leheavengame.com Open in urlscan Pro
58.211.2.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://leheavengame.com/
Submission: On May 11 via api (May 11th 2023, 8:02:55 am UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 13 domains to perform 83 HTTP transactions. The main IP is 58.211.2.58, located in China and belongs to CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN. The main domain is leheavengame.com.

This is the only time leheavengame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	58.211.2.58 58.211.2.58	140292 (CHINATELE...) (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	220.169.152.35 220.169.152.35	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
1	2600:9000:225... 2600:9000:2251:6600:12:30a1:de00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	42.81.98.48 42.81.98.48	58542 (CHINATELE...) (CHINATELECOM-TIANJIN Tianjij)
1	39.156.68.163 39.156.68.163	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
6	182.61.200.109 182.61.200.109	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	60.190.116.48 60.190.116.48	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
6	36.110.192.156 36.110.192.156	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
3	182.61.62.32 182.61.62.32	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	111.206.208.190 111.206.208.190	4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
83	22

16 58.211.2.58 (China)

ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN)

leheavengame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.leheavengame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jue.leheavengame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 220.169.152.35 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

cpro.baidustatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:6600:12:30a1:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.81.98.48 (Tianjin, China)

ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN)

hmcdn.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.156.68.163 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 182.61.200.109 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 60.190.116.48 (Hangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

sofire.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 36.110.192.156 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

sofire.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.61.62.32 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

wn.pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 111.206.208.190 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)

eclick.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7872 push.zhanzhang.baidu.com — Cisco Umbrella Rank: 95264 hmcdn.baidu.com — Cisco Umbrella Rank: 85565 api.share.baidu.com — Cisco Umbrella Rank: 70165 pos.baidu.com — Cisco Umbrella Rank: 20406 sofire.baidu.com — Cisco Umbrella Rank: 15960 wn.pos.baidu.com — Cisco Umbrella Rank: 28004 eclick.baidu.com — Cisco Umbrella Rank: 28930	43 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	302 KB
16	leheavengame.com leheavengame.com cdn.leheavengame.com jue.leheavengame.com	1 MB
7	baidustatic.com cpro.baidustatic.com — Cisco Umbrella Rank: 24004	62 KB
3	gstatic.com www.gstatic.com	15 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	56 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7680	696 B
1	bdstatic.com sofire.bdstatic.com — Cisco Umbrella Rank: 30713	46 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	53 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
1	qhres2.com s.ssl.qhres2.com — Cisco Umbrella Rank: 87853	930 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	607 B
83	13

	Domain	Requested by
10	pagead2.googlesyndication.com	leheavengame.com pagead2.googlesyndication.com tpc.googlesyndication.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	cdn.leheavengame.com	leheavengame.com
7	cpro.baidustatic.com	leheavengame.com pos.baidu.com
6	sofire.baidu.com	sofire.bdstatic.com leheavengame.com
6	pos.baidu.com	cpro.baidustatic.com
6	leheavengame.com	leheavengame.com
4	eclick.baidu.com	leheavengame.com
3	wn.pos.baidu.com	pos.baidu.com leheavengame.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	hm.baidu.com	leheavengame.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	sofire.bdstatic.com	cpro.baidustatic.com
1	api.share.baidu.com	leheavengame.com
1	hmcdn.baidu.com	hm.baidu.com
1	jue.leheavengame.com	cdn.leheavengame.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	s.ssl.qhres2.com	leheavengame.com
1	push.zhanzhang.baidu.com	leheavengame.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
83	24

This site contains links to these domains. Also see Links.

Domain
cash.leheavengame.com
coupon.leheavengame.com
bbs.leheavengame.com
guide.leheavengame.com
www.deepvast.com
www.tokenpocketl.net
www.trustvvallet.net
www.sxhxtt.cn
wpa.qq.com
beian.miit.gov.cn
www.beian.gov.cn

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.leheavengame.com TrustAsia RSA DV TLS CA G2	`2022-05-14` - `2023-05-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.ssl.qhres2.com WoTrus DV Server CA [Run by the Issuer]	`2023-02-28` - `2024-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
jue.leheavengame.com Encryption Everywhere DV TLS CA - G1	`2023-02-03` - `2024-02-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://leheavengame.com/
Frame ID: 1A0C7D1C6BE86218C673FAA4E29BBC48
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20190131/zrt_lookup.html
Frame ID: 030D127AFA4A7233AD0FFE02EA2D0E9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979174285252748&output=html&adk=1812271804&adf=3025194257&lmt=1683792157&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleheavengame.com%2F&ea=0&pra=5&wgl=1&dt=1683792157617&bpp=6&bdt=171&idt=179&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6299957239211&frm=20&pv=2&ga_vid=337235030.1683792158&ga_sid=1683792158&ga_hid=1734526792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773809%2C44759926%2C44759837%2C44772268%2C44788442%2C44789923&oid=2&pvsid=1800968815176223&tmod=1201141029&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: 25F834C76AC5A772508E47CE7772D389
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1
Frame ID: 34ED63F1FC62EAECCFCB78D9E8E127CE
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 1E271D01CBBB57F8D47D3A37FFF4F755
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: A868471437691BB00D45E9E2D132DD8A
Requests: 1 HTTP requests in this frame

Frame: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4281120944&s2=3952511094&dri=0&dis=0&dai=1&ps=3197x350&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=18c278f36e2babed&ft=1
Frame ID: 4B3FFA20F892EBF5927A182062859760
Requests: 1 HTTP requests in this frame

Frame: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4016849730&s2=2732828415&dri=2&dis=0&dai=3&ps=3197x350&enu=encoding&exps=116012,110283,110277,110275,110261,110252,110284,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=95b8543956719698&ft=1
Frame ID: 20F36296D5B467ECFA38AD4510EB7F62
Requests: 7 HTTP requests in this frame

Frame: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=3929015056&s2=620600134&dri=1&dis=0&dai=2&ps=641x1030&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=2f40993187b7b4bc&ft=1
Frame ID: 5633D62D2FCB5AA726947F663F8A18D9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBF93640DD834265D0CCD7D584F86425
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E06FFBEC455BC8887BB29EF75D693693
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

一个帮助开发者成长的IT技术社区- 惊觉

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

83
Requests

78 %
HTTPS

48 %
IPv6

13
Domains

24
Subdomains

22
IPs

4
Countries

1963 kB
Transfer

4316 kB
Size

10
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://cash.leheavengame.com/
Title: 惠shop好货

Search URL Search Domain Scan URL

URL: https://coupon.leheavengame.com/
Title: 惠shop

Search URL Search Domain Scan URL

URL: https://bbs.leheavengame.com/
Title: 乾学网

Search URL Search Domain Scan URL

URL: https://guide.leheavengame.com/
Title: 乾坤宝录

Search URL Search Domain Scan URL

URL: http://www.deepvast.com/
Title: 这视界

Search URL Search Domain Scan URL

URL: https://www.tokenpocketl.net/
Title: tp钱包

Search URL Search Domain Scan URL

URL: https://www.trustvvallet.net/
Title: trust钱包

Search URL Search Domain Scan URL

URL: https://www.sxhxtt.cn/
Title: MetaMask钱包官网下载

Search URL Search Domain Scan URL

URL: http://wpa.qq.com/msgrd?v=3&uin=1148501661&site=qq&menu=yes
Title: 管理员QQ：1148501661

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 浙ICP备17021862号

Search URL Search Domain Scan URL

URL: http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=33010602008536
Title: 浙公网安备 33010602008536号

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
leheavengame.com/ 28 KB
10 KB 2239ms
404ms Document
text/html 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 1db50fa324a6927d063bb80e36292306cd7f5bda1e3565717676b13d4ff3370a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 11 May 2023 08:02:37 GMT
Server: yunjiasu
Transfer-Encoding: chunked
Vary: Accept-Encoding,Origin
YJS-ID: c6f4a423ba3c3395-132

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 116ms
81ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: leheavengame.com
URL: http://leheavengame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3323ce54c3496efdfb87b709af0e8268cacae3e2a1af671baa12e4966363093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47547
x-xss-protection: 0
server: cafe
etag: 7314394444760763890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 May 2023 08:02:37 GMT

GET
H/1.1 200
OK logo.df55a3c8.png
leheavengame.com/img/ 78 KB
79 KB 264ms
264ms Image
image/png 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leheavengame.com/img/logo.df55a3c8.png
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 30563810c340561981d62118cdcdf0f4a5f44bea12b607fefba8b66f6a250b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:37 GMT
Server: yunjiasu
YJS-CacheStatus: HIT
Vary: Accept-Encoding,Origin
YJS-ID: c6f4a427ba403395-132
Content-Type: image/png; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80031
Expires: Thu, 11 May 2023 16:02:37 GMT

GET
H/1.1 200
OK seojingjue.dff2b1a6.png
leheavengame.com/img/ 11 KB
12 KB 273ms
272ms Image
image/png 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leheavengame.com/img/seojingjue.dff2b1a6.png
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 03fe01e25e2cb23fbebea29d2cbd4fc0bb3e590242aebee79963fc785dd0d8a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:37 GMT
Server: yunjiasu
YJS-CacheStatus: HIT
Vary: Accept-Encoding,Origin
YJS-ID: c6f4a427e1193392-132
Content-Type: image/png; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11653
Expires: Thu, 11 May 2023 16:02:37 GMT

GET
H/1.1 200
OK wx-program-code.ac125f31.jpg
leheavengame.com/img/ 286 KB
287 KB 551ms
295ms Image
image/jpeg 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leheavengame.com/img/wx-program-code.ac125f31.jpg
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: baef3c95ad8f736b0ebcb145a34730c623fb5b586780a6bbf959cfa03d6a5437

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:37 GMT
Server: yunjiasu
YJS-CacheStatus: EXPIRED
Vary: Accept-Encoding,Origin
YJS-ID: c6f4a42a407a3395-132
Content-Type: image/jpeg; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 293007
Expires: Thu, 11 May 2023 16:02:37 GMT

GET
H/1.1 200
OK qq-program-code.3c787506.png
leheavengame.com/img/ 115 KB
115 KB 564ms
285ms Image
image/png 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leheavengame.com/img/qq-program-code.3c787506.png
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 570f493148a137ca141766e28b809837eff9c5c2cb2558ef0ffd83023714f210

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:37 GMT
Server: yunjiasu
YJS-CacheStatus: HIT
Vary: Accept-Encoding,Origin
YJS-ID: c6f4a42a81d833a2-132
Content-Type: image/png; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117837
Expires: Thu, 11 May 2023 16:02:37 GMT

GET
H/1.1 200
OK 282fe280-3b63-11eb-9407-91a2b40463c4.png
cdn.leheavengame.com/jue/images/ 10 KB
11 KB 1516ms
453ms Image
image/png 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.leheavengame.com/jue/images/282fe280-3b63-11eb-9407-91a2b40463c4.png?imageView2/0/q/75
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: a8ec9c26efd3ba1611abdb81484a12a4b773cb37b824cf8e430282993854c042

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Log: X-Log;IMAGE:65;BOOTS-PROXY:65;BOOTS-PROXY:66;BOOTS-PIPE:67;BOOTS-PROXY:67;BOOTS-PROXY:68;X-Log;FUSIONGATE:72;DORA-PROXY:74
Date: Thu, 11 May 2023 08:02:38 GMT
X-Svr: IO
X-Reqid: h76QhFarb
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="282fe280-3b63-11eb-9407-91a2b40463c4.png"; filename*=utf-8''282fe280-3b63-11eb-9407-91a2b40463c4.png
Connection: keep-alive
Content-Length: 10002
X-M-Reqid: h76QhFarb
X-M-Log: QNM:cdn-cache-dls-zjwz-wz-13;QNM:jjh2393;SRCPROXY:jjh1532;QNM:jjh2397;SRCPROXY:jjh1540;SRC:2;SRCPROXY:2;QNM3:3;SRCPROXY:75;QNM3:76;QNM3:96
Server: yunjiasu
Etag: "AJVN_d1YzLHSBpYnaBvcZY488uQF"
Access-Control-Max-Age: 2592000
YJS-ID: c6f4a432e6f13393-132
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: RawProxy

GET
H/1.1 200
OK 89090210-71cf-11eb-98c3-375c38d4a5d6.jpeg
cdn.leheavengame.com/jue/images/ 8 KB
9 KB 1493ms
421ms Image
image/jpeg 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.leheavengame.com/jue/images/89090210-71cf-11eb-98c3-375c38d4a5d6.jpeg?imageView2/0/q/75
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 906337563c1dc62a0f3c2ca6605e2d528bfec2d771a7f7845c3b9c61cd896101

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Log: X-Log;IMAGE:42;BOOTS-PROXY:42;BOOTS-PROXY:43;BOOTS-PIPE:44;BOOTS-PROXY:44;BOOTS-PROXY:44;X-Log;FUSIONGATE:51;DORA-PROXY:53
Date: Thu, 11 May 2023 08:02:38 GMT
X-Svr: IO
X-Reqid: CcnHXYaTo
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="89090210-71cf-11eb-98c3-375c38d4a5d6.jpeg"; filename*=utf-8''89090210-71cf-11eb-98c3-375c38d4a5d6.jpeg
Connection: keep-alive
Content-Length: 8311
X-M-Reqid: CcnHXYaTo
X-M-Log: QNM:cdn-cache-tel-zjqz-qz-2;QNM:xs475;SRCPROXY:xs490;QNM:xs1172;SRCPROXY:xs492;SRC:5;SRCPROXY:5;QNM3:6;SRCPROXY:56;QNM3:56;QNM3:65
Server: yunjiasu
Etag: "ADC2O5NLhj77-1daf4D_wimsjYf9"
Access-Control-Max-Age: 2592000
YJS-ID: c6f4a43290373394-132
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: RawProxy

GET
H/1.1 200
OK 48032830-7680-11eb-98c3-375c38d4a5d6.jpg
cdn.leheavengame.com/jue/images/ 145 KB
146 KB 1505ms
426ms Image
image/jpeg 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.leheavengame.com/jue/images/48032830-7680-11eb-98c3-375c38d4a5d6.jpg?imageView2/0/q/75
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: ee2b464feabfe52d663e4f2f8964c8c928e205dd366bbcb43bc30b8275e8010d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Log: X-Log;IMAGE:70;BOOTS-PROXY:71;BOOTS-PROXY:73;BOOTS-PIPE:74;BOOTS-PROXY:74;BOOTS-PROXY:75;X-Log;FUSIONGATE:79;DORA-PROXY:80
Date: Thu, 11 May 2023 08:02:38 GMT
X-Svr: IO
X-Reqid: PXDhTK1tW
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="48032830-7680-11eb-98c3-375c38d4a5d6.jpg"; filename*=utf-8''48032830-7680-11eb-98c3-375c38d4a5d6.jpg
Connection: keep-alive
Content-Length: 148522
X-M-Reqid: PXDhTK1tW
X-M-Log: QNM:cdn-cache-dls-zjwz-wz-13;QNM:xs1186;SRCPROXY:xs1755;QNM:xs473;SRCPROXY:xs485;SRC:2;SRCPROXY:2;QNM3:3;SRCPROXY:81;QNM3:83;QNM3:95
Server: yunjiasu
Etag: "ABI-qz3YBFsZXXOaBeSp9C5hljdD"
Access-Control-Max-Age: 2592000
YJS-ID: c6f4a432b609339f-132
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: RawProxy

GET
H/1.1 200
OK 12f8df60-a0ef-11eb-ac26-0f6ed95d4e69.jpeg
cdn.leheavengame.com/jue/images/ 37 KB
38 KB 1400ms
450ms Image
image/jpeg 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.leheavengame.com/jue/images/12f8df60-a0ef-11eb-ac26-0f6ed95d4e69.jpeg?imageView2/0/q/75
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: ff9113d9add718b1d56f324cee7374c67cac858a88bb01e70391e95484b82276

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Log: X-Log;IMAGE:51;BOOTS-PROXY:52;BOOTS-PROXY:52;BOOTS-PIPE:53;BOOTS-PROXY:53;BOOTS-PROXY:54;X-Log;FUSIONGATE:60;DORA-PROXY:61
Date: Thu, 11 May 2023 08:02:38 GMT
X-Svr: IO
X-Reqid: Vki6pBDTa
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="12f8df60-a0ef-11eb-ac26-0f6ed95d4e69.jpeg"; filename*=utf-8''12f8df60-a0ef-11eb-ac26-0f6ed95d4e69.jpeg
Connection: keep-alive
Content-Length: 38183
X-M-Reqid: Vki6pBDTa
X-M-Log: QNM:cdn-cache-dls-zjwz-wz-8;QNM:xs459;SRCPROXY:xs488;QNM:xs476;SRCPROXY:xs1753;SRC:2;SRCPROXY:2;QNM3:3;SRCPROXY:61;QNM3:62;QNM3:74
Server: yunjiasu
Etag: "ACRLVuIyFxDxGZjBB_OQj5rBOfhp"
Access-Control-Max-Age: 2592000
YJS-ID: c6f4a432a0033393-132
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: RawProxy

GET
H/1.1 200
OK 0ca147d0-3f72-11eb-9407-91a2b40463c4.png
cdn.leheavengame.com/jue/images/ 143 KB
144 KB 1566ms
608ms Image
image/png 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.leheavengame.com/jue/images/0ca147d0-3f72-11eb-9407-91a2b40463c4.png?imageView2/0/q/75
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 6959e26b9110e9a076beeda49d4571a114646d9587517b5cd36bc702729da10e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Log: X-Log;IMAGE:205;BOOTS-PROXY:206;BOOTS-PROXY:207;BOOTS-PIPE:207;BOOTS-PROXY:207;BOOTS-PROXY:208;X-Log;FUSIONGATE:214;DORA-PROXY:215
Date: Thu, 11 May 2023 08:02:38 GMT
X-Svr: IO
X-Reqid: E1D13u8i8
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="0ca147d0-3f72-11eb-9407-91a2b40463c4.png"; filename*=utf-8''0ca147d0-3f72-11eb-9407-91a2b40463c4.png
Connection: keep-alive
Content-Length: 146247
X-M-Reqid: E1D13u8i8
X-M-Log: QNM:cdn-cache-tel-zjqz-qz-2;QNM:jjh1908;SRCPROXY:jjh2189;QNM:jjh1909;SRCPROXY:jjh1491;SRC:3;SRCPROXY:3;QNM3:4;SRCPROXY:216;QNM3:218;QNM3:232
Server: yunjiasu
Etag: "AEDR3Z7GzbI_yqsCpRQANO6ZBYBG"
Access-Control-Max-Age: 2592000
YJS-ID: c6f4a4328fdb3397-132
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: RawProxy

GET
H/1.1 200
OK 7c3fadc0-ce47-11eb-abda-5ff99c83014f.jpeg
cdn.leheavengame.com/jue/images/ 48 KB
49 KB 394ms
394ms Image
image/jpeg 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.leheavengame.com/jue/images/7c3fadc0-ce47-11eb-abda-5ff99c83014f.jpeg?imageView2/0/q/75
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 07e2db6b20e943d021a97427811c24f85fff31e32c165af739f1faa8ef036535

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Log: X-Log;IMAGE:59;BOOTS-PROXY:60;BOOTS-PROXY:61;BOOTS-PIPE:61;BOOTS-PROXY:61;BOOTS-PROXY:62;X-Log;FUSIONGATE:66;DORA-PROXY:67
Date: Thu, 11 May 2023 08:02:39 GMT
X-Svr: IO
X-Reqid: R1lgO7WK4
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="7c3fadc0-ce47-11eb-abda-5ff99c83014f.jpeg"; filename*=utf-8''7c3fadc0-ce47-11eb-abda-5ff99c83014f.jpeg
Connection: keep-alive
Content-Length: 49548
X-M-Reqid: R1lgO7WK4
X-M-Log: QNM:cdn-cache-dls-zjwz-wz-9;QNM:jjh1873;SRCPROXY:jjh2189;QNM:jjh1910;SRCPROXY:jjh1498;SRC:2;SRCPROXY:2;QNM3:2;SRCPROXY:67;QNM3:68;QNM3:87
Server: yunjiasu
Etag: "APxMvQfRPQbguMoXo9Hqh9jbB45Q"
Access-Control-Max-Age: 2592000
YJS-ID: c6f4a43690463394-132
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: RawProxy

GET
H/1.1 200
OK record.d0289dc0.png
leheavengame.com/img/ 19 KB
19 KB 427ms
268ms Image
image/png 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leheavengame.com/img/record.d0289dc0.png
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:37 GMT
Server: yunjiasu
YJS-CacheStatus: HIT
Vary: Accept-Encoding,Origin
YJS-ID: c6f4a42ae11c3392-132
Content-Type: image/png; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19256
Expires: Thu, 11 May 2023 16:02:37 GMT

GET
H2 200 wangEditor.min.js Show response
cdn.leheavengame.com/wangeditor%403.1.1/release/ 64 KB
21 KB 1448ms
355ms Script
text/javascript 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leheavengame.com/wangeditor%403.1.1/release/wangEditor.min.js
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 74ca4883cd10e9442d7a000185005a6cba169478a7b1bf9b3caee7ceaf0993a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-log: X-Log
date: Thu, 11 May 2023 08:02:38 GMT
content-encoding: gzip
x-svr: IO
content-md5: hO0hnKenRQFjSxKgNk43IQ==
x-reqid: RXoAAACCQ18Zn04X
yjs-cachestatus: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="wangEditor.min.js"; filename*=utf-8''wangEditor.min.js
x-m-reqid: 5cbMivHqP
x-m-log: QNM:cdn-cache-dls-zjwz-wz-2;QNM:jjh1832;SRCPROXY:jjh1532;SRC:69;SRCPROXY:69;QNM3:70;QNM3:86
last-modified: Wed, 08 Apr 2020 02:38:26 GMT
server: yunjiasu
etag: "Fo7Eg3g5lyVRZam4IM6LuLKgyfdj.gz"
access-control-max-age: 2592000
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=28800
yjs-id: c6f4a432a306339a-132
x-qiniu-zone: 0
x-qnm-cache: RawProxy
expires: Thu, 11 May 2023 16:02:38 GMT

GET
H/1.1 200
OK cm.js Show response
cpro.baidustatic.com/cpro/ui/ 114 KB
39 KB 4140ms
278ms Script
text/javascript 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://cpro.baidustatic.com/cpro/ui/cm.js
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 2394243356f48bfa6158d8000b9c63ebbad295ccce08ecc7fd9aedb0847c41f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Ohc-File-Size: 39294
Date: Thu, 11 May 2023 08:02:41 GMT
Content-Encoding: gzip
Age: 2465
X-Cache-Status: HIT
Connection: keep-alive
Content-Length: 39294
Ohc-Cache-HIT: yy2ct71 [2], czix162 [1]
Last-Modified: Mon, 24 Apr 2023 06:21:22 GMT
Server: JSP3/2.0.14
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=3600
Ohc-Global-Saved-Time: Thu, 11 May 2023 07:21:36 GMT
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 11 May 2023 08:21:36 GMT

GET
H2 200 1d550355.bundle.js Show response
cdn.leheavengame.com/jue/js/ 2 MB
403 KB 1713ms
621ms Script
text/javascript 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.leheavengame.com/jue/js/1d550355.bundle.js
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 2dfd99a6e01f364bf75a72550b9871ad949d02d4e21150807d884642078b3c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-log: X-Log
date: Thu, 11 May 2023 08:02:38 GMT
content-encoding: gzip
x-svr: IO
content-md5: Se8K3WLC4UkbneGad7Y+JA==
x-reqid: pVYAAABmfPDIzFsX
yjs-cachestatus: HIT
content-transfer-encoding: binary
content-disposition: inline; filename="1d550355.bundle.js"; filename*=utf-8''1d550355.bundle.js
x-m-reqid: 5ac0v89dw
x-m-log: QNM:cdn-cache-dls-zjwz-wz-3;QNM:xs1172;SRCPROXY:xs484;SRC:19;SRCPROXY:19;QNM3:20;QNM3:38
last-modified: Thu, 04 May 2023 01:32:31 GMT
server: yunjiasu
etag: "Fq_J-Yy0Ix3juPs8GRvs4LHSRgMM.gz"
access-control-max-age: 2592000
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=28800
yjs-id: c6f4a432a34d339a-132
x-qiniu-zone: 0
x-qnm-cache: RawProxy
expires: Thu, 11 May 2023 16:02:38 GMT

GET
H/1.1 200
OK 7cee1490-c53c-11ec-a211-7793e54d3a57.jpeg
cdn.leheavengame.com/jue/images/ 32 KB
33 KB 1455ms
384ms Image
image/jpeg 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.leheavengame.com/jue/images/7cee1490-c53c-11ec-a211-7793e54d3a57.jpeg?imageView2/0/q/75
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: 26f765c41f8cdc37c8d3df9b83d9cce889e11bda7cac11bfaae6268f01c34723

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

X-Log: X-Log;IMAGE:44;BOOTS-PROXY:45;BOOTS-PROXY:45;BOOTS-PIPE:46;BOOTS-PROXY:46;BOOTS-PROXY:47;X-Log;FUSIONGATE:51;DORA-PROXY:52
Date: Thu, 11 May 2023 08:02:38 GMT
X-Svr: IO
X-Reqid: 3FxD6sP6f
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="7cee1490-c53c-11ec-a211-7793e54d3a57.jpeg"; filename*=utf-8''7cee1490-c53c-11ec-a211-7793e54d3a57.jpeg
Connection: keep-alive
Content-Length: 33268
X-M-Reqid: 3FxD6sP6f
X-M-Log: QNM:cdn-cache-tel-zjqz-qz-1;QNM:jjh1832;SRCPROXY:jjh1493;QNM:jjh1901;SRCPROXY:jjh1541;SRC:2;SRCPROXY:2;QNM3:3;SRCPROXY:52;QNM3:53;QNM3:65
Server: yunjiasu
Etag: "APUKS9VwaHam4FzjiKZ5-5y62dkX"
Access-Control-Max-Age: 2592000
YJS-ID: c6f4a432c6e33391-132
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: RawProxy

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/ 356 KB
120 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7979174285252748&plah=leheavengame.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f5f2c370ebb73960623cf3f6e61aab1503fdb1889d13eb39d020081f3b893eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122743
x-xss-protection: 0
server: cafe
etag: 10118971403600674112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 May 2023 08:02:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230509/r20190131/ Frame 030D 10 KB
5 KB 50ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230509/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leheavengame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 07:24:07 GMT
etag: 15057649708203361565
expires: Thu, 25 May 2023 07:24:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
607 B 61ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=leheavengame.com&callback=_gfp_s_&client=ca-pub-7979174285252748

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7979174285252748&plah=leheavengame.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

726533a3e5835ab239bf99f7e39916ff3de9cc49e9e076b44003e09d3d156660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 192ms
22ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=leheavengame.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 190ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=leheavengame.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: leheavengame.com
URL: http://leheavengame.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 08:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=preloader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: leheavengame.com
URL: http://leheavengame.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 08:02:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25F8 159 KB
47 KB 1051ms
1050ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7979174285252748&output=html&adk=1812271804&adf=3025194257&lmt=1683792157&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fleheavengame.com%2F&ea=0&pra=5&wgl=1&dt=1683792157617&bpp=6&bdt=171&idt=179&shv=r20230509&mjsv=m202305080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6299957239211&frm=20&pv=2&ga_vid=337235030.1683792158&ga_sid=1683792158&ga_hid=1734526792&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44773809%2C44759926%2C44759837%2C44772268%2C44788442%2C44789923&oid=2&pvsid=1800968815176223&tmod=1201141029&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=203

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bdc59baae558f2bb4aad4d8e19ff7a982f0077b147332663af396a4a372e61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leheavengame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47418
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 08:02:39 GMT
expires: Thu, 11 May 2023 08:02:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/ 151 KB
51 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa7e842c3d836663b279c12a0bdd0baca93227732234da6e2db6ba1a28d59aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52467
x-xss-protection: 0
server: cafe
etag: 498059069453102000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 08:02:39 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 2222ms
425ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1a6036ed362b2ca3cc01da62da664b79

Requested by

Host: leheavengame.com
URL: http://leheavengame.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

65917e06292df2b7f519d11810b30f8fa9dcd3c9c56c5da31c35d4d7d428b2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 0f4b402f6c5b2da703985dc3fa19d316
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11277

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 2579ms
299ms Script
text/javascript 180.101.212.103
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
Content-Type: text/javascript
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 227
Expires: Fri, 10 May 2024 08:02:41 GMT

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres2.com/ssl/ 478 B
930 B 986ms
7ms Script
application/javascript 2600:9000:2251:6600:12:30a1:de00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:6600:12:30a1:de00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer: http://leheavengame.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 02 Apr 2023 06:32:21 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;MISS from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA60-P3
age: 3375019
x-cache: Hit from cloudfront
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"5ea522c52117c396"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: hUSnIIyBTgY3pEdhPTcUukQLnI62YoBfDxCK56XSbKZAowPGxXRZqQ==
expires: Wed, 30 Mar 2033 06:32:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=leheavengame.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=leheavengame.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/ Frame 34ED 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leheavengame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 14:24:54 GMT
etag: 15057649708203361565
expires: Wed, 24 May 2023 14:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 34ED 4 KB
1 KB 64ms
22ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 May 2023 08:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 May 2023 06:37:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 May 2023 08:02:39 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 34ED 205 B
649 B 54ms
14ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 05:19:35 GMT
x-content-type-options: nosniff
age: 9784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 May 2024 05:19:35 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 34ED 604 B
695 B 54ms
14ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 19:22:02 GMT
x-content-type-options: nosniff
age: 45637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 May 2024 19:22:02 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/elements/html/ Frame 34ED 12 KB
6 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c6f2f2a1c52ce023f0413c31d546e0cac1132c7bd622469251e3819b9561d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 20:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5515
x-xss-protection: 0
server: cafe
etag: 11908440479882454735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 20:34:16 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/elements/html/ Frame 34ED 19 KB
8 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 14:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8020
x-xss-protection: 0
server: cafe
etag: 10981734531507917325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 14:30:41 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 1E27 2 KB
847 B 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:46:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/ Frame 1E27 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:45:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 1E27 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:43:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/ Frame 1E27 19 KB
8 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230509/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 13:45:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E27 169 KB
53 KB 1427ms
1392ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 May 2023 08:02:41 GMT

GET
H2 200 fe5bb951bcb64b0813d5b031a6a87c6d.js Show response
www.gstatic.com/mysidia/ Frame 1E27 32 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230509/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13644
x-xss-protection: 0
last-modified: Mon, 08 May 2023 06:22:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 16:08:25 GMT

GET
H2 200 home Show response
jue.leheavengame.com/api/view/ 17 KB
6 KB 1204ms
315ms XHR
application/json 58.211.2.58
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://jue.leheavengame.com/api/view/home
Requested by: Host: cdn.leheavengame.com
URL: https://cdn.leheavengame.com/jue/js/1d550355.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 58.211.2.58 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software: yunjiasu /
Resource Hash: abb4f3e5b2aa81ef028a0fa06975054abbb86b3e5ec9729de142ebb9fb48117e

Request headers

Accept: application/json, text/plain, */*
Referer: http://leheavengame.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: http://leheavengame.com
date: Thu, 11 May 2023 08:02:41 GMT
content-encoding: gzip
server: yunjiasu
vary: Accept-Encoding,Origin
yjs-id: c6f4a44d06d83397-132
content-type: application/json; charset=utf-8

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame A868 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: leheavengame.com
URL: http://leheavengame.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 23:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 23:41:35 GMT

GET
H2 200 UrlChangeTracker.js Show response
hmcdn.baidu.com/static/tongji/plugins/ 19 KB
8 KB 2733ms
239ms Script
application/x-javascript 42.81.98.48
CHINATELECOM-TIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
Requested by: Host: hm.baidu.com
URL: https://hm.baidu.com/hm.js?1a6036ed362b2ca3cc01da62da664b79
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.81.98.48 Tianjin, China, ASN58542 (CHINATELECOM-TIANJIN Tianjij,300000, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 219ca04c2c4216075197593145192ce36933a316cdc66ddec79dd2d1335a4d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:44 GMT
content-encoding: gzip
tracecode: 06844553710372610826050502
ohc-response-time: 1 0 0 0 0 0
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
server: JSP3/2.0.14
age: 86491
etag: "5f8eb0f7-4b3c"
vary: Accept-Encoding
content-type: application/x-javascript
ohc-cache-hit: tj5ct59 [2], tjctcache59 [2]
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Thu, 04 May 2023 18:11:24 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 1447ms
1447ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1503738226&si=1a6036ed362b2ca3cc01da62da664b79&v=1.3.0&lv=1&sn=1407&r=0&ww=1600&u=http%3A%2F%2Fleheavengame.com%2F&tt=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89

Requested by

Host: leheavengame.com
URL: http://leheavengame.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 May 2023 08:02:41 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 1184ms
205ms Image
text/plain 39.156.68.163
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://leheavengame.com/
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Server: 39.156.68.163 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:42 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2 200 vchm Show response
pos.baidu.com/ 1 KB
1 KB 2143ms
361ms Script
application/javascript 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/vchm?di=u6678032&uuid=ff2cb8b0eb968876&dri=0&dis=0&dai=1&ps=3197x350&enu=encoding&exps=110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162

Requested by

Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/cm.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

f2bb291af0323b06525583f50e06231c05d4938d1fed9b8cdd9ae00ab7106898

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu May 11 16:02:43 2023
server: nginx
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
content-type: application/javascript;charset=UTF-8
cache-control: post-check=0, pre-check=0
content-length: 694
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK dfxaf3-635b4cd6.js Show response
sofire.bdstatic.com/js/ 120 KB
46 KB 980ms
239ms Script
text/javascript 60.190.116.48
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
Requested by: Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/cm.js
Protocol: HTTP/1.1
Server: 60.190.116.48 Hangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 9b258107fa3806e79c13bfe06a9fb8bea0b12148dd206d83be82174e55a79373

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:42 GMT
Content-Encoding: gzip
Content-MD5: jCP+XRW28fujtaOKVuCsXw==
Age: 89994
Transfer-Encoding: chunked
x-bce-storage-class: STANDARD
Connection: keep-alive
Ohc-Cache-HIT: wz2ct52 [2], nb2ctcache51 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Last-Modified: Fri, 24 Mar 2023 08:27:41 GMT
Server: JSP3/2.0.14
ETag: "8c23fe5d15b6f1fba3b5a38a56e0ac5f"
x-bce-request-id: 48f2afbc-1a35-40e5-beb8-772910305577
Content-Type: text/javascript
x-bce-debug-id: hkv9Y0iCBnoQo4iWGaI8eZZM2cR9xQe8VSP+PrUt5xDsmvfqljAkaK8hYqtIHtmuENVGIDt2gRDkIVVDAA1rPA==
Accept-Ranges: bytes
Ohc-Global-Saved-Time: Tue, 09 May 2023 09:18:15 GMT
x-bce-content-crc32: 3715877588
Expires: Fri, 12 May 2023 09:18:15 GMT

GET
H2 200 vchm Show response
pos.baidu.com/ 1 KB
957 B 2149ms
368ms Script
application/javascript 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/vchm?di=u6678032&uuid=ea30031024fd9b46&dri=1&dis=0&dai=2&ps=641x1030&enu=encoding&exps=110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162

Requested by

Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/cm.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

f9f5c1098eaef5de270653a26608657d887cd4d4ed7299d7a19e70e8507c6a39

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu May 11 16:02:43 2023
server: nginx
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
content-type: application/javascript;charset=UTF-8
cache-control: post-check=0, pre-check=0
content-length: 692
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vchm Show response
pos.baidu.com/ 1 KB
955 B 2142ms
362ms Script
application/javascript 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/vchm?di=u6678032&uuid=ef6c4342a2e3a6ff&dri=2&dis=0&dai=3&ps=3197x350&enu=encoding&exps=110284,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162

Requested by

Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/cm.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

42cda1d754b8f89aa2524f5027b92333e640402b8b5bce261943cdfc61d78df0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 08:02:43 GMT
content-encoding: gzip
last-modified: Thu May 11 16:02:43 2023
server: nginx
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
content-type: application/javascript;charset=UTF-8
cache-control: post-check=0, pre-check=0
content-length: 694
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 8800
sofire.baidu.com/h5/e/ Frame 0
0 2154ms
246ms Preflight 36.110.192.156
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sofire.baidu.com/h5/e/8800
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-bdh5-pf
Access-Control-Request-Method: POST
Origin: http://leheavengame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://leheavengame.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Thu, 11 May 2023 08:02:45 GMT

POST
H2 200 8800 Show response
sofire.baidu.com/h5/e/ 77 B
139 B 253ms
252ms XHR
application/json 36.110.192.156
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sofire.baidu.com/h5/e/8800
Requested by: Host: sofire.bdstatic.com
URL: http://sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software: /
Resource Hash: 63f02e1a915d0eaae33c8eb6ad13469bba8e3df79a10716626b3cd702cbd4726

Request headers

Referer: http://leheavengame.com/
X-Bdh5-Pf: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 May 2023 08:02:45 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://leheavengame.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
content-length: 77

GET
H2 200 8800
sofire.baidu.com/abot/api/v1/tpl/re/ 0
58 B 2139ms
248ms Image
image/gif 36.110.192.156
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-3b5403156f811b7b753cff04418f5ad6b0a553d6&9=0&10=0&11=0&12=0&13=0&14=1&15=0&16=490&17=0&18=0&19=0&20=0&21=-1&r=init&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.92%20Safari%2F537.36&h=http%3A%2F%2Fleheavengame.com%2F&t=1683792163740
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:45 GMT
content-length: 0
content-type: image/gif

POST
H2 200 8800 Show response
sofire.baidu.com/h5/t/ 591 B
837 B 509ms
509ms XHR
application/json 36.110.192.156
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sofire.baidu.com/h5/t/8800
Requested by: Host: sofire.bdstatic.com
URL: http://sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software: /
Resource Hash: 26605c3161728bfd3883b92903da8fbb783e933d8908418d2db73d17ac301eec

Request headers

Referer: http://leheavengame.com/
X-Bdh5-Pf: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 May 2023 08:02:46 GMT
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: http://leheavengame.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
content-length: 508

OPTIONS
H2 204 8800
sofire.baidu.com/h5/t/ Frame 0
0 2139ms
286ms Preflight 36.110.192.156
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sofire.baidu.com/h5/t/8800
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-bdh5-pf
Access-Control-Request-Method: POST
Origin: http://leheavengame.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://leheavengame.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Thu, 11 May 2023 08:02:45 GMT

GET vchm
pos.baidu.com/ Frame 4B3F 0
0

GET
H2 200 vchm Show response
pos.baidu.com/ Frame 20F3 31 KB
8 KB 481ms
481ms Document
text/html 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4016849730&s2=2732828415&dri=2&dis=0&dai=3&ps=3197x350&enu=encoding&exps=116012,110283,110277,110275,110261,110252,110284,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=95b8543956719698&ft=1

Requested by

Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/cm.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

d2bf46067d2a21648b33a329a2009ce7254de6daff8423bf9e0aefd5036efab9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://leheavengame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-length: 8081
content-type: text/html;charset=UTF-8
date: Thu, 11 May 2023 08:02:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu May 11 16:02:44 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
x-xss-protection: 0

GET
H2 200 vchm Show response
pos.baidu.com/ Frame 5633 31 KB
8 KB 497ms
497ms Document
text/html 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=3929015056&s2=620600134&dri=1&dis=0&dai=2&ps=641x1030&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=2f40993187b7b4bc&ft=1

Requested by

Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/cm.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

4f0598bca4b3764448f8135bf171ad8d7c2b4d5bdd16820fcede49b0cc1301c6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://leheavengame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-length: 8131
content-type: text/html;charset=UTF-8
date: Thu, 11 May 2023 08:02:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu May 11 16:02:44 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
x-xss-protection: 0

GET
H2 200 logo-sm.css
cpro.baidustatic.com/js/logo/css/ Frame 20F3 2 KB
1002 B 833ms
275ms Stylesheet
text/css 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpro.baidustatic.com/js/logo/css/logo-sm.css
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4016849730&s2=2732828415&dri=2&dis=0&dai=3&ps=3197x350&enu=encoding&exps=116012,110283,110277,110275,110261,110252,110284,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=95b8543956719698&ft=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ohc-file-size: 670
date: Thu, 11 May 2023 08:02:45 GMT
content-encoding: br
ohc-cache-hit: yy2ct67 [2], xiangyix219 [1]
last-modified: Mon, 24 Apr 2023 02:05:16 GMT
server: JSP3/2.0.14
age: 3502
etag: "6445e3dc-850"
x-cache-status: HIT
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Thu, 11 May 2023 07:04:23 GMT
expires: Thu, 11 May 2023 08:04:23 GMT

GET
H2 200 logo.js Show response
cpro.baidustatic.com/js/logo/js/ Frame 20F3 14 KB
7 KB 835ms
278ms Script
application/x-javascript 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpro.baidustatic.com/js/logo/js/logo.js
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4016849730&s2=2732828415&dri=2&dis=0&dai=3&ps=3197x350&enu=encoding&exps=116012,110283,110277,110275,110261,110252,110284,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=95b8543956719698&ft=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ohc-file-size: 7038
date: Thu, 11 May 2023 08:02:45 GMT
content-encoding: br
ohc-cache-hit: yy2ct67 [2], suzix67 [2]
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
server: JSP3/2.0.14
age: 3272
etag: "6246a41f-371a"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Thu, 11 May 2023 07:08:13 GMT
expires: Thu, 11 May 2023 08:08:13 GMT

GET
H/1.1 200
OK adx.php
wn.pos.baidu.com/ Frame 20F3 49 B
229 B 1839ms
264ms Image
image/gif 182.61.62.32
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wn.pos.baidu.com/adx.php?c=d25pZD1mMDI4MTExNzM4OTAwZDRjAHM9ZjAyODExMTczODkwMGQ0YwB0PTE2ODM3OTIxNjQAc2U9MQBidT00AHByaWNlPVpGeWhKQUFGcUZ4N2pFcGdXNUlBOGd6X0UzNW8yWDRQbnVpZkRRAGNoYXJnZV9wcmljZT0xNjAAc2hhcmluZ19wcmljZT0xNjAwMDAAd2luX2RzcD00AGNobWQ9MQBiZGlkPTgzOTZGRDVFM0Q4QkVGNjk2MzM1QkE5Mzk2RUMyNkJFAGNwcm9pZD0Ad2Q9Mzg3MTc3OTc2NAB0dT11NjY3ODAzMgBhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9WkZ5aEpBQUZxRng3akVwZ1c1SUE4Z3pfRTM1bzJYNFBudWlmRFEAYmNobWQ9MAB0bT0yNzU1MzE2NTIAdj0xAGk9MjkwNTQyM2I
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4016849730&s2=2732828415&dri=2&dis=0&dai=3&ps=3197x350&enu=encoding&exps=116012,110283,110277,110275,110261,110252,110284,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=95b8543956719698&ft=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 182.61.62.32 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 11 May 2023 08:02:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 49
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo-sm.css
cpro.baidustatic.com/js/logo/css/ Frame 5633 2 KB
1001 B 678ms
276ms Stylesheet
text/css 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpro.baidustatic.com/js/logo/css/logo-sm.css
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=3929015056&s2=620600134&dri=1&dis=0&dai=2&ps=641x1030&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=2f40993187b7b4bc&ft=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ohc-file-size: 670
date: Thu, 11 May 2023 08:02:45 GMT
content-encoding: br
ohc-cache-hit: yy2ct67 [2], xiangyix219 [1]
last-modified: Mon, 24 Apr 2023 02:05:16 GMT
server: JSP3/2.0.14
age: 3502
etag: "6445e3dc-850"
x-cache-status: HIT
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Thu, 11 May 2023 07:04:23 GMT
expires: Thu, 11 May 2023 08:04:23 GMT

GET
H2 200 logo.js Show response
cpro.baidustatic.com/js/logo/js/ Frame 5633 14 KB
7 KB 681ms
279ms Script
application/x-javascript 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpro.baidustatic.com/js/logo/js/logo.js
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=3929015056&s2=620600134&dri=1&dis=0&dai=2&ps=641x1030&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=2f40993187b7b4bc&ft=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ohc-file-size: 7038
date: Thu, 11 May 2023 08:02:45 GMT
content-encoding: br
ohc-cache-hit: yy2ct67 [2], suzix67 [2]
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
server: JSP3/2.0.14
age: 3272
etag: "6246a41f-371a"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Thu, 11 May 2023 07:08:13 GMT
expires: Thu, 11 May 2023 08:08:13 GMT

GET
H/1.1 200
OK adx.php
wn.pos.baidu.com/ Frame 5633 49 B
229 B 1846ms
263ms Image
image/gif 182.61.62.32
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wn.pos.baidu.com/adx.php?c=d25pZD04MmRjNDI5MjI2ZGYxN2QwAHM9ODJkYzQyOTIyNmRmMTdkMAB0PTE2ODM3OTIxNjQAc2U9MQBidT00AHByaWNlPVpGeWhKQUFIX21wN2pFcGdXNUlBOGdiSnR6NlZQZkFfVmU4YmpBAGNoYXJnZV9wcmljZT0xMzEAc2hhcmluZ19wcmljZT0xMzEwMDAAd2luX2RzcD00AGNobWQ9MQBiZGlkPTgzOTZGRDVFM0Q4QkVGNjk2MzM1QkE5Mzk2RUMyNkJFAGNwcm9pZD0Ad2Q9MTMzMzI0NTc4MwB0dT11NjY3ODAzMgBhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9WkZ5aEpBQUhfbXA3akVwZ1c1SUE4Z2JKdHo2VlBmQV9WZThiakEAYmNobWQ9MAB0bT0yNzU1MzE2NTIAdj0xAGk9MDNiNmE2YTc
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=3929015056&s2=620600134&dri=1&dis=0&dai=2&ps=641x1030&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=2f40993187b7b4bc&ft=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 182.61.62.32 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 11 May 2023 08:02:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 49
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lu_hot_word.png
cpro.baidustatic.com/cpro/exp/other/img/ Frame 20F3 3 KB
3 KB 282ms
282ms Image
image/png 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpro.baidustatic.com/cpro/exp/other/img/lu_hot_word.png
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4016849730&s2=2732828415&dri=2&dis=0&dai=3&ps=3197x350&enu=encoding&exps=116012,110283,110277,110275,110261,110252,110284,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=95b8543956719698&ft=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c783b4ac4360e109ac5c9460a8206b3a6f169e6fbc9d9f10c12584350595407c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ohc-file-size: 3239
date: Thu, 11 May 2023 08:02:45 GMT
ohc-cache-hit: yy2ct77 [2], suzix219 [2]
last-modified: Fri, 10 Feb 2023 09:01:01 GMT
server: JSP3/2.0.14
age: 2486
etag: "63e607cd-ca7"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=3600
ohc-global-saved-time: Thu, 11 May 2023 07:21:19 GMT
accept-ranges: bytes
timing-allow-origin: *
content-length: 3239
expires: Thu, 11 May 2023 08:21:19 GMT

GET
H/1.1 200
OK s.php
wn.pos.baidu.com/ 49 B
229 B 1841ms
261ms Image
image/gif 182.61.62.32
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wn.pos.baidu.com/s.php?c=d25pZD04MmRjNDI5MjI2ZGYxN2QwAHdpbl9kc3A9NAB0dT11NjY3ODAzMgBzPWVhMzAwMzEwMjRmZDliNDYAdD0xNjgzNzkyMTY1AG9iPTEuMAB3b3JkPWh0dHAlM0ElMkYlMkZsZWhlYXZlbmdhbWUuY29tJTJGAGZ0PTEAaWY9MABhdz00NjgAYWg9MTUAdWlkPXU2Njc4MDMyXzEAdHlwZT1zaG93&ver=0424&rdm=1683792165527
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 182.61.62.32 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 11 May 2023 08:02:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 49
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lu_hot_word.png
cpro.baidustatic.com/cpro/exp/other/img/ Frame 5633 3 KB
3 KB 281ms
280ms Image
image/png 220.169.152.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpro.baidustatic.com/cpro/exp/other/img/lu_hot_word.png
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=3929015056&s2=620600134&dri=1&dis=0&dai=2&ps=641x1030&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=2f40993187b7b4bc&ft=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c783b4ac4360e109ac5c9460a8206b3a6f169e6fbc9d9f10c12584350595407c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

ohc-file-size: 3239
date: Thu, 11 May 2023 08:02:45 GMT
ohc-cache-hit: yy2ct77 [2], suzix219 [2]
last-modified: Fri, 10 Feb 2023 09:01:01 GMT
server: JSP3/2.0.14
age: 2486
etag: "63e607cd-ca7"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=3600
ohc-global-saved-time: Thu, 11 May 2023 07:21:19 GMT
accept-ranges: bytes
timing-allow-origin: *
content-length: 3239
expires: Thu, 11 May 2023 08:21:19 GMT

GET
H2 200 8800
sofire.baidu.com/abot/api/v1/tpl/re/ 0
22 B 286ms
286ms Image
image/gif 36.110.192.156
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-3b5403156f811b7b753cff04418f5ad6b0a553d6&9=0&10=0&11=2657&12=2&13=2655&14=0&15=0&16=490&17=6&18=36&19=1&20=0&21=0&r=lo&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.92%20Safari%2F537.36&h=http%3A%2F%2Fleheavengame.com%2F&t=1683792166444
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:46 GMT
content-length: 0
content-type: image/gif

GET
H/1.1 200
OK se.jpg
eclick.baidu.com/ 43 B
295 B 1934ms
194ms Image
image/gif 111.206.208.190
CHINA169-BJ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eclick.baidu.com/se.jpg?type=iframeLoadStatus&result=u6678032_0_0_0_0_0|u6678032_2_1_0_0_0|u6678032_1_1_0_0_0&ver=0424&rdm=1683792167161
Requested by: Host: leheavengame.com
URL: http://leheavengame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.206.208.190 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:48 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 11 May 2023 08:02:48 GMT

GET
DATA 200
OK truncated
/ Frame 20F3 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d6b560e2e0a4e379f6447b75f17f4c993f601d91c22d20af513a7781d6c0c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 20F3 347 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 063205ced11cfb8b6582590f54b2be24e5999f1b2abe3577e8a0e66f23109e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5633 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d6b560e2e0a4e379f6447b75f17f4c993f601d91c22d20af513a7781d6c0c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5633 347 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 063205ced11cfb8b6582590f54b2be24e5999f1b2abe3577e8a0e66f23109e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 99ms
70ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230509&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aae2bf96811050b6d257ebfc1b2f1bb0d3a71bdc40ebcb49d9024aab5a501e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11347
x-xss-protection: 0

GET
H2 200 auto_dup Show response
pos.baidu.com/ 59 B
132 B 329ms
329ms Script
application/javascript 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/auto_dup?di=0&uuid=55d6383a20746b7d&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&dc=4&aa=1

Requested by

Host: cpro.baidustatic.com
URL: http://cpro.baidustatic.com/cpro/ui/cm.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

2ffda53eec254a710ef53912fbf22a8db4ebcb05cbf207cf9c2ae2c5e1f8f648

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 08:02:49 GMT
last-modified: Thu May 11 16:02:49 2023
server: nginx
content-type: application/javascript;charset=UTF-8
cache-control: post-check=0, pre-check=0
content-length: 59
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 May 2023 08:02:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBF9 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leheavengame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 01:30:31 GMT
expires: Fri, 10 May 2024 01:30:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E06F 783 B
1 KB 60ms
23ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e5c5f530a83d4ff97429188850074c721b21404a82718aa9f4d643f6370d04f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wy0BBCI2buMKHh84eyHMpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://leheavengame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-wy0BBCI2buMKHh84eyHMpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 08:02:49 GMT
expires: Thu, 11 May 2023 08:02:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame EBF9 37 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 23:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 202874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 23:41:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E06F 0
0 49ms
49ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230509&jk=1800968815176223&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EBF9 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?btXiag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 08:02:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK se.jpg
eclick.baidu.com/ 43 B
295 B 194ms
194ms Image
image/gif 111.206.208.190
CHINA169-BJ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u6678032_0&ver=0424&rdm=1683792169499
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.206.208.190 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:49 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 11 May 2023 08:02:49 GMT

GET
H/1.1 200
OK se.jpg
eclick.baidu.com/ 43 B
295 B 195ms
194ms Image
image/gif 111.206.208.190
CHINA169-BJ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u6678032_2&ver=0424&rdm=1683792169499
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.206.208.190 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:49 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 11 May 2023 08:02:49 GMT

GET
H/1.1 200
OK se.jpg
eclick.baidu.com/ 43 B
295 B 391ms
191ms Image
image/gif 111.206.208.190
CHINA169-BJ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u6678032_1&ver=0424&rdm=1683792169499
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.206.208.190 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 08:02:49 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 11 May 2023 08:02:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230509&jk=1800968815176223&bg=!GhmlGU3NAAYldGN0BXQ7ADkAdvg8WgspgsSETQo_0NpVEXfRRJuBCT-8JbrHPYEafC71qGyGQ7Wg9FCkKKsq67ordlpfHhiKNikCAAAAclIAAAAHaAEHmQKkVbon1K-220PNHJQhL_-AcJS4CpvzlBuWk68_Y0aAG21rYwNzT-RJfSk5neynxlHD8JtZGmViF5cKuja5rlrKocO4lOThBaCIMtjZOT2P6J3sodVYe08nYEK7O8LrdtGGBqcUifJBRqtz4m8yoWT_N2T_EAD-cY9UBIDNSK70IODuUS1yibu0-YR-r_Vc2pMWZMEpcz82qxDVuPdB5Klf-qanvUpIv6v8ZROQFQ7r--1gUzKNXT83-wCGGm3TrWJUd4CzIf6OSvmA_QWcheETKK-usxBES5hTmdcchDhHaHrLnvJN6cJXQz7fnHwf75OeGnwDyFJFewz9BI2hB4yDYObo6i_YtN9Pbc8kE0Q1f2WbIh5LG9T-IpsKcoJNr-0qLV-xj_1lYc9qQhCzo5GQm-g7LZ5Fq3QDPA7CYPQ_NLGAsFPrkXYUhJq4PEynK4m6x0dZUP4oaI7U_HVvavWsdWFDk6JB9hesJEJ6ZjeMWCbieQykVztYokkAFLRvIzh64KP3qHdS90t7RTJmVnnSsvHrvQxtoDIVbjCxYeZfYWFflLLpyw0NRgCUx0JMEb-nCKqrmuVe872-_I5x6kjZ5HYw0X1QhqZAqqzmSWmjCBeYD_2t_PNpPi5y3bKWnLVnJCMNJJPg01qnhuYYmlOMP1fG1PiyzH8CkgqDDBC1SQUf6COAyiSu9UGPAvP2rO-VOKyMxqxQcmF0RkKx89uFQNI7dwEIUZp4bxol9LzQakPgP5CK4tKlCU2KxT1Uxdjc37B0ycIB1KVDSWQHxRZAAAuHEtzgTgeKiypwbkRpiHiJWQMNsEEIhNXUg-yy6zLfx78P8HwqUu90j_0leJxvYzBRs4mpyPOa--mMIkDFaOU4lDcmQtGVWRlSnWlBO8KsEeIIYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leheavengame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pos.baidu.com
URL: https://pos.baidu.com/vchm?conwid=468&conhei=15&rdid=6678032&dc=3&di=u6678032&s1=4281120944&s2=3952511094&dri=0&dis=0&dai=1&ps=3197x350&enu=encoding&exps=110283,110277,110275,110261,110252,110011&ant=0&psi=7b4f0fd194b7a4df&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1683792162006&ti=%E4%B8%80%E4%B8%AA%E5%B8%AE%E5%8A%A9%E5%BC%80%E5%8F%91%E8%80%85%E6%88%90%E9%95%BF%E7%9A%84IT%E6%8A%80%E6%9C%AF%E7%A4%BE%E5%8C%BA-%20%E6%83%8A%E8%A7%89&ari=2&ver=0424&dbv=2&drs=3&pcs=1600x1200&pss=1600x3468&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1683792162&prot=2&rw=1200&ltu=http%3A%2F%2Fleheavengame.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1683792162&qn=18c278f36e2babed&ft=1

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leheavengame.com/	1970-01-20 21:19:12	Name: __yjs_duid Value: 1_e89647fc604ac0606a862639efdb5bcb1683792157156
.leheavengame.com/	1970-01-20 21:04:48	Name: __gads Value: ID=2f2b2926429a3ffe-22b95dfc97df0020:T=1683792158:RT=1683792158:S=ALNI_MZag_B85uJptgq6C7JHuoLUWryl6w
.leheavengame.com/	1970-01-20 21:04:48	Name: __gpi Value: UID=00000bf082938069:T=1683792158:RT=1683792158:S=ALNI_MZqLWcSqGADGposXClbrULgd980aA
.doubleclick.net/	1970-01-20 11:43:13	Name: test_cookie Value: CheckForPermission
.hm.baidu.com/	1970-01-20 21:19:12	Name: HMACCOUNT_BFESS Value: EC1258EDFE670D5B
.leheavengame.com/	1970-01-20 20:28:48	Name: Hm_lvt_1a6036ed362b2ca3cc01da62da664b79 Value: 1683792162
.leheavengame.com/	1969-12-31 23:59:59	Name: Hm_lpvt_1a6036ed362b2ca3cc01da62da664b79 Value: 1683792162
leheavengame.com/	1970-01-20 21:19:12	Name: __bid_n Value: 18809d57399b5c6e9e4207
.baidu.com/	1970-01-20 20:28:48	Name: BAIDUID_BFESS Value: 8396FD5E3D8BEF696335BA9396EC26BE:FG=1
leheavengame.com/	1970-01-20 21:19:12	Name: FPTOKEN Value: sWML2hreTIz/qWLpYvDE46cz+TOgF8UGXGPL41XX+JGXw+VYmCooT/dCeZDoU/dT0xfHJFcn29hrRET57QVBqyHqL+lH/LScGO4o0K7IIPD8/DJdWUokUcNpKdfCzTmsPRrmUTNcS3eQuQZsN5Fi9DGdMZegqsNc0FPUE3h8kV7p0Q2B31/6hK6yS9vc3Jtw7LTIQLwZN6b50DGA6qdyVxQmQRkDWwonriwyNkHcMvPKgjd+gXlNl0Eu6jRIsBy2/OZGizv6exmc59FWQZoYxPVDBkJzaKsRhtRN/wtVDodm0uVp/TitbV0msKaNe2T85YokepucodB+sP8CPkj4kD2PxC5jKbtVnOhvdZ3RBHizClt7WGpTW3aj+ArMk1nD7OxtAk6kZKlWkroQKUCDfg==\|MZ7hcEU17kVpV0Z7uv22LUzaKMufo07SgRXJJGirZKs=\|10\|ecc5147a11de31dfefc56e08f8fd4c10

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://leheavengame.com/(Line 66) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://leheavengame.com/(Line 66) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.share.baidu.com
cdn.leheavengame.com
cpro.baidustatic.com
eclick.baidu.com
fonts.googleapis.com
googleads.g.doubleclick.net
hm.baidu.com
hmcdn.baidu.com
jue.leheavengame.com
leheavengame.com
pagead2.googlesyndication.com
partner.googleadservices.com
pos.baidu.com
push.zhanzhang.baidu.com
s.ssl.qhres2.com
sofire.baidu.com
sofire.bdstatic.com
tpc.googlesyndication.com
wn.pos.baidu.com
www.google.com
www.googletagservices.com
www.gstatic.com
pos.baidu.com
103.235.46.191
111.206.208.190
180.101.212.103
182.61.200.109
182.61.62.32
220.169.152.35
2600:9000:2251:6600:12:30a1:de00:93a1
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
36.110.192.156
39.156.68.163
42.81.98.48
58.211.2.58
60.190.116.48
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
03fe01e25e2cb23fbebea29d2cbd4fc0bb3e590242aebee79963fc785dd0d8a7
063205ced11cfb8b6582590f54b2be24e5999f1b2abe3577e8a0e66f23109e2f
07e2db6b20e943d021a97427811c24f85fff31e32c165af739f1faa8ef036535
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
1d6b560e2e0a4e379f6447b75f17f4c993f601d91c22d20af513a7781d6c0c4d
1db50fa324a6927d063bb80e36292306cd7f5bda1e3565717676b13d4ff3370a
219ca04c2c4216075197593145192ce36933a316cdc66ddec79dd2d1335a4d76
2394243356f48bfa6158d8000b9c63ebbad295ccce08ecc7fd9aedb0847c41f1
26605c3161728bfd3883b92903da8fbb783e933d8908418d2db73d17ac301eec
26f765c41f8cdc37c8d3df9b83d9cce889e11bda7cac11bfaae6268f01c34723
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfd99a6e01f364bf75a72550b9871ad949d02d4e21150807d884642078b3c5f
2ffda53eec254a710ef53912fbf22a8db4ebcb05cbf207cf9c2ae2c5e1f8f648
30563810c340561981d62118cdcdf0f4a5f44bea12b607fefba8b66f6a250b98
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
42cda1d754b8f89aa2524f5027b92333e640402b8b5bce261943cdfc61d78df0
4bdc59baae558f2bb4aad4d8e19ff7a982f0077b147332663af396a4a372e61f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f0598bca4b3764448f8135bf171ad8d7c2b4d5bdd16820fcede49b0cc1301c6
503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570f493148a137ca141766e28b809837eff9c5c2cb2558ef0ffd83023714f210
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f02e1a915d0eaae33c8eb6ad13469bba8e3df79a10716626b3cd702cbd4726
65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd
65917e06292df2b7f519d11810b30f8fa9dcd3c9c56c5da31c35d4d7d428b2d7
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6959e26b9110e9a076beeda49d4571a114646d9587517b5cd36bc702729da10e
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
726533a3e5835ab239bf99f7e39916ff3de9cc49e9e076b44003e09d3d156660
74ca4883cd10e9442d7a000185005a6cba169478a7b1bf9b3caee7ceaf0993a7
7f5f2c370ebb73960623cf3f6e61aab1503fdb1889d13eb39d020081f3b893eb
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
906337563c1dc62a0f3c2ca6605e2d528bfec2d771a7f7845c3b9c61cd896101
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
9b258107fa3806e79c13bfe06a9fb8bea0b12148dd206d83be82174e55a79373
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513
a2c6f2f2a1c52ce023f0413c31d546e0cac1132c7bd622469251e3819b9561d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8ec9c26efd3ba1611abdb81484a12a4b773cb37b824cf8e430282993854c042
aae2bf96811050b6d257ebfc1b2f1bb0d3a71bdc40ebcb49d9024aab5a501e6f
abb4f3e5b2aa81ef028a0fa06975054abbb86b3e5ec9729de142ebb9fb48117e
baef3c95ad8f736b0ebcb145a34730c623fb5b586780a6bbf959cfa03d6a5437
c783b4ac4360e109ac5c9460a8206b3a6f169e6fbc9d9f10c12584350595407c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2bf46067d2a21648b33a329a2009ce7254de6daff8423bf9e0aefd5036efab9
d3323ce54c3496efdfb87b709af0e8268cacae3e2a1af671baa12e4966363093
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c5f530a83d4ff97429188850074c721b21404a82718aa9f4d643f6370d04f7
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ee2b464feabfe52d663e4f2f8964c8c928e205dd366bbcb43bc30b8275e8010d
f2bb291af0323b06525583f50e06231c05d4938d1fed9b8cdd9ae00ab7106898
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9f5c1098eaef5de270653a26608657d887cd4d4ed7299d7a19e70e8507c6a39
fa7e842c3d836663b279c12a0bdd0baca93227732234da6e2db6ba1a28d59aea
fbe329e68d02bf400d47f86bb2728739171c2aec4abcba995d7467f0f62cf8ec
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
ff9113d9add718b1d56f324cee7374c67cac858a88bb01e70391e95484b82276

leheavengame.com Open in urlscan Pro 58.211.2.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

78 %HTTPS

48 %IPv6

13 Domains

24 Subdomains

22 IPs

4 Countries

1963 kBTransfer

4316 kBSize

10 Cookies

11 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leheavengame.com Open in urlscan Pro
58.211.2.58 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

78 %
HTTPS

48 %
IPv6

13
Domains

24
Subdomains

22
IPs

4
Countries

1963 kB
Transfer

4316 kB
Size

10
Cookies

83 HTTP transactions
4 data transactions