWL"
access-control-max-age
2592000
ali-swift-global-savetime
1617149925
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783275375e
x-reqid
vBgAAHlzFtNjI3EW
Sym-dLAOVmj.png
b3logfile.com/tag/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/tag/Sym-dLAOVmj.png?imageView2/2/w/96/h/96/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
83820f10d5720893fc90fe4e473e667a7861775d8812cc4ff878555f9ce02813

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:22;BOOTS-PROXY:23;BOOTS-PROXY:31;BOOTS-PIPE:32;BOOTS-PROXY:32;BOOTS-PROXY:36;X-Log;FUSIONGATE:44;DORA-PROXY:45
date
Sun, 28 Mar 2021 14:06:03 GMT
via
cache44.l2cn2639[0,304-0,H], cache13.l2cn2639[1,0], cache13.l2cn2639[1,0], kunlun7.cn2466[0,0,200-0,H], kunlun3.cn2466[3,0]
x-svr
IO
age
328215
x-cache
HIT TCP_HIT dirn:11:705806190
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="Sym-dLAOVmj.png"; filename*=utf-8''Sym-dLAOVmj.png
x-swift-savetime
Wed, 31 Mar 2021 03:04:27 GMT
content-length
2162
x-m-reqid
IyoAAMg_JYCxhnAW
x-m-log
QNM:xs1185;QNM3/304
server
Tengine
etag
"AA9cOkTIY0U8sx6Sv8YcL8lPlABl"
access-control-max-age
2592000
ali-swift-global-savetime
1613800943
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785725604e
x-reqid
_40AAG6_FGm2RGcW
1353745196354_1611386411315.jpeg
b3logfile.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1353745196354_1611386411315.jpeg?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e8a6a700aa25469a192eab626663b0af324d60942f5717dd6d8b10c57a08c87e

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:42;BOOTS-PROXY:43;BOOTS-PROXY:44;BOOTS-PIPE:45;BOOTS-PROXY:49;BOOTS-PROXY:50;X-Log;FUSIONGATE:73;DORA-PROXY:74
date
Sun, 28 Mar 2021 15:58:07 GMT
via
cache55.l2cn2639[0,304-0,H], cache44.l2cn2639[7,0], cache44.l2cn2639[24,0], kunlun5.cn2466[0,0,200-0,H], kunlun3.cn2466[3,0]
x-svr
IO
age
321491
x-cache
HIT TCP_MEM_HIT dirn:10:314459799
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1353745196354_1611386411315.jpeg"; filename*=utf-8''1353745196354_1611386411315.jpeg
x-swift-savetime
Tue, 30 Mar 2021 09:14:02 GMT
content-length
1784
x-m-reqid
lmUAAASvUgXPjHAW
x-m-log
QNM:xs445;QNM3/304
server
Tengine
etag
"AAdHOnPmIu7rtbmZNlNbgIdX2nty"
access-control-max-age
2592000
ali-swift-global-savetime
1611386505
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785725606e
x-reqid
lmUAACiMp9MVnW8W
1616854665889.png
b3logfile.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1616854665889.png?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1dd3059e39525a1371a723675d905b0512d47211c313ba987a875151f9e41dd8

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:33;BOOTS-PROXY:34;BOOTS-PROXY:35;BOOTS-PIPE:35;BOOTS-PROXY:35;BOOTS-PROXY:36;X-Log;FUSIONGATE:41;DORA-PROXY:42
date
Tue, 30 Mar 2021 16:05:43 GMT
via
cache67.l2cn2639[0,206-0,H], cache15.l2cn2639[1,0], cache15.l2cn2639[1,0], kunlun7.cn2466[0,0,200-0,H], kunlun3.cn2466[3,0]
x-svr
IO
age
148235
x-cache
HIT TCP_HIT dirn:0:449811845
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1616854665889.png"; filename*=utf-8''1616854665889.png
x-swift-savetime
Wed, 31 Mar 2021 06:44:06 GMT
content-length
1475
x-m-reqid
em8AAKjv5lViKnEW
x-m-log
QNM:xs466;SRCPROXY:xs492;QNM:xs1163;SRCPROXY:xs489;SRC:2;SRCPROXY:2;QNM3:3;SRCPROXY:42;QNM3:99
server
Tengine
etag
"AJ-Y6QT1Wcovxjmeb2x1forTp-70"
access-control-max-age
2592000
ali-swift-global-savetime
1617120343
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Validate,MissValidate, Miss,RawProxy
eagleid
7ce1a71716172685785725607e
x-reqid
em8AAKjv5lViKnEW
1566208688080
b3logfile.com/avatar/
Redirect Chain
  • https://img.hacpai.com/avatar/1566208688080?imageView2/1/w/64/h/64/interlace/0/q/100
  • https://b3logfile.com/avatar/1566208688080?imageView2/1/w/64/h/64/interlace/0/q/100
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1566208688080?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
305a633fbd0e749e50c06958eae5d06c1aca865cd8f5533d8ff1cc8ab4d12a4f

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:28;BOOTS-PROXY:29;BOOTS-PROXY:30;BOOTS-PIPE:30;BOOTS-PROXY:30;BOOTS-PROXY:31;X-Log;FUSIONGATE:34;DORA-PROXY:35
date
Tue, 30 Mar 2021 06:23:08 GMT
via
cache60.l2cn1832[0,304-0,H], cache67.l2cn1832[1,0], cache67.l2cn1832[1,0], kunlun10.cn2466[0,0,200-0,H], kunlun3.cn2466[6,0]
x-svr
IO
age
183190
x-cache
HIT TCP_HIT dirn:10:37170463
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1566208688080"; filename*=utf-8''1566208688080
x-swift-savetime
Tue, 30 Mar 2021 12:12:10 GMT
content-length
1832
x-m-reqid
eE4AAH9SIeeXCnEW
x-m-log
QNM:xs1166;QNM3/304
server
Tengine
etag
"AJsIBBuv5j5LUvkndawh7Ghbd9Kr"
access-control-max-age
2592000
ali-swift-global-savetime
1611854557
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783275363e
x-reqid
Ip0AAKe0TLoD910W

Redirect headers

location
https://b3logfile.com/avatar/1566208688080?imageView2/1/w/64/h/64/interlace/0/q/100
date
Thu, 01 Apr 2021 09:16:18 GMT
server
nginx
content-length
162
content-type
text/html
1492642420947_1546608327618.jpeg
b3logfile.com/avatar/
Redirect Chain
  • https://img.hacpai.com/avatar/1492642420947_1546608327618.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
  • https://b3logfile.com/avatar/1492642420947_1546608327618.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1492642420947_1546608327618.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3a9d2b83d053d4a0b22ab1e46a9330749198acd8dcf21b9208a227b8d079b23

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:78;BOOTS-PROXY:79;BOOTS-PROXY:80;BOOTS-PIPE:81;BOOTS-PROXY:81;BOOTS-PROXY:82;X-Log;FUSIONGATE:86;DORA-PROXY:87
date
Thu, 01 Apr 2021 02:40:15 GMT
via
cache62.l2cn2639[37,206-0,H], cache50.l2cn2639[39,0], cache50.l2cn2639[40,0], kunlun1.cn2466[0,0,200-0,H], kunlun3.cn2466[6,0]
x-svr
IO
age
23763
x-cache
HIT TCP_HIT dirn:10:365971375
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1492642420947_1546608327618.jpeg"; filename*=utf-8''1492642420947_1546608327618.jpeg
x-swift-savetime
Thu, 01 Apr 2021 02:40:15 GMT
content-length
2754
x-m-reqid
eWAAAAJmUjmXm3EW
x-m-log
QNM:xs1167;QNM3/304
server
Tengine
etag
"AOThPSmIVLQ9G2u4ChmXJ_bmuccc"
access-control-max-age
2592000
ali-swift-global-savetime
1615166315
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783275365e
x-reqid
niUAAF91CMw0OWoW

Redirect headers

location
https://b3logfile.com/avatar/1492642420947_1546608327618.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
date
Thu, 01 Apr 2021 09:16:18 GMT
server
nginx
content-length
162
content-type
text/html
1369914649233_1498353453085.jpeg
b3logfile.com/avatar/
Redirect Chain
  • https://img.hacpai.com/avatar/1369914649233_1498353453085.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
  • https://b3logfile.com/avatar/1369914649233_1498353453085.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1369914649233_1498353453085.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3e48f9460828c93238fa3ed16e0517e8c3039aa371a893a5f49a5984e3116a4e

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:352;BOOTS-PROXY:352;BOOTS-PROXY:358;BOOTS-PIPE:359;BOOTS-PROXY:366;BOOTS-PROXY:367;X-Log;FUSIONGATE:370;DORA-PROXY:371
date
Sat, 27 Mar 2021 13:44:57 GMT
via
cache44.l2cn1832[0,304-0,H], cache46.l2cn1832[0,0], cache46.l2cn1832[1,0], kunlun7.cn2466[0,6,200-0,H], kunlun3.cn2466[8,0]
x-svr
IO
age
415881
x-cache
HIT TCP_HIT dirn:4:361961671
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1369914649233_1498353453085.jpeg"; filename*=utf-8''1369914649233_1498353453085.jpeg
x-swift-savetime
Mon, 29 Mar 2021 12:15:15 GMT
content-length
1696
x-m-reqid
z4MAACkf-lb2NnAW
x-m-log
QNM:xs1176;QNM3/304
server
Tengine
etag
"AHeSf1ZJ3vxYRA6Mn2kw4QTve1E3"
access-control-max-age
2592000
ali-swift-global-savetime
1611883842
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685783415399e
x-reqid
Z50AAOtxFC3D8V0W

Redirect headers

location
https://b3logfile.com/avatar/1369914649233_1498353453085.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
date
Thu, 01 Apr 2021 09:16:18 GMT
server
nginx
content-length
162
content-type
text/html
1587804457692_1604472341273.png
b3logfile.com/avatar/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1587804457692_1604472341273.png?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c3e64cbf347d9074c887a21a4117842ca0ea27607ded7fd63472a37338e06cac

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:83;BOOTS-PROXY:83;BOOTS-PROXY:84;BOOTS-PIPE:84;BOOTS-PROXY:85;BOOTS-PROXY:85;X-Log;FUSIONGATE:88;DORA-PROXY:89
date
Sun, 28 Mar 2021 08:54:23 GMT
via
cache69.l2cn1832[0,304-0,H], cache51.l2cn1832[0,0], cache51.l2cn1832[0,0], kunlun6.cn2466[0,1,200-0,H], kunlun3.cn2466[6,0]
x-svr
IO
age
346915
x-cache
HIT TCP_HIT dirn:11:115375502
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1587804457692_1604472341273.png"; filename*=utf-8''1587804457692_1604472341273.png
x-swift-savetime
Tue, 30 Mar 2021 12:19:35 GMT
content-length
8944
x-m-reqid
rVwAAJoeGpivdXAW
x-m-log
QNM:xs474;QNM3:4/304
server
Tengine
etag
"AAWAONAAT14rGsRGd9Lu1gTC5sAX"
access-control-max-age
2592000
ali-swift-global-savetime
1609746889
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785725608e
x-reqid
jWQAAFeqFVqIKmgW
1614497245520_1615423099305.png
b3logfile.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1614497245520_1615423099305.png?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
989a1826194a26d1b06f87d26b7e4a38254cc782760415538c0ecb30886da6c5

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:62;BOOTS-PROXY:63;BOOTS-PROXY:64;BOOTS-PIPE:64;BOOTS-PROXY:65;BOOTS-PROXY:66;X-Log;FUSIONGATE:70;DORA-PROXY:72
date
Wed, 31 Mar 2021 03:18:08 GMT
via
cache58.l2cn2639[0,206-0,H], cache15.l2cn2639[2,0], cache15.l2cn2639[2,0], kunlun4.cn2466[0,0,200-0,H], kunlun3.cn2466[3,0]
x-svr
IO
age
107890
x-cache
HIT TCP_HIT dirn:11:311082923
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1614497245520_1615423099305.png"; filename*=utf-8''1614497245520_1615423099305.png
x-swift-savetime
Wed, 31 Mar 2021 08:54:07 GMT
content-length
3019
x-m-reqid
63oAAI-kUPYTT3EW
x-m-log
QNM:xs1182;QNM3/304
server
Tengine
etag
"AGiAaHGfgo6hKW7u0kpTewL38CvA"
access-control-max-age
2592000
ali-swift-global-savetime
1615436710
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785725609e
x-reqid
yIwAAEFy3EcUI2sW
1615544734220_1615544829359.jpeg
b3logfile.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1615544734220_1615544829359.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3e4950df10c48c7ee4fafba005f1627fe9e3a75f4bb2561a68e0002a3ae846d7

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:10;BOOTS-PROXY:12;BOOTS-PROXY:15;BOOTS-PIPE:15;BOOTS-PROXY:15;BOOTS-PROXY:16;X-Log;FUSIONGATE:19;DORA-PROXY:20
date
Tue, 30 Mar 2021 07:49:43 GMT
via
cache70.l2cn1832[0,304-0,H], cache39.l2cn1832[0,0], cache39.l2cn1832[1,0], kunlun9.cn2466[0,0,200-0,H], kunlun3.cn2466[6,0]
x-svr
IO
age
177995
x-cache
HIT TCP_HIT dirn:10:563873407
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1615544734220_1615544829359.jpeg"; filename*=utf-8''1615544734220_1615544829359.jpeg
x-swift-savetime
Tue, 30 Mar 2021 12:12:23 GMT
content-length
1423
x-m-reqid
S3MAAKfLhvH2DnEW
x-m-log
QNM:xs460;QNM3:44/304
server
Tengine
etag
"AHJoa8fcckn-N1P7ntQbPGWnwUZH"
access-control-max-age
2592000
ali-swift-global-savetime
1615545392
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785725611e
x-reqid
S3MAAGlJSLAvkWsW
1615712606122_1615712735505.jpeg
b3logfile.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1615712606122_1615712735505.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
eb59cd11e83a3caf3c6de1a073795eff363e7852a63b2192d75ff6798619b698

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:38;BOOTS-PROXY:39;BOOTS-PROXY:40;BOOTS-PIPE:54;BOOTS-PROXY:55;BOOTS-PROXY:77;X-Log;FUSIONGATE:83;DORA-PROXY:84
date
Tue, 30 Mar 2021 07:02:01 GMT
via
cache54.l2cn2639[0,206-0,H], cache43.l2cn2639[1,0], cache43.l2cn2639[1,0], kunlun10.cn2466[0,1,200-0,H], kunlun3.cn2466[10,0]
x-svr
IO
age
180857
x-cache
HIT TCP_HIT dirn:0:331059218
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1615712606122_1615712735505.jpeg"; filename*=utf-8''1615712606122_1615712735505.jpeg
x-swift-savetime
Wed, 31 Mar 2021 08:54:07 GMT
content-length
1757
x-m-reqid
63oAAHl8R-62DHEW
x-m-log
QNM:xs1182;QNM3/304
server
Tengine
etag
"AKraDkxvqfxqKxg7XAz6iDgHQYuy"
access-control-max-age
2592000
ali-swift-global-savetime
1615716618
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785725612e
x-reqid
TF8AAF3QcBUyKmwW
1610722891173_1617255377158.jpeg
b3logfile.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1610722891173_1617255377158.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9c9c18b99c3f7ff470dc26d16e881d23bb32dc24c858140b74220ad85c5a3595

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:131;BOOTS-PROXY:132;BOOTS-PROXY:134;BOOTS-PIPE:134;BOOTS-PROXY:136;BOOTS-PROXY:138;X-Log;FUSIONGATE:146;DORA-PROXY:147
date
Thu, 01 Apr 2021 05:40:25 GMT
via
cache28.l2cn2639[0,206-0,H], cache1.l2cn2639[1,0], cache1.l2cn2639[1,0], kunlun4.cn2466[0,0,200-0,H], kunlun3.cn2466[7,0]
x-svr
IO
age
12953
x-cache
HIT TCP_HIT dirn:11:205666087
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1610722891173_1617255377158.jpeg"; filename*=utf-8''1610722891173_1617255377158.jpeg
x-swift-savetime
Thu, 01 Apr 2021 06:51:11 GMT
content-length
1273
x-m-reqid
L1AAAN5n728zpXEW
x-m-log
QNM:xs475;SRCPROXY:xs492;QNM:xs456;SRCPROXY:xs490;SRC:3;SRCPROXY:3;QNM3:4;SRCPROXY:148;QNM3:148
server
Tengine
etag
"AOsC-LU53XgvJCm6jjyBBExrpCTm"
access-control-max-age
2592000
ali-swift-global-savetime
1617255625
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Miss, Miss,RawProxy
eagleid
7ce1a71716172685785755615e
x-reqid
L1AAAN5n728zpXEW
1608959044007_1608963084132.jpeg
b3logfile.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1608959044007_1608963084132.jpeg?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
947aa7e314f88813fac6183f8dfc9d8227859946f2c8d61f227e4bc6fafe6515

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:63;BOOTS-PROXY:75;BOOTS-PROXY:76;BOOTS-PIPE:77;BOOTS-PROXY:77;BOOTS-PROXY:78;X-Log;FUSIONGATE:90;DORA-PROXY:91
date
Wed, 31 Mar 2021 13:13:20 GMT
via
cache26.l2cn2639[0,304-0,H], cache43.l2cn2639[1,0], cache43.l2cn2639[1,0], kunlun8.cn2466[0,0,200-0,H], kunlun3.cn2466[7,0]
x-svr
IO
age
72178
x-cache
HIT TCP_MEM_HIT dirn:0:349142193
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1608959044007_1608963084132.jpeg"; filename*=utf-8''1608959044007_1608963084132.jpeg
x-swift-savetime
Thu, 01 Apr 2021 01:45:34 GMT
content-length
1713
x-m-reqid
4E4AAMfWVMKOb3EW
x-m-log
QNM:xs1173;QNM3:19/304
server
Tengine
etag
"AD0l01hxqzDJgw9KSPIHDxrGMWJR"
access-control-max-age
2592000
ali-swift-global-savetime
1613175852
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785755616e
x-reqid
4E4AAKnRHy09gnAW
1608959044007_1608963084132.jpeg
b3logfile.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1608959044007_1608963084132.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3f8b6d266a3273e9e53d869b815a83c5cbd0831ab6956c0fbf02d6e1edaa7976

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:62;BOOTS-PROXY:63;BOOTS-PROXY:64;BOOTS-PIPE:65;BOOTS-PROXY:65;BOOTS-PROXY:66;X-Log;FUSIONGATE:103;DORA-PROXY:104
date
Wed, 31 Mar 2021 08:34:14 GMT
via
cache58.l2cn2639[0,206-0,H], cache61.l2cn2639[5,0], cache61.l2cn2639[5,0], kunlun9.cn2466[0,0,200-0,H], kunlun3.cn2466[4,0]
x-svr
IO
age
88924
x-cache
HIT TCP_HIT dirn:10:396356206
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1608959044007_1608963084132.jpeg"; filename*=utf-8''1608959044007_1608963084132.jpeg
x-swift-savetime
Thu, 01 Apr 2021 01:45:45 GMT
content-length
2630
x-m-reqid
4WQAAOspc9RTYHEW
x-m-log
QNM:xs1180;QNM3
server
Tengine
etag
"AJYjj0-G4ip5pJjPk-hV7TQKqmvI"
access-control-max-age
2592000
ali-swift-global-savetime
1617179654
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785785619e
x-reqid
3osAAM7lCEaoLHEW
Redis-d9bB7KX.png
b3logfile.com/tag/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/tag/Redis-d9bB7KX.png?imageView2/2/w/96/h/96/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a445c2ddb90c223fe4a50d2dd648a2239b95543bd5064e9c25d25de9874aceb4

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:20;BOOTS-PROXY:21;BOOTS-PROXY:21;BOOTS-PIPE:22;BOOTS-PROXY:23;BOOTS-PROXY:24;X-Log;FUSIONGATE:30;DORA-PROXY:31
date
Tue, 30 Mar 2021 08:02:37 GMT
via
cache27.l2cn2639[0,304-0,H], cache34.l2cn2639[1,0], cache34.l2cn2639[1,0], kunlun3.cn2466[0,0,200-0,H], kunlun3.cn2466[4,0]
x-svr
IO
age
177221
x-cache
HIT TCP_HIT dirn:0:486560166
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="Redis-d9bB7KX.png"; filename*=utf-8''Redis-d9bB7KX.png
x-swift-savetime
Thu, 01 Apr 2021 01:37:32 GMT
content-length
8015
x-m-reqid
0k4AAANhZoAFEHEW
x-m-log
QNM:xs446;SRCPROXY:xs490;QNM:xs460;SRCPROXY:xs485;SRC:1;SRCPROXY:1;QNM3:2;SRCPROXY:32;QNM3:33
server
Tengine
etag
"ADSlEqQ5OWtRjgWiGxCDUDagA7cI"
access-control-max-age
2592000
ali-swift-global-savetime
1603638813
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Miss, Miss,RawProxy
eagleid
7ce1a71716172685785785622e
x-reqid
0k4AAANhZoAFEHEW
1615088923678.png
b3logfile.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1615088923678.png?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d2a86f6c433486ea7a3142609ee9f8ac37cba75622a1f2e195010ad1353fe536

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:27;BOOTS-PROXY:28;BOOTS-PROXY:31;BOOTS-PIPE:33;BOOTS-PROXY:34;BOOTS-PROXY:40;X-Log;FUSIONGATE:46;DORA-PROXY:47
date
Fri, 26 Mar 2021 13:16:05 GMT
via
cache63.l2cn1832[0,304-0,H], cache1.l2cn1832[1,0], cache1.l2cn1832[1,0], kunlun6.cn2466[0,0,200-0,H], kunlun3.cn2466[4,0]
x-svr
IO
age
504013
x-cache
HIT TCP_MEM_HIT dirn:0:392174517
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1615088923678.png"; filename*=utf-8''1615088923678.png
x-swift-savetime
Mon, 29 Mar 2021 12:09:59 GMT
content-length
1382
x-m-reqid
CFkAAM9gN3bO5m8W
x-m-log
QNM:xs1182;QNM3:49/304
server
Tengine
etag
"AMyECac-p6UKuisgY7iPev5fONQl"
access-control-max-age
2592000
ali-swift-global-savetime
1616306687
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785785624e
x-reqid
zS0AAB8u3d3e8mkW
%E9%93%BE%E6%BB%B4-p0Grp6n.png
b3logfile.com/tag/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/tag/%E9%93%BE%E6%BB%B4-p0Grp6n.png?imageView2/2/w/96/h/96/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f8bbb7acb763d54675c8f0b673d765ac1207de98caa29d0c01372349a0efbde5

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:20;BOOTS-PROXY:21;BOOTS-PROXY:28;BOOTS-PIPE:28;BOOTS-PROXY:29;BOOTS-PROXY:30;X-Log;FUSIONGATE:41;DORA-PROXY:43
date
Tue, 30 Mar 2021 01:03:53 GMT
via
cache14.l2cn2639[0,304-0,H], cache38.l2cn2639[1,0], cache38.l2cn2639[1,0], kunlun5.cn2466[0,0,200-0,H], kunlun3.cn2466[6,0]
x-svr
IO
age
202345
x-cache
HIT TCP_MEM_HIT dirn:11:70443953
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="链滴-p0Grp6n.png"; filename*=utf-8''%E9%93%BE%E6%BB%B4-p0Grp6n.png
x-swift-savetime
Thu, 01 Apr 2021 01:31:48 GMT
content-length
2499
x-m-reqid
4Q4AALc1auUr-XAW
x-m-log
QNM:xs443;QNM3/304
server
Tengine
etag
"ACPgQkl2E4yNFFkWU44IGkcPuUKl"
access-control-max-age
2592000
ali-swift-global-savetime
1603638807
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785785625e
x-reqid
4Q4AANIYEL65528W
1606284740416.png
b3logfile.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1606284740416.png?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2bb79d371bc4f7e3c529304fc2cd9c36a64fcf50982ccacd4479152b9b1bb6f6

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:27;BOOTS-PROXY:28;BOOTS-PROXY:28;BOOTS-PIPE:29;BOOTS-PROXY:29;BOOTS-PROXY:30;X-Log;FUSIONGATE:40;DORA-PROXY:41
date
Mon, 29 Mar 2021 10:43:24 GMT
via
cache34.l2cn2639[0,304-0,H], cache4.l2cn2639[1,0], cache4.l2cn2639[1,0], kunlun4.cn2466[0,0,200-0,H], kunlun3.cn2466[4,0]
x-svr
IO
age
253974
x-cache
HIT TCP_MEM_HIT dirn:11:566382099
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1606284740416.png"; filename*=utf-8''1606284740416.png
x-swift-savetime
Wed, 31 Mar 2021 13:11:45 GMT
content-length
1595
x-m-reqid
N1oAAAhvBiY3ynAW
x-m-log
QNM:xs464;QNM3/304
server
Tengine
etag
"AOqrEy8X8uU7KBVVcmeD4UkucA3g"
access-control-max-age
2592000
ali-swift-global-savetime
1606382248
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785785626e
x-reqid
sggAACGPWU1kQGIW
1545557635666_1590495055269.jpeg
b3logfile.com/avatar/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1545557635666_1590495055269.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8bd915d412dd2900ef5d1cda43956d20018eb9a29a132a669c110a24bc01f6b8

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:164;BOOTS-PROXY:165;BOOTS-PROXY:166;BOOTS-PIPE:166;BOOTS-PROXY:166;BOOTS-PROXY:167;X-Log;FUSIONGATE:171;DORA-PROXY:172
date
Thu, 01 Apr 2021 01:36:16 GMT
via
cache9.l2cn2639[0,304-0,H], cache32.l2cn2639[1,0], cache32.l2cn2639[1,0], kunlun5.cn2466[0,0,200-0,H], kunlun3.cn2466[7,0]
x-svr
IO
age
27602
x-cache
HIT TCP_HIT dirn:10:476445587
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1545557635666_1590495055269.jpeg"; filename*=utf-8''1545557635666_1590495055269.jpeg
x-swift-savetime
Thu, 01 Apr 2021 09:04:13 GMT
content-length
3127
x-m-reqid
0nUAAFcAbm8ZmHEW
x-m-log
QNM:xs462;QNM3:58/304
server
Tengine
etag
"ANoUMRLEEZBMjy7uVWlwn1yB_iHb"
access-control-max-age
2592000
ali-swift-global-savetime
1615800418
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785785627e
x-reqid
0nUAALOhhwCGfm0W
1543456325268_1543456590488.jpeg
b3logfile.com/avatar/
Redirect Chain
  • https://img.hacpai.com/avatar/1543456325268_1543456590488.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
  • https://b3logfile.com/avatar/1543456325268_1543456590488.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1543456325268_1543456590488.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b39964309b00a84085e86fa655e7c8c3d1c362ae8ef4a4d285ab0d31b0a46c1d

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:24;BOOTS-PROXY:24;BOOTS-PROXY:27;BOOTS-PIPE:28;BOOTS-PROXY:30;BOOTS-PROXY:32;X-Log;FUSIONGATE:37;DORA-PROXY:38
date
Thu, 01 Apr 2021 08:05:36 GMT
via
cache55.l2cn2639[37,304-0,M], cache7.l2cn2639[38,0], cache7.l2cn2639[38,0], kunlun3.cn2466[0,0,200-0,H], kunlun3.cn2466[1,0]
x-svr
IO
age
4242
x-cache
HIT TCP_HIT dirn:11:626779712
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1543456325268_1543456590488.jpeg"; filename*=utf-8''1543456325268_1543456590488.jpeg
x-swift-savetime
Thu, 01 Apr 2021 08:05:36 GMT
content-length
2192
x-m-reqid
bXIAAHr9v21YrXEW
x-m-log
QNM:xs452;QNM3/304
server
Tengine
etag
"ADd3M0zHnp9zILKmqQZ3o_g2aFnn"
access-control-max-age
2592000
ali-swift-global-savetime
1611846874
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685788065843e
x-reqid
bXIAAG_wLw8Y52YW

Redirect headers

location
https://b3logfile.com/avatar/1543456325268_1543456590488.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
date
Thu, 01 Apr 2021 09:16:18 GMT
server
nginx
content-length
162
content-type
text/html
1616317723128_1616340406828.png
b3logfile.com/avatar/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1616317723128_1616340406828.png?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.225.167.218 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
42e0c4d7cc21171b6113c3265143cb0e60bce193d35827d14d11bc45f397b39e

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:185;BOOTS-PROXY:185;BOOTS-PROXY:186;BOOTS-PIPE:187;BOOTS-PROXY:187;BOOTS-PROXY:188;X-Log;FUSIONGATE:193;DORA-PROXY:194
date
Mon, 29 Mar 2021 05:48:38 GMT
via
cache13.l2cn1832[0,304-0,H], cache71.l2cn1832[1,0], cache71.l2cn1832[1,0], kunlun1.cn2466[0,0,200-0,H], kunlun3.cn2466[5,0]
x-svr
IO
age
271660
x-cache
HIT TCP_HIT dirn:11:836466301
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1616317723128_1616340406828.png"; filename*=utf-8''1616317723128_1616340406828.png
x-swift-savetime
Mon, 29 Mar 2021 12:15:18 GMT
content-length
9823
x-m-reqid
kCgAAB3eplshunAW
x-m-log
QNM:xs470;QNM3/304
server
Tengine
etag
"AKsaeVHb7Nv6uGNp7Yc4TuSsVwn8"
access-control-max-age
2592000
ali-swift-global-savetime
1616340859
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
7ce1a71716172685785785628e
x-reqid
kCgAAHums2cKZW4W
14366139218909597702
tpc.googlesyndication.com/simgad/ Frame 5BB5 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14366139218909597702?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkjvBNmlr2YoPKQyKVWgs3ZPJmaWw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dd8b77280e5269a6e46b31e6c9552346a14ccc36477f3c475d1ed01f106803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 02:26:41 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 07:20:31 GMT
server
sffe
age
283776
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24832
x-xss-protection
0
expires
Tue, 29 Mar 2022 02:26:41 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame 5BB5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
12304503248286081012
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 09:13:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 5BB5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 09:15:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BB5 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Thu, 01 Apr 2021 09:16:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 5BB5 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 09:15:50 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 5BB5 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 03:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10479
x-xss-protection
0
server
cafe
etag
5380568613746674957
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 03:20:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5BB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAK88YY9lYLjECvSU7_UP3fsCwr23jmKlwoONrA2fg7rj1wIQASD6kvQMYJUCoAGz3oH2AcgBAqgDAcgDyQSqBNEBT9DyBpPUvApusbgzdTiT7j0DwjG9zxTZ-22GcDF6lNFcAiO84y_cYW3NJSyJ8p_2CpGHgG5cJaYERw8Kv8UgEWPYvzNZJ6RiWVudLB2eI6A1C9olhOxY6pPtLxVTfUEnb-AVEzCx5mpN7hgvKl5Fv9VQEcE9sKie1pK8tZ5nq6kl-JKfk2Y7tmX6eaw86-G1-18YtvirVfKXPLhJN7wn-ZUWSnZM_xvdLN_G4NxvjihaAm2ImAw9g3Uqekd1SzDMwkMoyLEUfQn_Z6FC5iaEEwvABMzn8KPQA5IFBAgEGAGSBQQIBRgEoAYCgAfcjq-QAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDcwSHSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNTM1NzQwNTc5MDE5MDM0Mg&sigh=zTrdwrKTkTI&tpd=AGWhJmstwkwrwi4IQJtCfZLQYxnCvWRvmp_X7PAZuU6xrPjMOA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 01 Apr 2021 09:16:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 01 Apr 2021 09:16:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A9BD 		143 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 01 Apr 2021 08:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2091
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame A9BD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnrdFcs1JFglaC-wPJnD2aGti-OWFYKTQcu4SCJ1PuefwymRmZYVhcTV9ySfwg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 09:16:17 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 01-Apr-2021 10:16:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 09:16:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 09:16:17 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5BB5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eeaefccfd57f30d35503e19324a895c8651a957315bb7d6bfd5fa8b19be428c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
pagead2.googlesyndication.com/bg/ Frame FEC3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=250&slotname=5795157554&adk=363865871&adf=3274670882&pi=t.ma~as.5795157554&w=250&lmt=1617268577&psa=0&format=250x250&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&dt=1617268576984&bpp=4&bdt=722&idt=132&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1503021992109&frm=20&pv=2&ga_vid=1820086814.1617268577&ga_sid=1617268577&ga_hid=92260083&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069000%2C44740079%2C44739387&oid=3&pvsid=12652351778132&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=okx36UfnPZ&p=https%3A//ld246.com&dtd=145
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 00:38:23 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
549474
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Sat, 26 Mar 2022 00:38:23 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2074446111&si=d6db0a56925d1efc64698d473b2f0734&v=1.2.80&lv=1&sn=61383&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fld246.com%2F&tt=%E9%93%BE%E6%BB%B4%20-%20%E8%AE%B0%E5%BD%95%E7%94%9F%E6%B4%BB%EF%BC%8C%E8%BF%9E%E6%8E%A5%E7%82%B9%E6%BB%B4
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Apr 2021 09:16:18 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 5BB5 		42 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2n7wCrDVxqgQOT70EAh2JkutMFm-1ArJiWeOUNUJ4QqBJqwir5f_4Hf5WoJ13pbnf7x9mLS1gnePrvDsQztbqu9-7fHEuwWSg3kOp7E3S3uBsuftSG320Nn95uQ&sai=AMfl-YT5ZYFAwgmV1HgmCIM7qhoX9w8ri8i1NnzFuxtqtL2cyrc3S2SHLU1IXYy_CEcvVUrabikBonj78MvL&sig=Cg0ArKJSzKM4z_DrfYgEEAE&id=osdim&mcvt=1000&p=127,1076,377,1326&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=363865871&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617268577132&dlt=473&rpt=68&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 09:16:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210329&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10a4f05d563f0aa86bfeca7ac477395b453f4e878200d23aa1a64dede3e7118b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 09:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6587
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 01 Apr 2021 09:16:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E62E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 01 Apr 2021 09:16:13 GMT
expires
Fri, 01 Apr 2022 09:16:13 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
pagead2.googlesyndication.com/bg/ Frame E62E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 00:38:23 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
549476
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Sat, 26 Mar 2022 00:38:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210329&jk=12652351778132&bg=!VlWlVRHNAAY56aLOOek7ACkAdvg8Wm2-0oysLZXAwnUUyhQj97OVVREle-UtXVSzxRIXDAdyoTG78AIAAABLUgAAAApoAQcKAYFj67vbvef3R-AhAPppW3OEU-efMzjhdbeE-eKnNjyYRan2D8QBw3seJ_jjbhnn4hse5smlZeXlf0lyd4oJIwGa4NLsijuGyH8dv4Bpd79aK5NrGFP4JJrQl9-QNNlqtc98Q8KEaddwqyladdIO6c4qXiC3cdWVdiWi2-6JK8_-AeCAMbJZ_X-FR3_J2-NEafMFO6K-wZ0Lz1O-DEy74CrQhfs4TbG4Vhm2QjdbxH8gbsawi9YgV27LEJYQMlfE97wp4OcDdshaNwxwo6tYrm1MTT-CJ3UEuKAQfYfS6mv-xZ2lB3vMeT7gJQBrs4HYJQIzbaGkBaPO90yhD9m_FTR72aWN6T3XuLXdS9zXDg6bkpyAcXSDWwFMrO9iQiojLzMXk1VH7I_mCl6OY6Rmzl88eReJ9rTAaHWXXudQMsD43MIrmLltM1RxVYQ8F2dzwj1w1ppO9RwJLt8IHqtPgTeHGh9aBNnA2YD-UyyJ8gEMrVi5OO5Kn8-SG5IJBFzCuPNYmQHJBqUk9Hj4bt6fACFxylYdjVbDdePB3X4qia6BOAv6dGKb8AQk0SFFtY86YD7G_amN-Q77Q8GgRZh3XaAEgkoepKD9EpiU1DmrpsO7JqC21QCz7L5-yRWuVuium6DRJEP40AvYdbh9Tr7dZe1K3WvEO5ibi3RkRMo1pmWj83WJsZjhE9pI_GoLv3gLdz7eUA9Rc7SGc_nguDJZJda8Rx3b4fu1IRYmYsbwUE3fWrsScTMylyqCXkWBLzvSdh_UyRtMdXFlT49xuuKUgrF-WiK5cTFU4f1T_L7Ibh0_Cs1XruSCjn96ONgc2Fs5gZDMWRUIsbHskGjhqygve9YvnxQHuxL0zUbL41rCH2JOHMqhO5i35O7P96dZS1_s0SPIcKKqNQU1Bi75Ys9k8h3Ey7bls8wIRWciibE-aMppG1O-vVlYMXmPEKV9xgWRCWejnZXgNPcBCSbxB5jIa7mdKCONXKHlGanC21hh-ysNlKwXRq3iE6leaCNQ4oyFbxQo2rhAo8X-0SLk89IBke-FBBBZmvfJGE87TEeKSiF-p7941hDxWmvl-xsdYbp3tEGMMaxtuiesMo8IWVc-IWOr9mYtaLAugtLqjQDpSw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 09:16:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _hmt object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| Label function| $ function| jQuery function| md5 object| NProgress function| ReconnectingWebSocket function| UAParser function| Vditor undefined| prevKey object| CSSImageIntersectionObserver object| imageIntersectionObserver function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| _bdhm_loaded_d6db0a56925d1efc64698d473b2f0734 object| mini_tangram_log_nuxixj object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnrdFcs1JFglaC-wPJnD2aGti-OWFYKTQcu4SCJ1PuefwymRmZYVhcTV9ySfwg
.ld246.com/ Name: Hm_lpvt_d6db0a56925d1efc64698d473b2f0734
Value: 1617268578
.ld246.com/ Name: Hm_lvt_d6db0a56925d1efc64698d473b2f0734
Value: 1617268578
.ld246.com/ Name: __gads
Value: ID=3147342f8df97359-226167a847a70094:T=1617268577:RT=1617268577:S=ALNI_MaC-sr_zEBndmZA6bvQRiHoeSCdnw

2 Console Messages

Source Level URL
Text
console-api log URL: https://ld246.com/dist/skins/classic/index.2c1c59616d2ca996ee29.js(Line 1)
Message:
%c链滴%c 记录生活,连接点滴 b3log.org Copyright © 2012-present font-size:96px;color:#3b3e43 font-size:12px;color:#4285f4
console-api warning URL: https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'indexType' of null TypeError: Cannot read property 'indexType' of null at HTMLDocument.<anonymous> (https://ld246.com/dist/skins/classic/index.2c1c59616d2ca996ee29.js:1:59652) at e (https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js:2:30005) at t (https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js:2:30307) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b3logfile.com
cdn.jsdelivr.net
googleads.g.doubleclick.net
hm.baidu.com
img.hacpai.com
ld246.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
103.235.46.191
117.25.133.177
118.31.188.179
124.225.167.218
142.250.186.98
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a04:4e42:1b::621
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
10a4f05d563f0aa86bfeca7ac477395b453f4e878200d23aa1a64dede3e7118b
179e795aac2ebe391c288a6fb8dd4b3bcfc40dfefd8a2a5f8a3250b67f8d5159
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19dd8b77280e5269a6e46b31e6c9552346a14ccc36477f3c475d1ed01f106803
1dd3059e39525a1371a723675d905b0512d47211c313ba987a875151f9e41dd8
2bb79d371bc4f7e3c529304fc2cd9c36a64fcf50982ccacd4479152b9b1bb6f6
305a633fbd0e749e50c06958eae5d06c1aca865cd8f5533d8ff1cc8ab4d12a4f
311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
3815f77c560a3b5999cd5a6c25e0c36711eecaa07abbe4a93312b7e01a37a777
3e15ddecaca0ffd07fc07bee074e5255a1bb21d92bc17acb1b4e6b0252806a9e
3e48f9460828c93238fa3ed16e0517e8c3039aa371a893a5f49a5984e3116a4e
3e4950df10c48c7ee4fafba005f1627fe9e3a75f4bb2561a68e0002a3ae846d7
3f8b6d266a3273e9e53d869b815a83c5cbd0831ab6956c0fbf02d6e1edaa7976
4196a28436fa31fa3ea7118879b51db286a01c158506329657abc9b54e695a60
42e0c4d7cc21171b6113c3265143cb0e60bce193d35827d14d11bc45f397b39e
441552b98b52701f227bea4b17f5c1f93f35fd6b720c0960aebf7a127c43bd50
5036d9a15036021fbc1502d31ba6cf9764681c0adf82420a2fbb80df223ecfdd
52b35d077990c54f2500aca07b6b174e57811365b52f5104d0c9436124428204
54e3366aea0fb236c97a6348577c44f2940a57853cce9de10716b78570f5d2d1
56a6479287e6721ee9c2e10a689b1a7086ae673669ffc8defa8f5f9881309c41
5a50c70836c3c1fdf0564396ed8aac442011c25238ca9c923755ba907f0f40f4
5a550dc09be1d9e776542d55379a2c72595e280158ca2cfc00be77300debbc0e
5eeaefccfd57f30d35503e19324a895c8651a957315bb7d6bfd5fa8b19be428c
6074cf1763a8e736bf5210f32b605268e1e36ce51caa83e88c411eb9ed3e5f2c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6c1141090b244739b24846c17b2b87b33ad2da1889c83a3c8251813b90062dac
702f8f755dcbfc6aada2be0a7180d87ad52fdad264e114441a6edd5a1c444ee4
7060040df6bffac74508cb78f47ad843887fd1492c1a7d61410945c0ed26c4b7
71b8636bb5641c9fbaa02c7aca782dbef530d64ec19d071250bb5ce375df9633
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7b167cf76e494a16083798dbee93483ca30ef83c10ea82cf0a69a49fb6574a7e
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
83820f10d5720893fc90fe4e473e667a7861775d8812cc4ff878555f9ce02813
8545db5f0a70499f240a751485030131ba6ea1573bcbcce497387a410cc995c9
8bd915d412dd2900ef5d1cda43956d20018eb9a29a132a669c110a24bc01f6b8
947aa7e314f88813fac6183f8dfc9d8227859946f2c8d61f227e4bc6fafe6515
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
989a1826194a26d1b06f87d26b7e4a38254cc782760415538c0ecb30886da6c5
9c9c18b99c3f7ff470dc26d16e881d23bb32dc24c858140b74220ad85c5a3595
a445c2ddb90c223fe4a50d2dd648a2239b95543bd5064e9c25d25de9874aceb4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b39964309b00a84085e86fa655e7c8c3d1c362ae8ef4a4d285ab0d31b0a46c1d
c3e64cbf347d9074c887a21a4117842ca0ea27607ded7fd63472a37338e06cac
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d20701e6ea1e1e137c4b63042b698a95551218b6073e0569e852bba510b251e0
d2a86f6c433486ea7a3142609ee9f8ac37cba75622a1f2e195010ad1353fe536
d83607d271d287418fdb2b503d0d282c0cdf91c6b3c8c574d3dc4e3674d8b6eb
e3a9d2b83d053d4a0b22ab1e46a9330749198acd8dcf21b9208a227b8d079b23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a6a700aa25469a192eab626663b0af324d60942f5717dd6d8b10c57a08c87e
eb59cd11e83a3caf3c6de1a073795eff363e7852a63b2192d75ff6798619b698
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c
f570353a114bf9e480ee39860f58714086af4505534ff33ec721d5bb8b9bfad7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8bbb7acb763d54675c8f0b673d765ac1207de98caa29d0c01372349a0efbde5