urlscan.io logo urlscan.io
SecurityTrails logo

www.5a3q.com Open in urlscan Pro
134.122.131.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.5a3q.com/
Effective URL: https://www.5a3q.com/
Submission: On August 30 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 12 domains to perform 30 HTTP transactions. The main IP is 134.122.131.91, located in Singapore and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is www.5a3q.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on June 24th 2021. Valid for: a year.
This is the only time www.5a3q.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 134.122.131.91 64050 (BCPL-SG B...)
5 59.110.190.7 37963 (CNNIC-ALI...)
4 103.235.46.191 55967 (BAIDU Bei...)
2 47.104.60.178 37963 (CNNIC-ALI...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
30 15
2    134.122.131.91 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)
www.5a3q.com
5    59.110.190.7 (Beijing, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
ossimg1.oss-cn-beijing.aliyuncs.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    47.104.60.178 (Qingdao, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
images.zuciwang.com
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
6 pagead2.googlesyndication.com ossimg1.oss-cn-beijing.aliyuncs.com
pagead2.googlesyndication.com
www.5a3q.com
tpc.googlesyndication.com
5 ossimg1.oss-cn-beijing.aliyuncs.com www.5a3q.com
ossimg1.oss-cn-beijing.aliyuncs.com
4 hm.baidu.com www.5a3q.com
ossimg1.oss-cn-beijing.aliyuncs.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 images.zuciwang.com www.5a3q.com
2 www.5a3q.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ossimg1.oss-cn-beijing.aliyuncs.com
30 14

This site contains no links.

Subject Issuer Validity Valid
www.5a3q.com
Encryption Everywhere DV TLS CA - G1		 2021-06-24 -
2022-06-24		 a year crt.sh
*.oss-cn-beijing.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-07-01 -
2022-08-02		 a year crt.sh
*.zuciwang.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-22 -
2022-05-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.5a3q.com/
Frame ID: 9E070834CCDEA82E41D282B214FC46C0
Requests: 23 HTTP requests in this frame

Frame: https://images.zuciwang.com:8082/job.html?ue=aHR0cHM6Ly93d3cuNWEzcS5jb20v
Frame ID: C1367233777E8401ED4FF976A80687E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html
Frame ID: C839602EFE302AC12F7A674F88B09A64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&adk=2687186628&adf=2508249660&lmt=1630317616&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.5a3q.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630317616291&bpp=3&bdt=1356&idt=70&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=243602961370&frm=20&pv=2&ga_vid=1970338222.1630317616&ga_sid=1630317616&ga_hid=458296823&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748388%2C31062297&oid=3&pvsid=21758645785908&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=90
Frame ID: E74F447C0D18C661D46F5C5CE3AA3C0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1630317616&psa=0&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630317616294&bpp=2&bdt=1358&idt=91&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=243602961370&frm=20&pv=1&ga_vid=1970338222.1630317616&ga_sid=1630317616&ga_hid=458296823&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748388%2C31062297&oid=3&pvsid=21758645785908&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qHobTWeqX0&p=https%3A//www.5a3q.com&dtd=95
Frame ID: C7ACDA96A17A36F8C74279CFE99D832C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 851E5F8FCDF7C848211CF8AABD341DFA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 765080DAD5B8F58BF715BB4C043F3D60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

酷生活网

Page URL History Show full URLs

  1. http://www.5a3q.com/ HTTP 301
    https://www.5a3q.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

14
Subdomains

15
IPs

5
Countries

348 kB
Transfer

990 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.5a3q.com/ HTTP 301
    https://www.5a3q.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.5a3q.com/
Redirect Chain
  • http://www.5a3q.com/
  • https://www.5a3q.com/
50 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.5a3q.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
134.122.131.91 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dcaa65bbd34268e4fc22c02658c01263f9ec47837d742081d23d6a64affdfeaa

Request headers

Host
www.5a3q.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Cache-Control
public,max-age=60
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Mon, 30 Aug 2021 09:59:40 GMT

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.5a3q.com/
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Mon, 30 Aug 2021 09:59:38 GMT
Content-Length
144
main.css
ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/ 		169 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/main.css?t=637658784000000000
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.190.7 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
21e536a6fbc899a94b2c197acea787fe6fe35992fa617ac876b6a7b94a18e58b

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Mon, 30 Aug 2021 10:00:15 GMT
Content-Encoding
gzip
x-oss-request-id
612CAC2FF15BB2353486D33C
Last-Modified
Wed, 04 Aug 2021 04:35:51 GMT
Server
AliyunOSS
Content-MD5
ZE5dXYRA7HLfU6/Vq/CVBw==
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
8291838087406827394
x-oss-server-time
2
hm.js
hm.baidu.com/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?58578877db2604fd2c7066e40cc78860
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
eb2fac5b38ab2eaaf5cd8b00e4111b2c57d29d32df57dd556c9af7e00c27c58c
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 10:00:15 GMT
Content-Encoding
gzip
Server
apache
Etag
4fb76e466dc4d2c9cd29748cdc8ecd2b
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14357
ip.js
images.zuciwang.com/ 		103 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.zuciwang.com:8082/ip.js?t=637659431811024091
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.104.60.178 Qingdao, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ccf40c8adac70885764d885008c093a6dd2fdb161e5e6c40c2c1888b7182216b

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 10:00:15 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private
content-length
203
main.js
ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/main.js?t=637658784000000000
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.190.7 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
307a7e8f6e266de8f8eaf5f260076aa048966384266c430934965bbc1fbebe8e

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Mon, 30 Aug 2021 10:00:15 GMT
Content-Encoding
gzip
x-oss-request-id
612CAC2F9849B4363134F6B0
Last-Modified
Wed, 04 Aug 2021 04:35:51 GMT
Server
AliyunOSS
Content-MD5
5V5Wue/t1RZWR43ammyh9w==
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
10582328451672901613
x-oss-server-time
2
i.jpg
ossimg1.oss-cn-beijing.aliyuncs.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ossimg1.oss-cn-beijing.aliyuncs.com/i.jpg
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.190.7 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
job.html
images.zuciwang.com/ Frame C136 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://images.zuciwang.com:8082/job.html?ue=aHR0cHM6Ly93d3cuNWEzcS5jb20v
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.104.60.178 Qingdao, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
images.zuciwang.com:8082
:scheme
https
:path
/job.html?ue=aHR0cHM6Ly93d3cuNWEzcS5jb20v
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.5a3q.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.5a3q.com/

Response headers

cache-control
private
content-type
text/html
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
date
Mon, 30 Aug 2021 10:00:15 GMT
content-length
0
t2.js
ossimg1.oss-cn-beijing.aliyuncs.com/i/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ossimg1.oss-cn-beijing.aliyuncs.com/i/js/t2.js
Requested by
Host: ossimg1.oss-cn-beijing.aliyuncs.com
URL: https://ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/main.js?t=637658784000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.190.7 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9e5090a5c57aa2bfb866201409d5d30551e44fe9763acebe9ec58c43ae93f19b

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-oss-object-type
Normal
Date
Mon, 30 Aug 2021 10:00:16 GMT
Content-Encoding
gzip
x-oss-request-id
612CAC309849B43631EDF7B0
Last-Modified
Sun, 08 Aug 2021 00:10:23 GMT
Server
AliyunOSS
Content-MD5
hsVB02Cng4xwwdBj41ewtA==
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
3975346311247038857
x-oss-server-time
2
hm.gif
hm.baidu.com/ 		43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2128795773&si=58578877db2604fd2c7066e40cc78860&v=1.2.84&lv=1&sn=3421&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.5a3q.com%2F&tt=%E9%85%B7%E7%94%9F%E6%B4%BB%E7%BD%91
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Aug 2021 10:00:16 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6023592932492329
Requested by
Host: ossimg1.oss-cn-beijing.aliyuncs.com
URL: https://ossimg1.oss-cn-beijing.aliyuncs.com/i/js/t2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a21807e95c40232f6ec02e18f21bd27511299824306980981ae4aae7e0bd14ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.5a3q.com
Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 10:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50016
x-xss-protection
0
server
cafe
etag
13859689791707923674
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 10:00:16 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BN7QZ4ZXP1
Requested by
Host: ossimg1.oss-cn-beijing.aliyuncs.com
URL: https://ossimg1.oss-cn-beijing.aliyuncs.com/i/js/t2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9641e2f501b356dfeac2607e7a8e2c01cc7fb8b2f3a06600cd78f4c1f16bffbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 10:00:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51721
x-xss-protection
0
expires
Mon, 30 Aug 2021 10:00:16 GMT
hm.js
hm.baidu.com/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?0cf98a9dffdb90c9dfe21f39a613dff6
Requested by
Host: ossimg1.oss-cn-beijing.aliyuncs.com
URL: https://ossimg1.oss-cn-beijing.aliyuncs.com/i/js/t2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
4a0c49ef3585b031d25fee61373e80cab72b0de5ae6bb883f1f6e5daa6f39f6c
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 10:00:16 GMT
Content-Encoding
gzip
Server
apache
Etag
23d71cf9a0f249598112bc84dc84113e
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14359
logo.png
ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/ 		810 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/logo.png
Requested by
Host: ossimg1.oss-cn-beijing.aliyuncs.com
URL: https://ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/main.css?t=637658784000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.190.7 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
04389b5ed25cf0948075917bb801ddaf02fa2f51efed2b57b0272e1bb312e3b3

Request headers

Referer
https://ossimg1.oss-cn-beijing.aliyuncs.com/i/www.5a3q.com/main.css?t=637658784000000000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 30 Aug 2021 10:00:16 GMT
x-oss-request-id
612CAC309849B43631E6F8B0
Content-MD5
4Rx9YgN9X5v1iN38j8RU6g==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
810
x-oss-object-type
Normal
Last-Modified
Wed, 04 Aug 2021 04:35:51 GMT
Server
AliyunOSS
ETag
"E11C7D62037D5F9BF588DDFC8FC454EA"
Content-Type
image/png
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
11101650390573611532
x-oss-server-time
2
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 		252 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6023592932492329
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7089f6cbc081f79ba297f48c9c720869f325f9eedbe422279da1a4bee732bc4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 10:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95600
x-xss-protection
0
server
cafe
etag
9779198409284284208
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Aug 2021 10:00:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/ Frame C839 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6023592932492329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210824/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.5a3q.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.5a3q.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 29 Aug 2021 11:25:15 GMT
expires
Sun, 12 Sep 2021 11:25:15 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
81301
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/g/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BN7QZ4ZXP1&gtm=2oe8p0&_p=458296823&sr=1600x1200&ul=en-us&cid=1970338222.1630317616&_s=1&dl=https%3A%2F%2Fwww.5a3q.com%2F&dt=%E9%85%B7%E7%94%9F%E6%B4%BB%E7%BD%91&sid=1630317616&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BN7QZ4ZXP1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 10:00:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.5a3q.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		198 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.5a3q.com&callback=_gfp_s_&client=ca-pub-6023592932492329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
f0948894ba841b3d4a00a57cffae549cd59d32c2b7f6c2f43b35166df47555b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 10:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.5a3q.com%2F&tn=HEADER&id=header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Aug 2021 10:00:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.5a3q.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Aug 2021 10:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.5a3q.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Aug 2021 10:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E74F 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&adk=2687186628&adf=2508249660&lmt=1630317616&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.5a3q.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630317616291&bpp=3&bdt=1356&idt=70&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=243602961370&frm=20&pv=2&ga_vid=1970338222.1630317616&ga_sid=1630317616&ga_hid=458296823&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748388%2C31062297&oid=3&pvsid=21758645785908&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=90
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6023592932492329&output=html&adk=2687186628&adf=2508249660&lmt=1630317616&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.5a3q.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630317616291&bpp=3&bdt=1356&idt=70&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=243602961370&frm=20&pv=2&ga_vid=1970338222.1630317616&ga_sid=1630317616&ga_hid=458296823&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748388%2C31062297&oid=3&pvsid=21758645785908&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.5a3q.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.5a3q.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Aug 2021 10:00:16 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 30-Aug-2021 10:15:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 10:00:16 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630063795307439"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Mon, 30 Aug 2021 10:00:16 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C7AC 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1630317616&psa=0&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630317616294&bpp=2&bdt=1358&idt=91&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=243602961370&frm=20&pv=1&ga_vid=1970338222.1630317616&ga_sid=1630317616&ga_hid=458296823&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748388%2C31062297&oid=3&pvsid=21758645785908&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qHobTWeqX0&p=https%3A//www.5a3q.com&dtd=95
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1630317616&psa=0&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630317616294&bpp=2&bdt=1358&idt=91&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=243602961370&frm=20&pv=1&ga_vid=1970338222.1630317616&ga_sid=1630317616&ga_hid=458296823&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C44748388%2C31062297&oid=3&pvsid=21758645785908&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qHobTWeqX0&p=https%3A//www.5a3q.com&dtd=95
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.5a3q.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.5a3q.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Aug 2021 10:00:16 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 30-Aug-2021 10:15:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=388619546&si=0cf98a9dffdb90c9dfe21f39a613dff6&v=1.2.84&lv=1&sn=3422&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.5a3q.com%2F&tt=%E9%85%B7%E7%94%9F%E6%B4%BB%E7%BD%91
Requested by
Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Aug 2021 10:00:17 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210824&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3976f525264fa63f5d50298f535970b0f2ec21fa4bb8a7845bfa8b223e393cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Aug 2021 10:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8480
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 10:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 30 Aug 2021 10:00:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 851E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.5a3q.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.5a3q.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 30 Aug 2021 09:48:46 GMT
expires
Tue, 30 Aug 2022 09:48:46 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7650 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc3b37b8f02f3a4afa655826a1956a284cae5e7d361dd0bc30123c94433de84c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yy8tZi4VloTDXivqWDrW+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.5a3q.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.5a3q.com/

Response headers

expires
Mon, 30 Aug 2021 10:00:17 GMT
date
Mon, 30 Aug 2021 10:00:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yy8tZi4VloTDXivqWDrW+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
pagead2.googlesyndication.com/bg/ Frame 851E 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:21:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
2348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13187
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 09:21:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210824&jk=21758645785908&bg=!WVqlWh7NAAZOkH6FTpA7ACkAdvg8Wrg4kc4p-PizF2xpjEWzPxCx2rXgonGS8WKqlaqr7iHOeLO2sAIAAABQUgAAAAxoAQeZAm8vR0T4h7n-aLMNfw-uUA_K02NGn3czqbynn5AtZuLeZsv0RLF0Sgdwf92_-H17vWCFiN-w5dCADvR4Rz5l15Dxr8LYmTQBsApnr9DNZCtOVfGMv1Uhtwemt5o6SHBkpj3iOMAfO58aXfHTG2VovFw9lxPn1HMk1Vv7__tTDmfLl_-oCfXEc3UoGgwrsOZP3pNvmhDFCVggKm8qeM4Ro3ZEMiNypAyl0qrj_ykT4XLEVNclDMH6s-1Wx1mPJVG7XInK4xYkW2eDmBwH3SgpXOrU__d0WQA4fnsNojPu4VRsVeKZ4oh8zyVsIJZs9yufY6Dxy9VOjJyEdT-sO0c2qg8pByIUWWkKfEMwODwLo35vwMNBdAeZfTc9zHfvA9q2OBnzYL1hGQm2mbszgYEJHnxxlM6SCKhfhvUGG85bc4q_gN9A_bFtjoYAoUs6T6vFJdMSNSMEaAKRucWekDYCXwzZ2TVH5CZ0F7xtIxmoKLPEM1Rqc-4LTuUZGr8Ki-IW2vUB1BMqbq2t5gRg47hQWMkoY5DR3dQqTfPw2GjiTttraVUokhgPr2OMZXsK59JN5svyNoY4oCp0i99qSfAuAwSRba1hQhN7bu7ZTKFeciezmSZ99EMV_q8fYhEOg41RV7LpE2zEg-h1uKBBoyKsIs6O6Ni15ngipIvHYKMwWB56ut4asNUIwwx9EuZMrLPfiZeXcXGuArBO419miAG7obYCddc_4tjv0uL9K4QrhpQCsC8lbFr9Zazw2j9fInoCqHc6YgCiYMtyv2sLzU_uQChvmtBnIqc26ajIxg7_ZYxg249AaKSLYOeHdaRoCVnTZg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5a3q.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| IsMH boolean| IsOK string| IP string| IPLoc boolean| IsMobile boolean| IsIOS boolean| IsSpider boolean| IsDefault boolean| IsPC boolean| IsTop function| initBody function| leftDD function| rightDD function| endDD function| loadScript boolean| _bdhm_loaded_58578877db2604fd2c7066e40cc78860 object| _hmt object| mini_tangram_log_tz7jqp boolean| IsSearch function| gtag object| Fixed object| CK function| replaceText function| LinkTo undefined| images undefined| mh undefined| mhIndex undefined| changeImg object| keytimer function| getOffsetTop function| getOffsetLeft function| fullDD function| footDD function| queryList function| setKey function| showImg function| reloadimg function| gomh object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| google_tag_manager string| google_user_agent_client_hint object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| _bdhm_loaded_0cf98a9dffdb90c9dfe21f39a613dff6 object| mini_tangram_log_e74rym object| GoogleGcLKhOms

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
hm.baidu.com
images.zuciwang.com
ossimg1.oss-cn-beijing.aliyuncs.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.5a3q.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
103.235.46.191
134.122.131.91
172.217.23.98
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
47.104.60.178
59.110.190.7
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04389b5ed25cf0948075917bb801ddaf02fa2f51efed2b57b0272e1bb312e3b3
21e536a6fbc899a94b2c197acea787fe6fe35992fa617ac876b6a7b94a18e58b
307a7e8f6e266de8f8eaf5f260076aa048966384266c430934965bbc1fbebe8e
3976f525264fa63f5d50298f535970b0f2ec21fa4bb8a7845bfa8b223e393cb5
4a0c49ef3585b031d25fee61373e80cab72b0de5ae6bb883f1f6e5daa6f39f6c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
7089f6cbc081f79ba297f48c9c720869f325f9eedbe422279da1a4bee732bc4b
9641e2f501b356dfeac2607e7a8e2c01cc7fb8b2f3a06600cd78f4c1f16bffbc
9e5090a5c57aa2bfb866201409d5d30551e44fe9763acebe9ec58c43ae93f19b
a21807e95c40232f6ec02e18f21bd27511299824306980981ae4aae7e0bd14ad
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
cc3b37b8f02f3a4afa655826a1956a284cae5e7d361dd0bc30123c94433de84c
ccf40c8adac70885764d885008c093a6dd2fdb161e5e6c40c2c1888b7182216b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcaa65bbd34268e4fc22c02658c01263f9ec47837d742081d23d6a64affdfeaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
eb2fac5b38ab2eaaf5cd8b00e4111b2c57d29d32df57dd556c9af7e00c27c58c
f0948894ba841b3d4a00a57cffae549cd59d32c2b7f6c2f43b35166df47555b6