urlscan.io logo urlscan.io
SecurityTrails logo

www.1ppt.com Open in urlscan Pro
39.107.194.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.1ppt.com/article/49508.html
Effective URL: https://www.1ppt.com/article/49508.html
Submission: On January 09 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 15 domains to perform 129 HTTP transactions. The main IP is 39.107.194.178, located in Beijing, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is www.1ppt.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on November 28th 2022. Valid for: a year.
This is the only time www.1ppt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 39.107.194.178 37963 (ALIBABA-C...)
7 183.136.232.44 136190 (CHINATELE...)
8 2409:8c15:281... 9808 (CHINAMOBI...)
1 47.253.50.2 45102 (ALIBABA-C...)
8 111.174.61.133 136194 (CHINATELE...)
2 220.169.152.35 4134 (CHINANET-...)
1 60.190.116.48 4134 (CHINANET-...)
1 119.188.176.49 4837 (CHINA169-...)
8 182.61.200.109 38365 (BAIDU Bei...)
6 36.110.192.156 23724 (CHINANET-...)
3 182.61.62.32 38365 (BAIDU Bei...)
6 183.131.118.38 136190 (CHINATELE...)
15 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 103.143.19.103 134760 (CHINANET-...)
1 120.78.77.218 37963 (ALIBABA-C...)
1 111.174.61.132 136194 (CHINATELE...)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 4 172.217.16.194 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 3 37.252.171.52 29990 (ASN-APPNEX)
11 2a00:1450:400... 15169 (GOOGLE)
10 110.242.68.137 4837 (CHINA169-...)
2 142.251.39.66 15169 (GOOGLE)
129 30
3    39.107.194.178 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
www.1ppt.com
7    183.136.232.44 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
js.1ppt.com
8    2409:8c15:2812:1000:8000:0:b00:92 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
img.1ppt.com
1    47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
sdk.51.la
8    111.174.61.133 (China)

ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN)
d1.1ppt.com
2    220.169.152.35 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
cpro.baidustatic.com
1    60.190.116.48 (Hangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
sofire.bdstatic.com
1    119.188.176.49 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
cbjs.baidu.com
8    182.61.200.109 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
pos.baidu.com
6    36.110.192.156 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
sofire.baidu.com
3    182.61.62.32 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
wn.pos.baidu.com
6    183.131.118.38 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
unmc.cdn.bcebos.com
15    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)
collect-v6.51.la
1    120.78.77.218 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
collect-v6-alqy.51.la
1    111.174.61.132 (China)

ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN)
d2.1ppt.com
13    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
11    2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    110.242.68.137 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
eclick.baidu.com
2    142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
347 KB
28 baidu.com
cbjs.baidu.com — Cisco Umbrella Rank: 204646
pos.baidu.com — Cisco Umbrella Rank: 17059
sofire.baidu.com — Cisco Umbrella Rank: 13439
wn.pos.baidu.com — Cisco Umbrella Rank: 24199
eclick.baidu.com — Cisco Umbrella Rank: 27050
64 KB
27 1ppt.com
www.1ppt.com
js.1ppt.com
img.1ppt.com
d1.1ppt.com
d2.1ppt.com
457 KB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
78 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
414 KB
6 bcebos.com
unmc.cdn.bcebos.com — Cisco Umbrella Rank: 333078
189 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
1 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
3 KB
3 51.la
sdk.51.la — Cisco Umbrella Rank: 54681
collect-v6.51.la — Cisco Umbrella Rank: 49435
collect-v6-alqy.51.la — Cisco Umbrella Rank: 52528
14 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
96 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
914 B
2 baidustatic.com
cpro.baidustatic.com — Cisco Umbrella Rank: 21185
4 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
694 B
1 bdstatic.com
sofire.bdstatic.com — Cisco Umbrella Rank: 28833
116 KB
129 15
Domain Requested by
15 pagead2.googlesyndication.com js.1ppt.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
11 s0.2mdn.net www.1ppt.com
s0.2mdn.net
10 eclick.baidu.com www.1ppt.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 pos.baidu.com d1.1ppt.com
cbjs.baidu.com
8 d1.1ppt.com js.1ppt.com
d1.1ppt.com
pos.baidu.com
8 img.1ppt.com www.1ppt.com
7 js.1ppt.com www.1ppt.com
js.1ppt.com
6 unmc.cdn.bcebos.com www.1ppt.com
6 sofire.baidu.com sofire.bdstatic.com
www.1ppt.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 wn.pos.baidu.com pos.baidu.com
www.1ppt.com
3 www.1ppt.com 1 redirects www.1ppt.com
2 googleads4.g.doubleclick.net www.1ppt.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 cpro.baidustatic.com d1.1ppt.com
pos.baidu.com
1 d2.1ppt.com d1.1ppt.com
1 collect-v6-alqy.51.la sdk.51.la
1 collect-v6.51.la sdk.51.la
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cbjs.baidu.com js.1ppt.com
1 sofire.bdstatic.com d1.1ppt.com
1 sdk.51.la www.1ppt.com
129 29

This site contains links to these domains. Also see Links.

Domain
beian.miit.gov.cn
Subject Issuer Validity Valid
*.1ppt.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-28 -
2023-11-28		 a year crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-19 -
2023-05-21		 a year crt.sh
d1.1ppt.com
TrustAsia TLS RSA CA		 2022-04-23 -
2023-04-23		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
*.cdn.bcebos.com
DigiCert Secure Site Pro CN CA G3		 2022-11-24 -
2023-05-09		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
d2.1ppt.com
TrustAsia TLS RSA CA		 2022-04-23 -
2023-04-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://www.1ppt.com/article/49508.html
Frame ID: 466364726B356A85DF3AE2D9A90D66A1
Requests: 59 HTTP requests in this frame

Frame: https://pos.baidu.com/s?wid=468&hei=15&di=u933009&s1=2856602106&s2=2278113244&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=156x248&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228762&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&dft=0&ft=1
Frame ID: B3B3C70DDDB97D87818B97F65C05BCC2
Requests: 7 HTTP requests in this frame

Frame: https://unmc.cdn.bcebos.com/1612176597258_975701074.png
Frame ID: D1826F10416763470F6D4EBEC3123C15
Requests: 1 HTTP requests in this frame

Frame: https://unmc.cdn.bcebos.com/1669689358550_2031796275.png
Frame ID: D5649D6ECCC84744C0F7DD44EA13CCCF
Requests: 1 HTTP requests in this frame

Frame: https://unmc.cdn.bcebos.com/1670483310621_298274801.png
Frame ID: E4A1D7B75F51ADA2348140D5EC754766
Requests: 1 HTTP requests in this frame

Frame: https://unmc.cdn.bcebos.com/1641428471632_1946387433.png
Frame ID: 73B9AB11B422F16AABFFB26D851C43E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html
Frame ID: 6D9287F1BF65D463315A3A7BC8DCD215
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Frame ID: F193BB18163FA9B09995E50019EF87DD
Requests: 10 HTTP requests in this frame

Frame: https://unmc.cdn.bcebos.com/1663121831848_477794674.png
Frame ID: BDC203390326DA8D8C1F5C76D2DF68EC
Requests: 1 HTTP requests in this frame

Frame: https://unmc.cdn.bcebos.com/1615358315132_313488608.gif
Frame ID: A0FCC0613BF3C3250835280623C75713
Requests: 1 HTTP requests in this frame

Frame: https://pos.baidu.com/s?wid=336&hei=280&di=u3474914&s1=2297970914&s2=2349586891&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=1338x1024&drs=1&pcs=1600x1200&pss=1600x3195&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228767&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=8&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&fpt=sMJAFCoeYbUvG1RIi/9KiBUBlAw21a+uUXnJzR3ADPqcs+U/FVFWZZuT0g7NUSnkXGlbQR4RwRlvC1k+/8dUEPdc8ykVurQBkQ05nDRSGWzmUCgQqWHNnqqQ7wHp+TALgvaNOLoy/T4cUzpLt3/uVTguV8LG0T+3PPVJvYKDG/kXB2eFeVqE+dK+UO/hoPKj6/1jaUk9/NzQ0qT4mxx+E7kvyJnXvWTia5tAkK+cAwMmbc+U7M1U2jjHWjdkL0KRKbPhGDJ4NxrnzL9e3JMswOCCdycYvAHUyB9smYG6hjNHrBNK4SbkUC8m/I53Dr2e/yEMmXBhDq9Oe5cLy53YDF86+xKc/DemnKTsUg2NAWgg0kOGWwGt+VPAYhOdxK3aOwtK4ERxDPd7NI+EoZnXdw==|4qr4cMj6pTAyc2VMAf2a1/e9Pw3J3LqoACNBAdTdmDM=|10|bde01cf1a1f8ec502341a40a6f2c4def&dft=0&ft=1
Frame ID: 905405B1C62CF9F777645447FFEA569C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Frame ID: 1018E9914C90FB8514C822568FADB8FA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&adk=1812271804&adf=3025194257&lmt=1648871992&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766872&bpp=1&bdt=8048&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280%2C300x600&nras=1&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
Frame ID: D9C58B3B5E67AB42C13D6198B3E5E8D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb-_jcATAB&v=APEucNXgEjBmZLGb8mKffsixW8R37175JBTjuXqfUODvlRFfWAOstqtq079R-lE9Ohs8tSzS5ZQO7Nlbte1yqA75ABQMQHr6XDErOIL05Ow9ZfStsgTIlcAe93vf1BH_WRItnA0sxvaSLwafayqUXDcj_W4Gp3qCm8B6XmIuZwvllfhw5rGUcPk
Frame ID: C4BE8D382B1B54D1C4D268B13ED4815B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A7969FB119E27C04F1937D0B9A7A9911
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 61B95FF1B421B05EC999DD2E139AB83A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8DEDCB7FD93E577079609A9659996372
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
Frame ID: 04AD790D41F102D5C4B01236B53F5C2B
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: D717CA440B63C8DE6F2A80F1DBA1BD7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5E1CD0D394D50EE2CA6C67B319F2B50
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA657A1F74DACD4980F53B0616CF3B45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

三张梅花灯笼春节PPT背景图片 - 第一PPT

Page URL History Show full URLs

  1. http://www.1ppt.com/article/49508.html HTTP 301
    https://www.1ppt.com/article/49508.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

129
Requests

97 %
HTTPS

34 %
IPv6

15
Domains

29
Subdomains

30
IPs

5
Countries

1784 kB
Transfer

3391 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.1ppt.com/article/49508.html HTTP 301
    https://www.1ppt.com/article/49508.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
Request Chain 85
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7tx36-AwWeEvgIdloviIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF2gurhpdgImJCzyZ3kSvzM&google_cver=1
Request Chain 87
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDQ1MTYzNzUyMzMyMDc5OQ%3D%3D
Request Chain 88
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

129 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 49508.html
www.1ppt.com/article/
Redirect Chain
  • http://www.1ppt.com/article/49508.html
  • https://www.1ppt.com/article/49508.html
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.107.194.178 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
24483a68ad83ebfd0a83b3885bc50dd7d3690b8026fe2f8234a6fa6511402c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
13271
Content-Type
text/html
Date
Mon, 09 Jan 2023 01:45:58 GMT
ETag
"ca21c1b4646d81:0"
Last-Modified
Sat, 02 Apr 2022 03:59:52 GMT
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000

Redirect headers

Connection
keep-alive
Content-Length
239
Content-Type
text/html
Date
Mon, 09 Jan 2023 01:45:58 GMT
Location
https://www.1ppt.com/article/49508.html
Server
Tengine
core.css
js.1ppt.com/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.1ppt.com/core.css
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.136.232.44 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
5cda01a9655d5719b0b23abeb42d9654a259bec0b38aa6b8be0c307e6692c172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
tgR7Y9242Aj4xUVN9qSyJA==
Age
253784
X-Reqid
t-sAAAAkjaH1-BsX
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="core.css"; filename*=utf-8''core.css
Connection
keep-alive
Content-Length
946
X-M-Reqid
8YA2PUUAD
X-M-Log
QNM:cdn-cache-tel-zjqz-qz-2;QNM3
Last-Modified
Wed, 01 Dec 2021 08:47:11 GMT
Server
openresty
Etag
"FuWexREsHRYhOqrevd0aAejOO5tS.gz"
Access-Control-Max-Age
2592000
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
1ppt.css
js.1ppt.com/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.1ppt.com/1ppt.css
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.136.232.44 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
770d4729e571e74ec240e6bb395ff8b4573e4754f86e5aa3f68797d594e92eab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
64k9Wq8AFk926813BLlbUQ==
Age
1450512
X-Reqid
cwQAAADtoydvQwUX
Transfer-Encoding
chunked
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="1ppt.css"; filename*=utf-8''1ppt.css
Connection
keep-alive
X-M-Reqid
ZIgU3W0Uy
X-M-Log
QNM:cdn-cache-tel-zjqz-qz-1;QNM3
Last-Modified
Tue, 26 Jul 2022 03:19:35 GMT
Server
openresty
Etag
"FihyjVqQzTcGRApFpvk-5hiEm9Ii.gz"
Access-Control-Max-Age
2592000
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
ads.js
js.1ppt.com/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.1ppt.com/ads.js
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.136.232.44 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
605440c6e1769b7a488bc99af00ab2d327b04453f4aa099efc08ffc7c4247f94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
mM18NKEVotJLxkQU2r0Jhg==
Age
586009
X-Reqid
rfsAAABH0oG4azYX
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="ads.js"; filename*=utf-8''ads.js
Connection
keep-alive
Content-Length
1730
X-M-Reqid
QiYRfGXEY
X-M-Log
QNM:cdn-cache-tel-zjqz-qz-1;QNM3
Last-Modified
Mon, 02 Jan 2023 06:58:39 GMT
Server
openresty
Etag
"Fn4-pEJFXQnKQD8WeNhcNF27hpX3.gz"
Access-Control-Max-Age
2592000
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
logo.gif
js.1ppt.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.1ppt.com/logo.gif
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.136.232.44 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
0513d6a92436fcd786f0be7a7e8d364d5d81c2906a313f94f26bb04937d53c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:00 GMT
X-Svr
IO
Age
950491
X-Reqid
jgIAAAAefxtV6twW
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="logo.gif"; filename*=utf-8''logo.gif
Connection
keep-alive
Content-Length
2215
X-M-Reqid
ZDfrD3cEN
X-M-Log
QNM:cdn-cache-tel-zjqz-qz-4;QNM3
Last-Modified
Thu, 29 Jan 2015 11:06:30 GMT
Server
openresty
Etag
"Fp-bBO6XGfJk7i-WVkmnrnGZwpiQ"
Access-Control-Max-Age
2592000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
1_181219162157_1.JPG
img.1ppt.com/uploads/allimg/1812/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1812/1_181219162157_1.JPG
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
b28c8e57a61f7ee5cd2202c834615a63adbdee2cb81268fdf97b2e56959ba161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:02 GMT
Via
cache06.zzmp,cache07.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Content-Md5
1GvRLmIfMjGwX7hg5VgL2Q==
Age
193
X-Reqid
rLMAAADUovGh_S8X
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="1_181219162157_1.JPG"; filename*=utf-8''1_181219162157_1.JPG
Connection
keep-alive
Content-Length
92710
X-M-Reqid
UYIAALqKEO6EgDgX
X-M-Log
QNM:jjh1832;SRCPROXY:jjh1533;SRC:1/304;SRCPROXY:1/304;QNM3:3/304
Last-Modified
Tue, 01 Jan 2019 03:18:46 GMT
Server
Byte-nginx
Etag
"FteKv4l5OfGqM6FxGTkbIt9b9jfU"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
1_181219162157_2.JPG
img.1ppt.com/uploads/allimg/1812/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1812/1_181219162157_2.JPG
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
04d581f6989f348fdbb6a5ec61ef79a184b569ad1d9a98ed595b3c05f7d485b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:02 GMT
Via
cache28.yzmp,cache03.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Content-Md5
zRq5jb7m4poSizBWvCGGyw==
Age
1102
X-Reqid
hZoAAAC17z4LVDgX
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="1_181219162157_2.JPG"; filename*=utf-8''1_181219162157_2.JPG
Connection
keep-alive
Content-Length
94019
X-M-Reqid
Tj4AAI6Pc0qxfzgX
X-M-Log
QNM:jjh1512;SRCPROXY:jjh1499;SRC:1/304;SRCPROXY:1/304;QNM3:2/304
Last-Modified
Tue, 01 Jan 2019 03:18:47 GMT
Server
Byte-nginx
Etag
"Fp9vDdyvR332Ley9ZvFUl_n5XCKW"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
1_181219162157_3.JPG
img.1ppt.com/uploads/allimg/1812/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1812/1_181219162157_3.JPG
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
f6a4fabcc414cee681c92dad16a3694cf88cf8d2e5922c936ff9efa884dd934e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:02 GMT
Via
cache52.jnmp,cache07.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Content-Md5
MDSK7IL7raq9ZxMgqrLWzA==
Age
1566
X-Reqid
GzMAAADj5KRQUTgX
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="1_181219162157_3.JPG"; filename*=utf-8''1_181219162157_3.JPG
Connection
keep-alive
Content-Length
94127
X-M-Reqid
oEcAAOGcdz1FfzgX
X-M-Log
QNM:xs1163;SRCPROXY:xs490;SRC:2/304;SRCPROXY:2/304;QNM3:3/304
Last-Modified
Tue, 01 Jan 2019 03:18:47 GMT
Server
Byte-nginx
Etag
"FimNZLvxqkT89Vq-JyE6lk8LCn1Y"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
1_0620155233O25.jpg
img.1ppt.com/uploads/allimg/1706/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1706/1_0620155233O25.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
4dccdee0d68bb48df3a6f0dafdc948f7ec8f78d347f67006ed45b935e5997281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:02 GMT
Via
cache104.zzmp,cache06.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Age
0
X-Reqid
a_oAAADCvhEMHTcX
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="1_0620155233O25.jpg"; filename*=utf-8''1_0620155233O25.jpg
Connection
keep-alive
Content-Length
9587
X-M-Reqid
9JEAAGMHNtSxgDgX
X-M-Log
QNM:jjh1834;SRCPROXY:jjh1497;SRC:5/304;SRCPROXY:5/304;QNM3:6/304
Last-Modified
Mon, 03 Jul 2017 01:04:11 GMT
Server
Byte-nginx
Etag
"FppCtdaXjfgukvk1oTC3arNkepma"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
1_01111519145P3.jpg
img.1ppt.com/uploads/allimg/1701/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1701/1_01111519145P3.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
9cd8ccae7511a39665c55efcf02c008d864871d3217a7ed98ad3b7e0c43082ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:02 GMT
Via
cache93.jnmp,cache05.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Age
26
X-Reqid
6_kAAAAG5i0BQzgX
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="1_01111519145P3.jpg"; filename*=utf-8''1_01111519145P3.jpg
Connection
keep-alive
Content-Length
10139
X-M-Reqid
AkEAAF-6Vr6rgDgX
X-M-Log
QNM:xs473;SRCPROXY:xs1754;SRC:3/304;SRCPROXY:3/304;QNM3:6/304
Last-Modified
Thu, 02 Feb 2017 00:23:11 GMT
Server
Byte-nginx
Etag
"FhXAo4WA3QiO-uw5ZrjhX5xfMfai"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
4_041Q62154a35.jpg
img.1ppt.com/uploads/allimg/1604/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1604/4_041Q62154a35.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
69c3b88fccd0127a1a844a2c2fad85be5683fe0e0188fb1feaf808efd2b0abbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:03 GMT
Via
cache67.yzmp,cache05.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Age
1608
X-Reqid
vuEAAABz3TrKYjcX
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="4_041Q62154a35.jpg"; filename*=utf-8''4_041Q62154a35.jpg
Connection
keep-alive
Content-Length
10325
X-M-Reqid
jkEAALntuYw7fzgX
X-M-Log
QNM:xs1165;SRCPROXY:xs482;SRC:1/304;SRCPROXY:1/304;QNM3:3/304
Last-Modified
Thu, 02 Jun 2016 02:56:39 GMT
Server
Byte-nginx
Etag
"FqK6KJ4glQbFLsNNrjNr5gjRoEPf"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
4_0406103KB5D.jpg
img.1ppt.com/uploads/allimg/1604/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1604/4_0406103KB5D.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
74536ba01c6246c2d68469d616eda8ab1614c4b4df5cc125bb0877cb26ef9a2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:03 GMT
Via
cache39.sdqdmp,cache06.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Age
1608
X-Reqid
vSsAAAAOPO3GRDgX
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="4_0406103KB5D.jpg"; filename*=utf-8''4_0406103KB5D.jpg
Connection
keep-alive
Content-Length
13083
X-M-Reqid
4nkAAA3SY4w7fzgX
X-M-Log
QNM:xs1183;SRCPROXY:xs482;SRC:1/304;SRCPROXY:1/304;QNM3:43/304
Last-Modified
Thu, 02 Jun 2016 02:56:09 GMT
Server
Byte-nginx
Etag
"FqMZw9bmqPX-CObfsc2DUP_hE02P"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
1-1Z21H25H60-L.jpg
img.1ppt.com/uploads/allimg/1902/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1ppt.com/uploads/allimg/1902/1-1Z21H25H60-L.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c15:2812:1000:8000:0:b00:92 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
93bb969581d9fa1270d0595cda5ca5d59d02fe0d0c3d30ef44235db515bc8875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:03 GMT
Via
cache73.jswxmp,cache07.lndlcm04
X-Svr
IO
X-Tt-Trace-Tag
id=5
Content-Md5
WA6HyBjzYGaXbAz1ycr74w==
Age
1608
X-Reqid
MRQAAAASLIKs7TcX
X-Bdcdn-Cache-Status
TCP_HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="1-1Z21H25H60-L.jpg"; filename*=utf-8''1-1Z21H25H60-L.jpg
Connection
keep-alive
Content-Length
15078
X-M-Reqid
XSYAAGLNZoo7fzgX
X-M-Log
QNM:xs453;SRCPROXY:xs1752;SRC:3/304;SRCPROXY:3/304;QNM3:34/304
Last-Modified
Thu, 28 Feb 2019 16:51:47 GMT
Server
Byte-nginx
Etag
"FuQceYaQkhDMFnB9T1pEqpOLLnB-"
Access-Control-Max-Age
2592000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
X-Request-Ip
2a03:1b20:6:f011::2e
X-Response-Cinfo
2a03:1b20:6:f011::2e
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Validate,Hit
X-Response-Cache
edge_hit
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
1848a8c4d5720a57c7ed330ea7ed917cdf290282af271fad0510067a8d1a3b03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Jan 2023 09:37:26 GMT
Server
openresty
ETag
W/"63b3f756-8724"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1296000
Access-Control-Allow-Credentials
true
Connection
keep-alive
count.php
www.1ppt.com/plus/ 		0
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1ppt.com/plus/count.php?aid=49508&mid=1
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.107.194.178 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/10.0 / PHP/5.2.17
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/article/49508.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:00 GMT
Strict-Transport-Security
max-age=31536000
Server
Microsoft-IIS/10.0
Connection
keep-alive
X-Powered-By
PHP/5.2.17
Content-Length
0
Content-Type
text/html; charset=gb2312
fh.js
d1.1ppt.com/common/ez/source/hr/r/resource/f/production/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/common/ez/source/hr/r/resource/f/production/fh.js
Requested by
Host: js.1ppt.com
URL: https://js.1ppt.com/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
87332396860ea6ea43ac0f3e5d7f6b03f17d07ff20a81544c1dd2a016462b097

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:01 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 05:54:50 GMT
server
yunjiasu
yjs-cachestatus
HIT
yjs-id
c0a8cb83b65f2716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=3600
content-length
2233
expires
Mon, 09 Jan 2023 02:46:01 GMT
topbg.gif
js.1ppt.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.1ppt.com/topbg.gif
Requested by
Host: js.1ppt.com
URL: https://js.1ppt.com/1ppt.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.136.232.44 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
431fa2bdc454f28dc95f2cfb362c6baacac7c2d00621a8645f648aa4a26d3239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.1ppt.com/1ppt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:00 GMT
X-Svr
IO
Content-Md5
z1RUnXp+N+KB6wB9luuQVA==
Age
254561
X-Reqid
RP8AAAANJSxQ6twW
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="topbg.gif"; filename*=utf-8''topbg.gif
Connection
keep-alive
Content-Length
6902
X-M-Reqid
ucwSgvZsf
X-M-Log
QNM:cdn-cache-tel-zjqz-qz-2;QNM3
Last-Modified
Mon, 31 Aug 2020 01:54:16 GMT
Server
openresty
Etag
"FsS7ybnEBiAFK9UnChrJrFYFOwQr"
Access-Control-Max-Age
2592000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
xtvzuvo.js
d1.1ppt.com/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/xtvzuvo.js
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/common/ez/source/hr/r/resource/f/production/fh.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
5216f693f84f0ab04845c53c2a94d4465ca9da6794f9bcf316205e5de2c876c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:02 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 05:54:50 GMT
server
yunjiasu
yjs-cachestatus
HIT
yjs-id
c0a8cb85b6732716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=3600
expires
Mon, 09 Jan 2023 02:46:02 GMT
pr.js
cpro.baidustatic.com/cpro/ui/ 		255 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpro.baidustatic.com/cpro/ui/pr.js
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/common/ez/source/hr/r/resource/f/production/fh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
f012f754c1f5e78fb4b99e0b0fc3f56297c1654488072f7a39bcb3ef37b58c14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
165
date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
br
ohc-cache-hit
yy2ct64 [2], wzix64 [2]
last-modified
Thu, 10 Nov 2022 03:51:13 GMT
server
JSP3/2.0.14
age
2121
etag
"636c7531-ff"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
ohc-global-saved-time
Mon, 09 Jan 2023 01:10:44 GMT
expires
Mon, 09 Jan 2023 02:10:44 GMT
dfxaf3-635b4cd6.js
sofire.bdstatic.com/js/ 		316 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/common/ez/source/hr/r/resource/f/production/fh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.190.116.48 Hangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
b0c6aeb621b80dc3cdd959277027a636c01531514340b06a69e357d37c5776c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:04 GMT
content-encoding
br
content-md5
bIrwDhTzlLYkpLN00Yubeg==
age
243509
x-bce-storage-class
STANDARD
ohc-cache-hit
wz2ct53 [2], nb2ctcache51 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Fri, 06 Jan 2023 03:24:00 GMT
server
JSP3/2.0.14
etag
"6c8af00e14f394b624a4b374d18b9b7a"
x-bce-request-id
721fd90f-6b1d-43c1-a6da-3188e9ec3add
x-bce-restore-tier
-
content-type
text/javascript
x-bce-debug-id
oBRnL9Rm6mktChfh+Q/bZOLxVybYIdLP1hOBqfmojYkP0j/g0lHmCeGRQa0TvkxHWlcUmy/vEhEATyXRFP3ibg==
x-bce-restore-cache
-
accept-ranges
bytes
ohc-global-saved-time
Fri, 06 Jan 2023 03:30:38 GMT
x-bce-content-crc32
1362413814
expires
Mon, 09 Jan 2023 03:30:38 GMT
m.js
cbjs.baidu.com/js/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbjs.baidu.com/js/m.js
Requested by
Host: js.1ppt.com
URL: https://js.1ppt.com/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.188.176.49 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
f37f9804b3b49a2971c55a441e67780aa036eb3c9e13668e9475051af8b3feae

Request headers

Referer
https://www.1ppt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 09 Jan 2023 01:46:04 GMT
content-encoding
gzip
ohc-cache-hit
jn2un81 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Wed, 21 Dec 2022 05:54:50 GMT
server
JSP3/2.0.14
age
57
content-type
text/javascript; charset=utf-8
accept-ranges
bytes
ohc-global-saved-time
Mon, 09 Jan 2023 01:45:07 GMT
content-length
38066
s
pos.baidu.com/ Frame B3B3 		30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/s?wid=468&hei=15&di=u933009&s1=2856602106&s2=2278113244&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=156x248&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228762&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&dft=0&ft=1
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0b7390aa142fea8bd1f3131f13d2b420ba484b1e3d51b0d6b909a9e47af8bfdc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
post-check=0, pre-check=0
content-encoding
gzip
content-length
7717
content-type
text/html;charset=UTF-8
date
Mon, 09 Jan 2023 01:46:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon Jan 9 09:46:04 2023
p3p
CP=" OTI DSP COR IVA OUR IND COM " CP=" OTI DSP COR IVA OUR IND COM "
pragma
no-cache
server
nginx
x-xss-protection
0
8800
sofire.baidu.com/h5/e/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sofire.baidu.com/h5/e/8800
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-bdh5-pf
Access-Control-Request-Method
POST
Origin
https://www.1ppt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.1ppt.com
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date
Mon, 09 Jan 2023 01:46:05 GMT
8800
sofire.baidu.com/h5/e/ 		77 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sofire.baidu.com/h5/e/8800
Requested by
Host: sofire.bdstatic.com
URL: https://sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
/
Resource Hash
8e4eeec502297afa076b7cdbf83c4acd5cd8a4a9595cc4a038f183fce54bf266

Request headers

Referer
https://www.1ppt.com/
X-Bdh5-Pf
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.1ppt.com
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
content-length
77
8800
sofire.baidu.com/abot/api/v1/tpl/re/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-96c894cf6fdb2c2715892dc0e3e726d0165e64fb&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&h=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&t=1673228764787&r=init
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
8800
sofire.baidu.com/h5/t/ 		591 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sofire.baidu.com/h5/t/8800
Requested by
Host: sofire.bdstatic.com
URL: https://sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
/
Resource Hash
8cb9e15fd203fdd77693fa1b52ad7a7b60d51d62da317265059756ee91fa83b5

Request headers

Referer
https://www.1ppt.com/
X-Bdh5-Pf
1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.1ppt.com
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
content-length
591
8800
sofire.baidu.com/h5/t/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sofire.baidu.com/h5/t/8800
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-bdh5-pf
Access-Control-Request-Method
POST
Origin
https://www.1ppt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.1ppt.com
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date
Mon, 09 Jan 2023 01:46:05 GMT
xcem
pos.baidu.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/xcem?di=6482289&uuid=60cbfb6356b59e37&dri=0&dis=0&dai=0&ps=120x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
55cf918a4c57517262d4669bbae11a1a97e7dce492f199a7d3cb6889d8f8e7c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
gzip
last-modified
Mon Jan 9 09:46:05 2023
server
nginx
p3p
CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/javascript;charset=UTF-8
cache-control
post-check=0, pre-check=0
content-length
768
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
logo-sm.css
d1.1ppt.com/js/logo/css/ Frame B3B3 		2 KB
935 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/js/logo/css/logo-sm.css
Requested by
Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=468&hei=15&di=u933009&s1=2856602106&s2=2278113244&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=156x248&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228762&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&dft=0&ft=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pos.baidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 11:35:45 GMT
server
yunjiasu
etag
W/"639b0691-850"
yjs-cachestatus
HIT
yjs-id
c0a8cba2b7532716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
text/css
cache-control
public, max-age=3600
content-length
794
expires
Mon, 09 Jan 2023 02:46:05 GMT
logo.js
d1.1ppt.com/js/logo/js/ Frame B3B3 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/js/logo/js/logo.js
Requested by
Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=468&hei=15&di=u933009&s1=2856602106&s2=2278113244&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=156x248&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228762&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&dft=0&ft=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pos.baidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 11:35:45 GMT
server
yunjiasu
etag
W/"639b0691-371a"
yjs-cachestatus
HIT
yjs-id
c0a8cba2ea632716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/x-javascript
cache-control
public, max-age=3600
expires
Mon, 09 Jan 2023 02:46:05 GMT
adx.php
wn.pos.baidu.com/ Frame B3B3 		49 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wn.pos.baidu.com/adx.php?c=d25pZD0yNTRhZGVjYzZiZGMzMzlmAHM9MjU0YWRlY2M2YmRjMzM5ZgB0PTE2NzMyMjg3NjQAc2U9MQBidT00AHByaWNlPVk3dHgzQUFMV2VCN2pFcGdXNUlBOGpESmhwTnNVb2F3clRZT0Z3AGNoYXJnZV9wcmljZT0xNgBzaGFyaW5nX3ByaWNlPTE2MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0yNDE5OTE4NDk2AHR1PXU5MzMwMDkAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk3dHgzQUFMV2VCN2pFcGdXNUlBOGpESmhwTnNVb2F3clRZT0Z3AGJjaG1kPTAAdG09MTM5MTQyMgB2PTEAaT03YTY4YzgxNQ
Requested by
Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=468&hei=15&di=u933009&s1=2856602106&s2=2278113244&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=156x248&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228762&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&dft=0&ft=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.62.32 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pos.baidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 09 Jan 2023 01:46:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
49
Expires
Mon, 26 Jul 1997 05:00:00 GMT
1612176597258_975701074.png
unmc.cdn.bcebos.com/ Frame D182 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unmc.cdn.bcebos.com/1612176597258_975701074.png
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.131.118.38 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
42b89ca84e2408125a670f5ccd1122b97e412307c53cb96b489b6cce3e75309c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
8323
date
Mon, 09 Jan 2023 01:46:07 GMT
content-md5
AUrERiIKaPHqJx/XmYJBnw==
age
62030
x-cache-status
HIT
ohc-upstream-trace
183.131.118.59
x-bce-storage-class
STANDARD
content-length
8323
ohc-cache-hit
tzct59 [2], xaix153 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Mon, 01 Feb 2021 10:49:57 GMT
server
JSP3/2.0.14
etag
"014ac446220a68f1ea271fd79982419f"
x-bce-request-id
47cc7d5d-873d-4956-9298-e25ba409f884
x-bce-restore-tier
-
content-type
image/png
x-bce-debug-id
eTsOVHGXiF0t8XUtvBeMUGyFK4puAhxWYHPNHwfbA+a0P5d3ZEO6DC03iQe8EgN9lLAsncq+p/qAwRxy6U8PEw==
x-bce-restore-cache
-
accept-ranges
bytes
ohc-global-saved-time
Sun, 08 Jan 2023 08:31:58 GMT
x-bce-content-crc32
1126584298
expires
Wed, 11 Jan 2023 08:31:58 GMT
xcem
pos.baidu.com/ 		1 KB
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/xcem?di=6482153&uuid=e4d92efd8c46cea9&dri=0&dis=0&dai=0&ps=182x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
bce01a69747fe40a3b27bb25572bd4885837a1a51ba4dfbd990c98f3f3261ad3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
gzip
last-modified
Mon Jan 9 09:46:05 2023
server
nginx
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/javascript;charset=UTF-8
cache-control
post-check=0, pre-check=0
content-length
757
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
s.php
wn.pos.baidu.com/ 		49 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wn.pos.baidu.com/s.php?c=d25pZD0yNTRhZGVjYzZiZGMzMzlmAHdpbl9kc3A9NAB0dT11OTMzMDA5AHM9YWE0NDQ5ZmE4N2M5M2ZkYwB0PTE2NzMyMjg3NjUAb2I9MS4wAHdvcmQ9aHR0cHMlM0ElMkYlMkZ3d3cuMXBwdC5jb20lMkZhcnRpY2xlJTJGNDk1MDguaHRtbABmdD0xAGlmPTAAYXc9NDY4AGFoPTE1AHVpZD11OTMzMDA5XzAAdHlwZT1zaG93&ver=1221&rdm=1673228765192
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.62.32 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 09 Jan 2023 01:46:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
49
Expires
Mon, 26 Jul 1997 05:00:00 GMT
lu_hot_word.png
cpro.baidustatic.com/cpro/exp/other/img/ Frame B3B3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpro.baidustatic.com/cpro/exp/other/img/lu_hot_word.png
Requested by
Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=468&hei=15&di=u933009&s1=2856602106&s2=2278113244&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=156x248&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228762&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&dft=0&ft=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c783b4ac4360e109ac5c9460a8206b3a6f169e6fbc9d9f10c12584350595407c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pos.baidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
3239
date
Mon, 09 Jan 2023 01:46:05 GMT
ohc-cache-hit
yy2ct77 [2], suzix219 [2]
last-modified
Mon, 12 Dec 2022 07:48:15 GMT
server
JSP3/2.0.14
age
1438
etag
"6396dcbf-ca7"
x-cache-status
HIT
content-type
image/png
cache-control
max-age=3600
ohc-global-saved-time
Mon, 09 Jan 2023 01:22:05 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
3239
expires
Mon, 09 Jan 2023 02:22:05 GMT
1669689358550_2031796275.png
unmc.cdn.bcebos.com/ Frame D564 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unmc.cdn.bcebos.com/1669689358550_2031796275.png
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.131.118.38 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
6f328380ca578fed790dbe1f7d7e6e32fdfdf839c32dda7fce23c9ef4280338b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
23524
date
Mon, 09 Jan 2023 01:46:07 GMT
content-md5
yNMLUsXxDDIqwMQFVthPHA==
age
168851
x-cache-status
HIT
ohc-upstream-trace
183.131.118.58
x-bce-storage-class
STANDARD
content-length
23524
ohc-cache-hit
tzct58 [2], suzix135 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Tue, 29 Nov 2022 02:35:58 GMT
server
JSP3/2.0.14
etag
"c8d30b52c5f10c322ac0c40556d84f1c"
x-bce-request-id
80183517-e88b-4531-bf1e-9347b23caffd
x-bce-restore-tier
-
content-type
image/png
x-bce-debug-id
gRLh+TIMX5YqBj/iKAT+eryiSObM8NfUjZRDP5a66fHGrUp5eD5RB4K4k30KGffGwXdUUoT/HN/eZpx1fdzTdQ==
x-bce-restore-cache
-
accept-ranges
bytes
ohc-global-saved-time
Sat, 07 Jan 2023 02:51:46 GMT
x-bce-content-crc32
3001203911
expires
Tue, 10 Jan 2023 02:51:46 GMT
xcem
pos.baidu.com/ 		1 KB
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/xcem?di=6485747&uuid=759cb10fd9f1e2f1&dri=0&dis=0&dai=0&ps=274x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4724d1d261d91b79aac9869ae9b68c36ece8d3fffe78b0b8a18a947e8496d535
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
gzip
last-modified
Mon Jan 9 09:46:05 2023
server
nginx
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/javascript;charset=UTF-8
cache-control
post-check=0, pre-check=0
content-length
771
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
swtqusc.js
d1.1ppt.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/swtqusc.js
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/common/ez/source/hr/r/resource/f/production/fh.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
44364bbc2bfde11a30f86a3572f285be6581444ecd1b9d2e509e2d433004f1b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 07:31:49 GMT
server
yunjiasu
yjs-cachestatus
HIT
yjs-id
c0a8cba9f7e12716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=3600
expires
Mon, 09 Jan 2023 02:46:05 GMT
1670483310621_298274801.png
unmc.cdn.bcebos.com/ Frame E4A1 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unmc.cdn.bcebos.com/1670483310621_298274801.png
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.131.118.38 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
e57eec460e24ef7a1dbef84b6564f2b1c999c9f30e349f259e1c3778ebb777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
30292
date
Mon, 09 Jan 2023 01:46:07 GMT
content-md5
Fmqxq/vIblCsT9rUUqUO/g==
age
153440
x-cache-status
HIT
ohc-upstream-trace
183.131.118.73
x-bce-storage-class
STANDARD
content-length
30292
ohc-cache-hit
tzct73 [2], qdix81 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 08 Dec 2022 07:08:30 GMT
server
JSP3/2.0.14
etag
"166ab1abfbc86e50ac4fdad452a50efe"
x-bce-request-id
f117b8ee-6d8b-4d4b-8706-aa6a0d9d88c3
x-bce-restore-tier
-
content-type
image/png
x-bce-debug-id
e2seFlzooJX0GJjEcYbDgSVIYn83wGinAObLJcsp+Vdgey70E2x9wK+OTvt7306zROCNDg40mgAuFPexsvrlUg==
x-bce-restore-cache
-
accept-ranges
bytes
ohc-global-saved-time
Sat, 07 Jan 2023 07:08:36 GMT
x-bce-content-crc32
2538434984
expires
Tue, 10 Jan 2023 07:08:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: js.1ppt.com
URL: https://js.1ppt.com/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdef471689e90bb3eb49efc6935eed65c1ebb5e5de2d5dc8b7ca963518471e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49356
x-xss-protection
0
server
cafe
etag
5368178934899790953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 01:46:05 GMT
xcem
pos.baidu.com/ 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/xcem?di=7393532&uuid=22d69803f53d8ca8&dri=0&dis=0&dai=0&ps=2158x248&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x2167&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4863d0316450463f3ad38d970740edbe099777eca3b4bc074779e7fc16b9f034
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:05 GMT
content-encoding
gzip
last-modified
Mon Jan 9 09:46:05 2023
server
nginx
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/javascript;charset=UTF-8
cache-control
post-check=0, pre-check=0
content-length
761
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
1641428471632_1946387433.png
unmc.cdn.bcebos.com/ Frame 73B9 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unmc.cdn.bcebos.com/1641428471632_1946387433.png
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.131.118.38 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
f5c029757d14aba168a8e4504953874591925e34504283c9643bc4dc6ec234fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
23665
date
Mon, 09 Jan 2023 01:46:07 GMT
content-md5
0mgQ1cFZIpTxb8gbL0ZsOQ==
age
89161
x-cache-status
HIT
ohc-upstream-trace
183.131.118.60
x-bce-storage-class
STANDARD
content-length
23665
ohc-cache-hit
tzct60 [2], qdix206 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 06 Jan 2022 00:21:11 GMT
server
JSP3/2.0.14
etag
"d26810d5c1592294f16fc81b2f466c39"
x-bce-request-id
a8ef0ba3-e08b-46fb-b537-1093a0bc413f
x-bce-restore-tier
-
content-type
image/png
x-bce-debug-id
TMuSx/5cdgy1SrAzmyqfsRfdohNuqG/TODljnUXrY1wkM0nt5lKG0nTLDzEjQoBWgM3kGv28XBfssMbTgeWwrw==
x-bce-restore-cache
-
accept-ranges
bytes
ohc-global-saved-time
Sat, 07 Jan 2023 13:22:57 GMT
x-bce-content-crc32
3804714502
expires
Tue, 10 Jan 2023 13:22:57 GMT
xcem
pos.baidu.com/ 		1 KB
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/xcem?di=6802009&uuid=8e8e80b6b4b4b1a8&dri=0&dis=0&dai=0&ps=2486x248&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x2494&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0b281083190dab05cc28baca239368cfd4032c557da6cf4a84015aaa0576c16d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
last-modified
Mon Jan 9 09:46:06 2023
server
nginx
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/javascript;charset=UTF-8
cache-control
post-check=0, pre-check=0
content-length
877
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3faeb0318266a710db70a0b14f711149b26554758ee287c13268fc02a211a601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119962
x-xss-protection
0
server
cafe
etag
12433167506376470281
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 09 Jan 2023 01:46:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/ Frame 6D92 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 15:48:29 GMT
etag
10353107486223812946
expires
Sun, 22 Jan 2023 15:48:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		383 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.1ppt.com&callback=_gfp_s_&client=ca-pub-4062049157955815&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ba25a6fed0a4e157c1e427d86342a5a535bcc57094c88a1fd11a4a208b841ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.1ppt.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.1ppt.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F193 		73 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73b4b00540dcaa77e2daa02c322e1dd05b44d76e57329720e5e633b39b4728ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30086
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:07 GMT
expires
Mon, 09 Jan 2023 01:46:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1663121831848_477794674.png
unmc.cdn.bcebos.com/ Frame BDC2 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unmc.cdn.bcebos.com/1663121831848_477794674.png
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.131.118.38 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
572eceef7cba4a35a23cb21ee854b70aa4f29149e38701d2431ca2951554bc92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
84591
date
Mon, 09 Jan 2023 01:46:07 GMT
content-md5
Ds59yUgADCoRVwlykzXW4Q==
age
211803
x-cache-status
HIT
ohc-upstream-trace
183.131.118.65
x-bce-storage-class
STANDARD
content-length
84591
ohc-cache-hit
tzct65 [2], czix200 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Wed, 14 Sep 2022 02:17:11 GMT
server
JSP3/2.0.14
etag
"0ece7dc948000c2a115709729335d6e1"
x-bce-request-id
7a51475a-cf77-4a37-90fd-42a6b1d6c298
x-bce-restore-tier
-
content-type
image/png
x-bce-debug-id
YioQEyYvt86OcbJ7H/uD3tjOQAkVgFqsXUGRF7OruUWMoUXV+EghtTLgx+LtKcuetmm0lpOFVGtLyrC5JZO/+g==
x-bce-restore-cache
-
accept-ranges
bytes
ohc-global-saved-time
Fri, 06 Jan 2023 02:40:02 GMT
x-bce-content-crc32
1333668534
expires
Mon, 09 Jan 2023 02:40:02 GMT
liuyan.gif
js.1ppt.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.1ppt.com/liuyan.gif
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.136.232.44 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
cdace91f0ca34fd6f3aad0b51c3993557d1abef48c6bf4f8bb1779f4f98f4ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:06 GMT
X-Svr
IO
Content-Md5
8qlC2+AxkEZ4O1Nzhe51zQ==
Age
2141768
X-Reqid
vp4AAACG_KXeH-YW
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="liuyan.gif"; filename*=utf-8''liuyan.gif
Connection
keep-alive
Content-Length
15102
X-M-Reqid
XySfRQLXs
X-M-Log
QNM:cdn-cache-tel-zjqz-qz-1;QNM3
Last-Modified
Wed, 18 Jul 2018 02:48:14 GMT
Server
openresty
Etag
"FhbiFEXr6Fu6TuJjK3hnDRDEDM2l"
Access-Control-Max-Age
2592000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
xcem
pos.baidu.com/ 		1 KB
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/xcem?di=6300280&uuid=3fb35a7695ba8320&dri=0&dis=0&dai=0&ps=654x1024&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x3010&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
58ee735aabcdfc20b81eeeaa491e237f89255067827416ed383b386befa0a31d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
last-modified
Mon Jan 9 09:46:06 2023
server
nginx
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/javascript;charset=UTF-8
cache-control
post-check=0, pre-check=0
content-length
757
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
8800
sofire.baidu.com/abot/api/v1/tpl/re/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-96c894cf6fdb2c2715892dc0e3e726d0165e64fb&9=0&10=0&11=1542&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&h=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&t=1673228766344&r=lo
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.110.192.156 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
1615358315132_313488608.gif
unmc.cdn.bcebos.com/ Frame A0FC 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unmc.cdn.bcebos.com/1615358315132_313488608.gif
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
183.131.118.38 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
bc2bb9fc634e64624ecb8cb30f989b65f67e4da241bdfe069f09c54f9e48f693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ohc-file-size
19272
date
Mon, 09 Jan 2023 01:46:07 GMT
content-md5
FJ5FmcEBg+yk+vdHaV9UXA==
age
82478
x-cache-status
HIT
ohc-upstream-trace
183.131.118.56
x-bce-storage-class
STANDARD
content-length
19272
ohc-cache-hit
tzct56 [2], czix235 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Wed, 10 Mar 2021 06:38:35 GMT
server
JSP3/2.0.14
etag
"149e4599c10183eca4faf747695f545c"
x-bce-request-id
4e8535d9-c611-4ac6-8cb4-7bcf93ddeeb3
content-type
image/gif
x-bce-debug-id
N0q1E/m3QfqK5GOuJ97WVBOIU6cEIeMPdO3PKHYqXJhO2wmHdUOzmzyeIdSDbNZmt3J3GAXCPMFEFBNbX/S78g==
accept-ranges
bytes
ohc-global-saved-time
Sun, 08 Jan 2023 02:51:18 GMT
x-bce-content-crc32
686810982
expires
Wed, 11 Jan 2023 02:51:18 GMT
o-b.js
d1.1ppt.com/production/kfx/bg/source/bn/resource/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/production/kfx/bg/source/bn/resource/o-b.js
Requested by
Host: js.1ppt.com
URL: https://js.1ppt.com/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
e6bc92458e7750b6a65a8f6a85b300dad7a16c80b65a0ec7b2191c1a493b7def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 05:54:50 GMT
server
yunjiasu
yjs-cachestatus
HIT
yjs-id
c0a8cbb38af72716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=3600
content-length
2234
expires
Mon, 09 Jan 2023 02:46:06 GMT
truncated
/ Frame B3B3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d6b560e2e0a4e379f6447b75f17f4c993f601d91c22d20af513a7781d6c0c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B3B3 		347 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
063205ced11cfb8b6582590f54b2be24e5999f1b2abe3577e8a0e66f23109e2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
s
pos.baidu.com/ Frame 9054 		40 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pos.baidu.com/s?wid=336&hei=280&di=u3474914&s1=2297970914&s2=2349586891&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=1338x1024&drs=1&pcs=1600x1200&pss=1600x3195&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228767&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=8&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&fpt=sMJAFCoeYbUvG1RIi/9KiBUBlAw21a+uUXnJzR3ADPqcs+U/FVFWZZuT0g7NUSnkXGlbQR4RwRlvC1k+/8dUEPdc8ykVurQBkQ05nDRSGWzmUCgQqWHNnqqQ7wHp+TALgvaNOLoy/T4cUzpLt3/uVTguV8LG0T+3PPVJvYKDG/kXB2eFeVqE+dK+UO/hoPKj6/1jaUk9/NzQ0qT4mxx+E7kvyJnXvWTia5tAkK+cAwMmbc+U7M1U2jjHWjdkL0KRKbPhGDJ4NxrnzL9e3JMswOCCdycYvAHUyB9smYG6hjNHrBNK4SbkUC8m/I53Dr2e/yEMmXBhDq9Oe5cLy53YDF86+xKc/DemnKTsUg2NAWgg0kOGWwGt+VPAYhOdxK3aOwtK4ERxDPd7NI+EoZnXdw==|4qr4cMj6pTAyc2VMAf2a1/e9Pw3J3LqoACNBAdTdmDM=|10|bde01cf1a1f8ec502341a40a6f2c4def&dft=0&ft=1
Requested by
Host: cbjs.baidu.com
URL: https://cbjs.baidu.com/js/m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
1ac0fba1ad700ae7dd3141cbca40567c8976aa82ed1b3c92e0e3d2f26a2d2f99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
post-check=0, pre-check=0
content-encoding
gzip
content-length
8824
content-type
text/html;charset=UTF-8
date
Mon, 09 Jan 2023 01:46:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon Jan 9 09:46:07 2023
p3p
CP=" OTI DSP COR IVA OUR IND COM "
pragma
no-cache
server
nginx
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.1ppt.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.1ppt.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1018 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf649be8086f03718ee2d806c97100bed137183a33478c5344c571e72186512c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
7987
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:07 GMT
expires
Mon, 09 Jan 2023 01:46:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
collect-v6.51.la/v6/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.1ppt.com
Date
Mon, 09 Jan 2023 01:46:08 GMT
Access-Control-Allow-Credentials
true
Server
CloudWAF
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
collect
collect-v6-alqy.51.la/v6/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6-alqy.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.78.77.218 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.1ppt.com
date
Mon, 09 Jan 2023 01:46:07 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
gotop.gif
js.1ppt.com/ 		946 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.1ppt.com/gotop.gif
Requested by
Host: js.1ppt.com
URL: https://js.1ppt.com/core.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.136.232.44 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
8695379e0dd8df21c5520292bf0a8edb2f64761c770f1b774573b74eb7d6efab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.1ppt.com/core.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 09 Jan 2023 01:46:07 GMT
X-Svr
IO
Content-Md5
NAEn2Erz+lD++i7V96JKaA==
Age
1926922
X-Reqid
AasAAAAbGJpv6twW
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="gotop.gif"; filename*=utf-8''gotop.gif
Connection
keep-alive
Content-Length
946
X-M-Reqid
WSV19Cwuc
X-M-Log
QNM:cdn-cache-tel-zjqz-qz-2;QNM3
Last-Modified
Wed, 09 Dec 2020 01:32:53 GMT
Server
openresty
Etag
"Fvijy7RuNIWSvAyZRvjUJbrR7jVA"
Access-Control-Max-Age
2592000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
auto_ds
d2.1ppt.com/ 		59 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2.1ppt.com/auto_ds?zxr=E&yay=SNW&wjp=C&lyo=DICC9DECC&zno=D&ze=C&yya=536q&ww=D&ylh=F&zeo=C&pyj=DIJFEEKJIE&loe=EqEGnppFpIqFroqr&ns=DECC&zyx=jjjnmup6j6zu0zjomxxnmow&zye=kD&pln=DIJFEEKJIEGJC&on=DICC9DECC&zy=G&zwe=C&lnkp=E&loo=DICC9DECC&zpi=Mdc_jVb_Z-&zbp=C&zlp=z0zq&qy=DICC9DECC&yde=E&pe=lQGlNKlKLlQHlNOlMClQIlMElKHlQKlKMlNDlQJlKDlMRlQJlMOlNOlQIlLKlMHlQKlKMlKE--clQKlKFlKOlQIlLLlMRlQHlLNlNQlQJlKLlKJlECklEClQJlMOlMOlQGlNKlKC--c&hpq=t5514lFMlERlER888ljD115ljo0ylERm35uoxqlERGLHCKljt5yx&wne=E&zre=CljC&ybr=C&qqez=HLKLKKIDJHHqHLHr&phi=DIGKKJDLLE&ajq=qzo0puzs&atlo=DDCCDD&ayz=D&ran=DEED&zne=C&lo=C9C&leo=kD9kD
Requested by
Host: d1.1ppt.com
URL: https://d1.1ppt.com/xtvzuvo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.132 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
21e9d127e7b67e29ef24388c0c4036233236ce6e3e4b2ac1262c70f876674e95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:08 GMT
content-encoding
gzip
last-modified
Mon Jan 9 09:46:08 2023
server
yunjiasu
yjs-id
c0a8cbc6ead62716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/javascript;charset=UTF-8
cache-control
post-check=0, pre-check=0
content-length
84
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D9C5 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&adk=1812271804&adf=3025194257&lmt=1648871992&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766872&bpp=1&bdt=8048&idt=1&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280%2C300x600&nras=1&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:06 GMT
expires
Mon, 09 Jan 2023 01:46:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
logo-sm.css
d1.1ppt.com/js/logo/css/ Frame 9054 		2 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/js/logo/css/logo-sm.css
Requested by
Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=336&hei=280&di=u3474914&s1=2297970914&s2=2349586891&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=1338x1024&drs=1&pcs=1600x1200&pss=1600x3195&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228767&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=8&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&fpt=sMJAFCoeYbUvG1RIi/9KiBUBlAw21a+uUXnJzR3ADPqcs+U/FVFWZZuT0g7NUSnkXGlbQR4RwRlvC1k+/8dUEPdc8ykVurQBkQ05nDRSGWzmUCgQqWHNnqqQ7wHp+TALgvaNOLoy/T4cUzpLt3/uVTguV8LG0T+3PPVJvYKDG/kXB2eFeVqE+dK+UO/hoPKj6/1jaUk9/NzQ0qT4mxx+E7kvyJnXvWTia5tAkK+cAwMmbc+U7M1U2jjHWjdkL0KRKbPhGDJ4NxrnzL9e3JMswOCCdycYvAHUyB9smYG6hjNHrBNK4SbkUC8m/I53Dr2e/yEMmXBhDq9Oe5cLy53YDF86+xKc/DemnKTsUg2NAWgg0kOGWwGt+VPAYhOdxK3aOwtK4ERxDPd7NI+EoZnXdw==|4qr4cMj6pTAyc2VMAf2a1/e9Pw3J3LqoACNBAdTdmDM=|10|bde01cf1a1f8ec502341a40a6f2c4def&dft=0&ft=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pos.baidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:07 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 11:35:45 GMT
server
yunjiasu
etag
W/"639b0691-850"
yjs-cachestatus
HIT
yjs-id
c0a8cbb9be772716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
text/css
cache-control
public, max-age=3600
content-length
794
expires
Mon, 09 Jan 2023 02:46:07 GMT
logo.js
d1.1ppt.com/js/logo/js/ Frame 9054 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1.1ppt.com/js/logo/js/logo.js
Requested by
Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=336&hei=280&di=u3474914&s1=2297970914&s2=2349586891&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=1338x1024&drs=1&pcs=1600x1200&pss=1600x3195&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228767&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=8&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&fpt=sMJAFCoeYbUvG1RIi/9KiBUBlAw21a+uUXnJzR3ADPqcs+U/FVFWZZuT0g7NUSnkXGlbQR4RwRlvC1k+/8dUEPdc8ykVurQBkQ05nDRSGWzmUCgQqWHNnqqQ7wHp+TALgvaNOLoy/T4cUzpLt3/uVTguV8LG0T+3PPVJvYKDG/kXB2eFeVqE+dK+UO/hoPKj6/1jaUk9/NzQ0qT4mxx+E7kvyJnXvWTia5tAkK+cAwMmbc+U7M1U2jjHWjdkL0KRKbPhGDJ4NxrnzL9e3JMswOCCdycYvAHUyB9smYG6hjNHrBNK4SbkUC8m/I53Dr2e/yEMmXBhDq9Oe5cLy53YDF86+xKc/DemnKTsUg2NAWgg0kOGWwGt+VPAYhOdxK3aOwtK4ERxDPd7NI+EoZnXdw==|4qr4cMj6pTAyc2VMAf2a1/e9Pw3J3LqoACNBAdTdmDM=|10|bde01cf1a1f8ec502341a40a6f2c4def&dft=0&ft=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.174.61.133 , China, ASN136194 (CHINATELECOM-HUBEI-HUANGSHI-IDC Huangshi, Hubei Province, P.R.China., CN),
Reverse DNS
Software
yunjiasu /
Resource Hash
65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pos.baidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:07 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 11:35:45 GMT
server
yunjiasu
etag
W/"639b0691-371a"
yjs-cachestatus
HIT
yjs-id
c0a8cbb9d4dc2716-100
p3p
CP=" OTI DSP COR IVA OUR IND COM "
content-type
application/x-javascript
cache-control
public, max-age=3600
expires
Mon, 09 Jan 2023 02:46:07 GMT
adx.php
wn.pos.baidu.com/ Frame 9054 		49 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wn.pos.baidu.com/adx.php?c=d25pZD1lMDcxNGFhZDRiOTBmZGM3AHM9ZTA3MTRhYWQ0YjkwZmRjNwB0PTE2NzMyMjg3NjYAc2U9MQBidT00AHByaWNlPVk3dHgzZ0FQSlpON2pFcGdXNUlBOHZqMVB5d3ltT0JmT0RfTEVnAGNoYXJnZV9wcmljZT00MTgAc2hhcmluZ19wcmljZT00MTgwMDAAd2luX2RzcD00AGNobWQ9MQBiZGlkPTM5ODFGMDE4NkI4MkFBNUNCQjczQjBFNkZEQjFCQkI1AGNwcm9pZD0Ad2Q9NzYzMDk2MAB0dT11MzQ3NDkxNABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9WTd0eDNnQVBKWk43akVwZ1c1SUE4dmoxUHl3eW1PQmZPRF9MRWcAYmNobWQ9MAB0bT0xMzkxNDIyAHY9MQBpPWUzODE2YzU5
Requested by
Host: pos.baidu.com
URL: https://pos.baidu.com/s?wid=336&hei=280&di=u3474914&s1=2297970914&s2=2349586891&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&dc=3&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ps=1338x1024&drs=1&pcs=1600x1200&pss=1600x3195&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1673228767&dtm=HTML_POST&tpr=1673228762470&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=8&dri=0&ver=1221&ecd=1&psi=2e24bdd3d6e3fcef&fpt=sMJAFCoeYbUvG1RIi/9KiBUBlAw21a+uUXnJzR3ADPqcs+U/FVFWZZuT0g7NUSnkXGlbQR4RwRlvC1k+/8dUEPdc8ykVurQBkQ05nDRSGWzmUCgQqWHNnqqQ7wHp+TALgvaNOLoy/T4cUzpLt3/uVTguV8LG0T+3PPVJvYKDG/kXB2eFeVqE+dK+UO/hoPKj6/1jaUk9/NzQ0qT4mxx+E7kvyJnXvWTia5tAkK+cAwMmbc+U7M1U2jjHWjdkL0KRKbPhGDJ4NxrnzL9e3JMswOCCdycYvAHUyB9smYG6hjNHrBNK4SbkUC8m/I53Dr2e/yEMmXBhDq9Oe5cLy53YDF86+xKc/DemnKTsUg2NAWgg0kOGWwGt+VPAYhOdxK3aOwtK4ERxDPd7NI+EoZnXdw==|4qr4cMj6pTAyc2VMAf2a1/e9Pw3J3LqoACNBAdTdmDM=|10|bde01cf1a1f8ec502341a40a6f2c4def&dft=0&ft=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.62.32 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pos.baidu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 09 Jan 2023 01:46:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
49
Expires
Mon, 26 Jul 1997 05:00:00 GMT
16445162802186304785
tpc.googlesyndication.com/simgad/ Frame F193 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16445162802186304785?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qldnhSJ9NZ4CTaN8-PQ_VG59Dk5zw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62ef18f4c87bf659e058771c2526f62a4827ce991618d6eba7ade0437ae5abcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 20:41:38 GMT
x-content-type-options
nosniff
age
191069
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8696
x-xss-protection
0
last-modified
Sat, 20 Feb 2021 15:28:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 20:41:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame F193 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 09:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
57938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8895
x-xss-protection
0
server
cafe
etag
5139089157766378523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 09:40:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame F193 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 21:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
14707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 21:41:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame F193 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 20:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
17937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 20:47:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F193 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C183f3nG7Y8bHH4qPjuwPy-qX6AuK1rWwbYmGmJuPELK1kZifIxABIJPVgxhgleKQgqAHoAHxmqDQAcgBAqgDAcgDyQSqBNIBT9Bf8vpqMkObaiboO2-q4ZuqRy863CK8gkQFVzPOA3J-LDmWQakNUzMAy89HI6QoFdi7ATZ66hALSOC-viA_jwaYVAUVKMS8_eG7hPMfK8-G9y0th2LgNg-yAHIFw7F5s83kk2fUuvnVUazo0df6GRa73ohq764iki2s_p5-K12ONyFZiBSSbnQq8LWx2cEnw7DNFFKIFCj2KQG4QFHYZXwAZpszUBOiMzvZH5SXCL_jhr9x4ToinyDssAQF10BA8qdPy9pSzANTsXFOF2mgiBjawASTotrrkwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH9-TfrwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDemxPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi00MDYyMDQ5MTU3OTU1ODE1GAA&sigh=RecfhbyAQTs&uach_m=[UACH]&cid=CAQSGwDq26N9J0OwqtYVIslTiok4F4Xsh4d0Pq6ZmRgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Jan 2023 01:46:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 09 Jan 2023 01:46:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F193 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 01:46:07 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame F193 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25a984c98b4566820d07ed330cca9df432b07ff477abb7d9a943474b9d6adb9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 03:15:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
81030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13513
x-xss-protection
0
server
cafe
etag
4934188394031797621
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 03:15:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1018 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcerarD-ygZA-Q9H3D9DkwtH7PQ8u9PnVvQ4aC9CUxBACzYNnXzWE630MzdGOuqQo8bmebz2SMypHEY_DwnAY8de1oc9KzKx3djjBOoClx0qHMh0s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 1018 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 21:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
14707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 21:41:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 1018 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 20:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
17937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 20:47:10 GMT
l
www.google.com/ads/measurement/ Frame 1018 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9mmJA_-0NnlWY5bjxoqpNU4W-rTcnUPsYpEcmDvEQtwzuIhub2gaQeuPACDyumUzsEIUMBbZIyFOWkCD1pksXJZXMpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1018 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 01:46:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C4BE 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb-_jcATAB&v=APEucNXgEjBmZLGb8mKffsixW8R37175JBTjuXqfUODvlRFfWAOstqtq079R-lE9Ohs8tSzS5ZQO7Nlbte1yqA75ABQMQHr6XDErOIL05Ow9ZfStsgTIlcAe93vf1BH_WRItnA0sxvaSLwafayqUXDcj_W4Gp3qCm8B6XmIuZwvllfhw5rGUcPk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:07 GMT
expires
Mon, 09 Jan 2023 01:46:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1018 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhQUexcjzPZp8wflYf4UPWgJnSd9ekqBzsDuqasIYZVQCJXkfld78qmIeXIAT3xgKCFMdH0PxeJpQca1d-HSnI4JW6akizpJJZPY-h1ixrEGQVyhq50E3JvPlVILHpdNY9due8CBnsVPl78ANE0Q5T5LEwQTPJcdx86oLiIIG-RwcLCtg&dbm_d=AKAmf-ABy5N0P15M6X4-mB-i22qrALJdQIZ76gOn4KqOzdKcFdmRvfrpMvQwOv0GWk_CJumMTvp2Hi6uEptKN-V78B5RhCCHT8IB8yVqUvT3kYVqFg2G4albF9KjBMWAagnO6wYSk9EuawU-QgK8405HDySU-xE54M4x_UlFmRYx7vnUyTfJvgdDdmggC0JnFtZU6cyQ64-J0TOhPiqsjxcQFS_6DtbDU7rYZftWe-U_bRr8ggoElXNqoM8c5U1jZF-sMqbfdj8Oyxbwm6ZLusmt0g88x7WrXy5_Ht1c94gWdTwTTTiNaGiYAcqVI3sfLwe2q_-3eNv2sFebyAd3ggoFh0gaTMP9mcbSY1E5WpIEY6q3DLsIaSbtdOTiYlf0a-hbMkElV4h-CGdwm-NR04ZeWxtmJjn1KpnZkCo5Bil4m1IWmIgntZmF7k9OT7bysZM_3h8fVKGZnQOttRZKDtD2RovJFH483o_e1wm3ZPCyG9BmLZ-16fY4h5gZ1hYX3IZT2lYgBActxcwcDqF_0MzJU5kg_8u9qeyA5zpuo4ZN4mT2bLIfxBaTmjZzXGFcTWYmORcUK7Qw_1omYmpym3PIEErBHvOO9mIMLg-9FDXcDc8w_g0YSZVZf2DYE3cJa5YaeXDnwKv4Gi5BPUAhOM2OYUTxyYbn7YDaYR53i_nuJ5W-23Ra5rkLeB0o0BgDNd-k0w8usr64VEn_2Eucn6PawHDwjPXlZHucJhcCEvMApndXznQS4aY2oR4Bq6Ix4yPdTeVhKejm-po5lflNPOOmm4452bjWrWEVvJRBOiZo_ZTaNVYmDQzOKq9kS_NLWWXOJ3EQB6z0QsXSvYG1fIpYR-YqrVSoijM5s5Fxo0QmrKzpByDGnakx4ZvyGVxgFgN7TrojwN2HGURgYu1I3qro1C9xua1wSnBzIW_Gj6mkf0FsBF4Xo01r8lDWXlq93E7DNnBDc_xcYA2en_LyMRVClC8NShFSma9ZJzO8NgkeV93XTD7Nkg2Vd-NJ9Ip7eSMN3x7aDhxoQHl1bN9j3M_LOy51xt2Lzh4isaMYANyGDUK_IglZyomVeBHVl_CblAbow25K4_ZW69hYzf4Kgp0iOfAcPs0YQvFvIEKrXfZy8mrm3VE2uayEWxW5S99eBUHqTsPrJhQXyPK2UpF67kHIAXq74tX6JnqrliX2ySPXTMSxM9rxytxp943FOa7NEeX0NGMvV35o9aMv9xpRfBxc2XMQiiYU2E05j7o3WcAiz1G6QDOqOFd0PtSQuTwNQiDjO1QtF1Ynl7dyFSUF_S2ToIPX4Wv-YS-b59rX260yynmbniXoJ2enQidmPPQtUWIEG9g8rcc-aMFKnOr5P53Qf3NQa5vFZ6eAaVTm6Htyk24n6G0-CV2ENNXofl9MkSWhQ-b6SkLEnNbCBpUVt4NxBIQO00qgDm_WwIF01fsQEG7zuMwLKqhXQZuop5O86QTib7eVMFiC7tC6vz0fdFly2sUt0l4y5Mq-bvW-F1gYXBJOBL37GK6RWmoBMUgnfjWRTGy8a4PZnx4TzJU1z1Cv8UTcP-WdheDRQ-yen-JHaMdCmH-ary0jbLNQGB7J18HR5duiWRCahQYONNsQOKt032XAjl6QgvH67XnAK9Ds-tGxGdZcDNo_c8DjlvnRxeabb8ECovOl3pYeyIwAcuMqLj9dHu1eBNeI96cZLhaQNqQKg0XDmtcoePMypWq5lUJnIusjmh7vOhP2EgpiD4-h8HKaqEVGrw4Ao5qWi8mGdB8gN1kU1r3wWtDdEzhF_pwUVEkPl07knXWww7zOfoinPdXivKChw87mZ54XYK_3Xjefl5fpNXOIHZ471Wqx3rN6ITX9FoIA8eWo395Xi6492s3QOuQM1c4R14JAiCqIG8WrzU2gT5dEtTXbx4PMGOFplNmBBam-sQ19LPNzmYJHdu8TGMZ75l8FnA7rN24izRqMX7NxcAVDA3QYpa2lkgmBL8HvX4hwZxIZfu_kTgZj41L5a_qUTkoApHta1WSQlYhTwji31tSG6pbQkC1FlKhBPp2tZswG4P856LRYI4BANPC5XBMgFwkUkrgvgGFE5BPNTPaLd-rH4idOJmjjgBv4AfbefFPkx0K4Aw4JUGQROlfS5vvTYkx_3SRodURlQkEYNhwW4MG5898wa3iMJJcwLrYgJFW2k-YdHaLmeKTsK6BiTxOpTmA_Gx5t85u2mLJOZokkYhzajo2bYbWWKFJsn26KYlnvYOKYISzO74ubvRGmy3LOqNefIwrCidrQacB-mNzep70-77ZSSvfDu2lGUln0ayuZeatdL2hvdFCGSsEtZUmlElpy3k6U3ijSDc0ZLJ28KW_A3UPNTSfNSWHVO059HJiarZeMs3tjkwBDFz-pQdGFakutm2CNT89CFUc6ms6r_i8BnGm77dda_MvZlm4MBcfmsZGOycM0wYOVC6zRrPBzQGeNe2B7TI7jGmHTNnK7UrSU1splUmU5jBtfuJ8cg-Ylu-8QpZyiVKjV871Gft4Atp24X9bzQ67wC4xE3eSb6SRqgL1g630U95hUlHqNYu6tpymbgK4-dVR_oKlqC1h6YiTMN79rB8Aoto3OuNN-pFNy5MF5eMXytLoYD5lGU4vj8xb0r14Ky7nzmI82U9DkfejCvh60VtZkY5VKx1vdd6LwiT0UNYd_WpNfhGfG2NKs_yV--Ft9vy2N1XNiPhIu4hAWPbIyGyKYGAgS9aLWNFrIeUWb-27zp3CBTImcCsweQ5g9ARMHiL9pDe9TdHCfttCZwzaVTuw6CnySlD-1Bp-LxF3MuXsx0opi04xWZrh0H5xIKYtSZHsVJkwkex54l5NjMBw36ky_vNcO3hhM9gVu4P3tJ7X9MBVCj3yaMPB15WmdrGjOHJjJ2Q22MDvp3u_gkB5bq26qg4BrCaPxxXgpNePT54scrAKqB-32j4P_uzxEz3nrMBr547xJ6hNXMs9GBE6I3rdAye8Sski6rYNofAVpnekrfr82LkRXv3jExwXtX1Tt7CG28bBR3g0nNqcFCwqjmuK5jVaixaBNjjzkxdTx2QDwnWI_-9r3GK36tRkzyHs0JQVPeL57GiVgaTaLdJjMf6jDtA9iToT5LBlN2vFZFu8EzEQnlufH7VhGEdiQd2clzNv_7hGTTjblWFCBLoNZMU4ec4-2X58v_rQ&cid=CAQSPgDq26N9sFolnDUcJD941wabUnpWjPQQ2GSrDx2yM59kyEH4YaF-XpeYhTNu20ZNtrVcTVB3MlMTvYq-yyrfGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.1ppt.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
871d0bef341bbc966671571903ea67292fe473a21821fd4e4f938f44ea8218bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35154
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A796 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:45:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F193 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae7986c839995dfd2e83ed430d281c6ee025183a87e8b01ced6ae650a9c82f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame C4BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb-_jcATAB&v=APEucNXgEjBmZLGb8mKffsixW8R37175JBTjuXqfUODvlRFfWAOstqtq079R-lE9Ohs8tSzS5ZQO7Nlbte1yqA75ABQMQHr6XDErOIL05Ow9ZfStsgTIlcAe93vf1BH_WRItnA0sxvaSLwafayqUXDcj_W4Gp3qCm8B6XmIuZwvllfhw5rGUcPk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Jan 2023 01:46:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C4BE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7tx36-AwWeEvgIdloviIwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb-_jcATAB&v=APEucNXgEjBmZLGb8mKffsixW8R37175JBTjuXqfUODvlRFfWAOstqtq079R-lE9Ohs8tSzS5ZQO7Nlbte1yqA75ABQMQHr6XDErOIL05Ow9ZfStsgTIlcAe93vf1BH_WRItnA0sxvaSLwafayqUXDcj_W4Gp3qCm8B6XmIuZwvllfhw5rGUcPk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Jan 2023 01:46:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3Eg8RWeORsHoT6fhSwqK8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C4BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEF2gurhpdgImJCzyZ3kSvzM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEF2gurhpdgImJCzyZ3kSvzM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb-_jcATAB&v=APEucNXgEjBmZLGb8mKffsixW8R37175JBTjuXqfUODvlRFfWAOstqtq079R-lE9Ohs8tSzS5ZQO7Nlbte1yqA75ABQMQHr6XDErOIL05Ow9ZfStsgTIlcAe93vf1BH_WRItnA0sxvaSLwafayqUXDcj_W4Gp3qCm8B6XmIuZwvllfhw5rGUcPk
Protocol
HTTP/1.1
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Jan 2023 01:46:07 GMT
AN-X-Request-Uuid
28dc5364-d9b5-4c34-9e41-10addac3ad52
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEF2gurhpdgImJCzyZ3kSvzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C4BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDQ1MTYzNzUyMzMyMDc5OQ%3D%3D
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDQ1MTYzNzUyMzMyMDc5OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjb-_jcATAB&v=APEucNXgEjBmZLGb8mKffsixW8R37175JBTjuXqfUODvlRFfWAOstqtq079R-lE9Ohs8tSzS5ZQO7Nlbte1yqA75ABQMQHr6XDErOIL05Ow9ZfStsgTIlcAe93vf1BH_WRItnA0sxvaSLwafayqUXDcj_W4Gp3qCm8B6XmIuZwvllfhw5rGUcPk
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 09 Jan 2023 01:46:07 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7d8add32-2d84-40ca-8704-3bba1aefa19f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMxNDQ1MTYzNzUyMzMyMDc5OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A796
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:07 GMT
expires
Mon, 09 Jan 2023 01:46:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1018 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Jan 2023 07:35:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/ Frame 1018 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhQUexcjzPZp8wflYf4UPWgJnSd9ekqBzsDuqasIYZVQCJXkfld78qmIeXIAT3xgKCFMdH0PxeJpQca1d-HSnI4JW6akizpJJZPY-h1ixrEGQVyhq50E3JvPlVILHpdNY9due8CBnsVPl78ANE0Q5T5LEwQTPJcdx86oLiIIG-RwcLCtg&dbm_d=AKAmf-ABy5N0P15M6X4-mB-i22qrALJdQIZ76gOn4KqOzdKcFdmRvfrpMvQwOv0GWk_CJumMTvp2Hi6uEptKN-V78B5RhCCHT8IB8yVqUvT3kYVqFg2G4albF9KjBMWAagnO6wYSk9EuawU-QgK8405HDySU-xE54M4x_UlFmRYx7vnUyTfJvgdDdmggC0JnFtZU6cyQ64-J0TOhPiqsjxcQFS_6DtbDU7rYZftWe-U_bRr8ggoElXNqoM8c5U1jZF-sMqbfdj8Oyxbwm6ZLusmt0g88x7WrXy5_Ht1c94gWdTwTTTiNaGiYAcqVI3sfLwe2q_-3eNv2sFebyAd3ggoFh0gaTMP9mcbSY1E5WpIEY6q3DLsIaSbtdOTiYlf0a-hbMkElV4h-CGdwm-NR04ZeWxtmJjn1KpnZkCo5Bil4m1IWmIgntZmF7k9OT7bysZM_3h8fVKGZnQOttRZKDtD2RovJFH483o_e1wm3ZPCyG9BmLZ-16fY4h5gZ1hYX3IZT2lYgBActxcwcDqF_0MzJU5kg_8u9qeyA5zpuo4ZN4mT2bLIfxBaTmjZzXGFcTWYmORcUK7Qw_1omYmpym3PIEErBHvOO9mIMLg-9FDXcDc8w_g0YSZVZf2DYE3cJa5YaeXDnwKv4Gi5BPUAhOM2OYUTxyYbn7YDaYR53i_nuJ5W-23Ra5rkLeB0o0BgDNd-k0w8usr64VEn_2Eucn6PawHDwjPXlZHucJhcCEvMApndXznQS4aY2oR4Bq6Ix4yPdTeVhKejm-po5lflNPOOmm4452bjWrWEVvJRBOiZo_ZTaNVYmDQzOKq9kS_NLWWXOJ3EQB6z0QsXSvYG1fIpYR-YqrVSoijM5s5Fxo0QmrKzpByDGnakx4ZvyGVxgFgN7TrojwN2HGURgYu1I3qro1C9xua1wSnBzIW_Gj6mkf0FsBF4Xo01r8lDWXlq93E7DNnBDc_xcYA2en_LyMRVClC8NShFSma9ZJzO8NgkeV93XTD7Nkg2Vd-NJ9Ip7eSMN3x7aDhxoQHl1bN9j3M_LOy51xt2Lzh4isaMYANyGDUK_IglZyomVeBHVl_CblAbow25K4_ZW69hYzf4Kgp0iOfAcPs0YQvFvIEKrXfZy8mrm3VE2uayEWxW5S99eBUHqTsPrJhQXyPK2UpF67kHIAXq74tX6JnqrliX2ySPXTMSxM9rxytxp943FOa7NEeX0NGMvV35o9aMv9xpRfBxc2XMQiiYU2E05j7o3WcAiz1G6QDOqOFd0PtSQuTwNQiDjO1QtF1Ynl7dyFSUF_S2ToIPX4Wv-YS-b59rX260yynmbniXoJ2enQidmPPQtUWIEG9g8rcc-aMFKnOr5P53Qf3NQa5vFZ6eAaVTm6Htyk24n6G0-CV2ENNXofl9MkSWhQ-b6SkLEnNbCBpUVt4NxBIQO00qgDm_WwIF01fsQEG7zuMwLKqhXQZuop5O86QTib7eVMFiC7tC6vz0fdFly2sUt0l4y5Mq-bvW-F1gYXBJOBL37GK6RWmoBMUgnfjWRTGy8a4PZnx4TzJU1z1Cv8UTcP-WdheDRQ-yen-JHaMdCmH-ary0jbLNQGB7J18HR5duiWRCahQYONNsQOKt032XAjl6QgvH67XnAK9Ds-tGxGdZcDNo_c8DjlvnRxeabb8ECovOl3pYeyIwAcuMqLj9dHu1eBNeI96cZLhaQNqQKg0XDmtcoePMypWq5lUJnIusjmh7vOhP2EgpiD4-h8HKaqEVGrw4Ao5qWi8mGdB8gN1kU1r3wWtDdEzhF_pwUVEkPl07knXWww7zOfoinPdXivKChw87mZ54XYK_3Xjefl5fpNXOIHZ471Wqx3rN6ITX9FoIA8eWo395Xi6492s3QOuQM1c4R14JAiCqIG8WrzU2gT5dEtTXbx4PMGOFplNmBBam-sQ19LPNzmYJHdu8TGMZ75l8FnA7rN24izRqMX7NxcAVDA3QYpa2lkgmBL8HvX4hwZxIZfu_kTgZj41L5a_qUTkoApHta1WSQlYhTwji31tSG6pbQkC1FlKhBPp2tZswG4P856LRYI4BANPC5XBMgFwkUkrgvgGFE5BPNTPaLd-rH4idOJmjjgBv4AfbefFPkx0K4Aw4JUGQROlfS5vvTYkx_3SRodURlQkEYNhwW4MG5898wa3iMJJcwLrYgJFW2k-YdHaLmeKTsK6BiTxOpTmA_Gx5t85u2mLJOZokkYhzajo2bYbWWKFJsn26KYlnvYOKYISzO74ubvRGmy3LOqNefIwrCidrQacB-mNzep70-77ZSSvfDu2lGUln0ayuZeatdL2hvdFCGSsEtZUmlElpy3k6U3ijSDc0ZLJ28KW_A3UPNTSfNSWHVO059HJiarZeMs3tjkwBDFz-pQdGFakutm2CNT89CFUc6ms6r_i8BnGm77dda_MvZlm4MBcfmsZGOycM0wYOVC6zRrPBzQGeNe2B7TI7jGmHTNnK7UrSU1splUmU5jBtfuJ8cg-Ylu-8QpZyiVKjV871Gft4Atp24X9bzQ67wC4xE3eSb6SRqgL1g630U95hUlHqNYu6tpymbgK4-dVR_oKlqC1h6YiTMN79rB8Aoto3OuNN-pFNy5MF5eMXytLoYD5lGU4vj8xb0r14Ky7nzmI82U9DkfejCvh60VtZkY5VKx1vdd6LwiT0UNYd_WpNfhGfG2NKs_yV--Ft9vy2N1XNiPhIu4hAWPbIyGyKYGAgS9aLWNFrIeUWb-27zp3CBTImcCsweQ5g9ARMHiL9pDe9TdHCfttCZwzaVTuw6CnySlD-1Bp-LxF3MuXsx0opi04xWZrh0H5xIKYtSZHsVJkwkex54l5NjMBw36ky_vNcO3hhM9gVu4P3tJ7X9MBVCj3yaMPB15WmdrGjOHJjJ2Q22MDvp3u_gkB5bq26qg4BrCaPxxXgpNePT54scrAKqB-32j4P_uzxEz3nrMBr547xJ6hNXMs9GBE6I3rdAye8Sski6rYNofAVpnekrfr82LkRXv3jExwXtX1Tt7CG28bBR3g0nNqcFCwqjmuK5jVaixaBNjjzkxdTx2QDwnWI_-9r3GK36tRkzyHs0JQVPeL57GiVgaTaLdJjMf6jDtA9iToT5LBlN2vFZFu8EzEQnlufH7VhGEdiQd2clzNv_7hGTTjblWFCBLoNZMU4ec4-2X58v_rQ&cid=CAQSPgDq26N9sFolnDUcJD941wabUnpWjPQQ2GSrDx2yM59kyEH4YaF-XpeYhTNu20ZNtrVcTVB3MlMTvYq-yyrfGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.1ppt.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:40:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
65141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 07:40:26 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 1018 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhQUexcjzPZp8wflYf4UPWgJnSd9ekqBzsDuqasIYZVQCJXkfld78qmIeXIAT3xgKCFMdH0PxeJpQca1d-HSnI4JW6akizpJJZPY-h1ixrEGQVyhq50E3JvPlVILHpdNY9due8CBnsVPl78ANE0Q5T5LEwQTPJcdx86oLiIIG-RwcLCtg&dbm_d=AKAmf-ABy5N0P15M6X4-mB-i22qrALJdQIZ76gOn4KqOzdKcFdmRvfrpMvQwOv0GWk_CJumMTvp2Hi6uEptKN-V78B5RhCCHT8IB8yVqUvT3kYVqFg2G4albF9KjBMWAagnO6wYSk9EuawU-QgK8405HDySU-xE54M4x_UlFmRYx7vnUyTfJvgdDdmggC0JnFtZU6cyQ64-J0TOhPiqsjxcQFS_6DtbDU7rYZftWe-U_bRr8ggoElXNqoM8c5U1jZF-sMqbfdj8Oyxbwm6ZLusmt0g88x7WrXy5_Ht1c94gWdTwTTTiNaGiYAcqVI3sfLwe2q_-3eNv2sFebyAd3ggoFh0gaTMP9mcbSY1E5WpIEY6q3DLsIaSbtdOTiYlf0a-hbMkElV4h-CGdwm-NR04ZeWxtmJjn1KpnZkCo5Bil4m1IWmIgntZmF7k9OT7bysZM_3h8fVKGZnQOttRZKDtD2RovJFH483o_e1wm3ZPCyG9BmLZ-16fY4h5gZ1hYX3IZT2lYgBActxcwcDqF_0MzJU5kg_8u9qeyA5zpuo4ZN4mT2bLIfxBaTmjZzXGFcTWYmORcUK7Qw_1omYmpym3PIEErBHvOO9mIMLg-9FDXcDc8w_g0YSZVZf2DYE3cJa5YaeXDnwKv4Gi5BPUAhOM2OYUTxyYbn7YDaYR53i_nuJ5W-23Ra5rkLeB0o0BgDNd-k0w8usr64VEn_2Eucn6PawHDwjPXlZHucJhcCEvMApndXznQS4aY2oR4Bq6Ix4yPdTeVhKejm-po5lflNPOOmm4452bjWrWEVvJRBOiZo_ZTaNVYmDQzOKq9kS_NLWWXOJ3EQB6z0QsXSvYG1fIpYR-YqrVSoijM5s5Fxo0QmrKzpByDGnakx4ZvyGVxgFgN7TrojwN2HGURgYu1I3qro1C9xua1wSnBzIW_Gj6mkf0FsBF4Xo01r8lDWXlq93E7DNnBDc_xcYA2en_LyMRVClC8NShFSma9ZJzO8NgkeV93XTD7Nkg2Vd-NJ9Ip7eSMN3x7aDhxoQHl1bN9j3M_LOy51xt2Lzh4isaMYANyGDUK_IglZyomVeBHVl_CblAbow25K4_ZW69hYzf4Kgp0iOfAcPs0YQvFvIEKrXfZy8mrm3VE2uayEWxW5S99eBUHqTsPrJhQXyPK2UpF67kHIAXq74tX6JnqrliX2ySPXTMSxM9rxytxp943FOa7NEeX0NGMvV35o9aMv9xpRfBxc2XMQiiYU2E05j7o3WcAiz1G6QDOqOFd0PtSQuTwNQiDjO1QtF1Ynl7dyFSUF_S2ToIPX4Wv-YS-b59rX260yynmbniXoJ2enQidmPPQtUWIEG9g8rcc-aMFKnOr5P53Qf3NQa5vFZ6eAaVTm6Htyk24n6G0-CV2ENNXofl9MkSWhQ-b6SkLEnNbCBpUVt4NxBIQO00qgDm_WwIF01fsQEG7zuMwLKqhXQZuop5O86QTib7eVMFiC7tC6vz0fdFly2sUt0l4y5Mq-bvW-F1gYXBJOBL37GK6RWmoBMUgnfjWRTGy8a4PZnx4TzJU1z1Cv8UTcP-WdheDRQ-yen-JHaMdCmH-ary0jbLNQGB7J18HR5duiWRCahQYONNsQOKt032XAjl6QgvH67XnAK9Ds-tGxGdZcDNo_c8DjlvnRxeabb8ECovOl3pYeyIwAcuMqLj9dHu1eBNeI96cZLhaQNqQKg0XDmtcoePMypWq5lUJnIusjmh7vOhP2EgpiD4-h8HKaqEVGrw4Ao5qWi8mGdB8gN1kU1r3wWtDdEzhF_pwUVEkPl07knXWww7zOfoinPdXivKChw87mZ54XYK_3Xjefl5fpNXOIHZ471Wqx3rN6ITX9FoIA8eWo395Xi6492s3QOuQM1c4R14JAiCqIG8WrzU2gT5dEtTXbx4PMGOFplNmBBam-sQ19LPNzmYJHdu8TGMZ75l8FnA7rN24izRqMX7NxcAVDA3QYpa2lkgmBL8HvX4hwZxIZfu_kTgZj41L5a_qUTkoApHta1WSQlYhTwji31tSG6pbQkC1FlKhBPp2tZswG4P856LRYI4BANPC5XBMgFwkUkrgvgGFE5BPNTPaLd-rH4idOJmjjgBv4AfbefFPkx0K4Aw4JUGQROlfS5vvTYkx_3SRodURlQkEYNhwW4MG5898wa3iMJJcwLrYgJFW2k-YdHaLmeKTsK6BiTxOpTmA_Gx5t85u2mLJOZokkYhzajo2bYbWWKFJsn26KYlnvYOKYISzO74ubvRGmy3LOqNefIwrCidrQacB-mNzep70-77ZSSvfDu2lGUln0ayuZeatdL2hvdFCGSsEtZUmlElpy3k6U3ijSDc0ZLJ28KW_A3UPNTSfNSWHVO059HJiarZeMs3tjkwBDFz-pQdGFakutm2CNT89CFUc6ms6r_i8BnGm77dda_MvZlm4MBcfmsZGOycM0wYOVC6zRrPBzQGeNe2B7TI7jGmHTNnK7UrSU1splUmU5jBtfuJ8cg-Ylu-8QpZyiVKjV871Gft4Atp24X9bzQ67wC4xE3eSb6SRqgL1g630U95hUlHqNYu6tpymbgK4-dVR_oKlqC1h6YiTMN79rB8Aoto3OuNN-pFNy5MF5eMXytLoYD5lGU4vj8xb0r14Ky7nzmI82U9DkfejCvh60VtZkY5VKx1vdd6LwiT0UNYd_WpNfhGfG2NKs_yV--Ft9vy2N1XNiPhIu4hAWPbIyGyKYGAgS9aLWNFrIeUWb-27zp3CBTImcCsweQ5g9ARMHiL9pDe9TdHCfttCZwzaVTuw6CnySlD-1Bp-LxF3MuXsx0opi04xWZrh0H5xIKYtSZHsVJkwkex54l5NjMBw36ky_vNcO3hhM9gVu4P3tJ7X9MBVCj3yaMPB15WmdrGjOHJjJ2Q22MDvp3u_gkB5bq26qg4BrCaPxxXgpNePT54scrAKqB-32j4P_uzxEz3nrMBr547xJ6hNXMs9GBE6I3rdAye8Sski6rYNofAVpnekrfr82LkRXv3jExwXtX1Tt7CG28bBR3g0nNqcFCwqjmuK5jVaixaBNjjzkxdTx2QDwnWI_-9r3GK36tRkzyHs0JQVPeL57GiVgaTaLdJjMf6jDtA9iToT5LBlN2vFZFu8EzEQnlufH7VhGEdiQd2clzNv_7hGTTjblWFCBLoNZMU4ec4-2X58v_rQ&cid=CAQSPgDq26N9sFolnDUcJD941wabUnpWjPQQ2GSrDx2yM59kyEH4YaF-XpeYhTNu20ZNtrVcTVB3MlMTvYq-yyrfGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.1ppt.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 07:40:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
65141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
7485935580621256062
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Jan 2023 07:40:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1018 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 09:09:10 GMT
truncated
/ Frame 1018 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70b4458f5833fa4d58f737118735eed08ace44d19d76962c4602aca60ef05004

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 61B9 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=280&slotname=7817706076&adk=3232139631&adf=925910620&pi=t.ma~as.7817706076&w=336&lmt=1648871992&format=336x280&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766099&bpp=4&bdt=7275&idt=189&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5735965714302&frm=20&pv=2&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=653&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s1ALBIuTtp&p=https%3A//www.1ppt.com&dtd=208
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 12:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 12:12:54 GMT
truncated
/ Frame 9054 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d6b560e2e0a4e379f6447b75f17f4c993f601d91c22d20af513a7781d6c0c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9054 		347 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
063205ced11cfb8b6582590f54b2be24e5999f1b2abe3577e8a0e66f23109e2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8DED 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
178215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Jan 2023 00:15:52 GMT
expires
Sun, 07 Jan 2024 00:15:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 8DED 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 12:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 12:12:54 GMT
rs.jpg
eclick.baidu.com/ 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/rs.jpg?pageSearchId=1673228765831311xen4513a&content=%7BpgSacI%22%2263275331e41a%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%3A%2Fw.ptcmatce458hm%22%22aeerhd%3A17286811xn53%22%5D%22aeerhd%3A17286811xn53%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Ahts%2Fww1p.o%2Fril%2F90.tl%2CpgSacI%22%2263275331e41a%7D%7D
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:09 GMT
Last-Modified
Mon, 12 Dec 2022 07:48:15 GMT
Server
nginx
Etag
"6396dcbf-0"
Content-Type
image/jpeg
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Mon, 09 Jan 2023 01:46:09 GMT
index.html
s0.2mdn.net/sadbundle/17564367843676312214/ Frame 04AD 		116 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1803876248fe8399c67663bde0e14c7e9f75fc0cbd70548e66d16637f8cce6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:07 GMT
expires
Tue, 09 Jan 2024 01:46:07 GMT
last-modified
Thu, 23 Jun 2022 10:58:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1018 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7NGpXoKPgF1BHYtPqNauh874HC8dqkPyPiAJ9d4XL8SE3ixXh8GVoX0djAMa5EAlXKtFU0UvKG1APs8nZ3TtzeQdX7vTNTxs5y3HU06IIfZWIP2Rm-hL8MvPKTJH0UEW7eLhModp4AZpSu7aPm7IiOL1Z89luqYlHsgv7UNRBOhIxLaSwur__qc80rfDcb5_mVuflYmyM09MPZR5YMYORl3ZN-QJodIEOtFYLw_xI9jNgtSBO0sV6iIJbMvxqGSRWzvjF9UnCSFR_p6jAJf60iQE72MxmX5IxjTBnKs_nstPL9jjt0Bw9XN-VtJqnnmnln9KE1sAh2aZUrWMTQ35UJ2L6B9HWp_D7olu984slG2HpD0zLGueAz9qVTc5jzyCf4uN8ausib3OWHPQJBTBnvUVrpTHlbXCUEYdNKvhsNC5Go38ba009x7GoeMgnF2H3R6ljpBrSuMh2P4DiZmPDtuYPwVdx3nFXkl2iTy6xL-yGm2b8m7S0nk4h_RJFk0_aVqR5ErlKjxyZyMFlLAbtdIbhrtU4Ctz4ncn1oRbdD6VS0c_s8tbEEdKFgFHLrHOo_dG30A_EN6QsmiuLOGRtuVnQJOG_RHgQWvdOTOOnpZVezmAGRckiKvp7DPKl-USquTtOf4Te9hIspHwwNg8Dx6h37VlYuX8dZKdsPCSPRzjx-V7BdV5I2V4wKm_XNK6fwIQAtx8LB0poSA_4seNhYaIkI3Y6PpfaKa8gDCG0q61whzmhjo1yL7Y0uDFFs0wBdJARt5pQ75VYSU4Xpmf3-E1W5mqZAMeDNUKI8mzsQEIInbhlGl3sK5zVr4jS7Jz_41fGP96BM7Ov2_2toUUO2uafIok4FhikNFNSZhKkukFVfrtQiigQc7IG9noy3cmCClpf4zBLLvNzX3m0qBTAHq7v69HiZXfl6dMtry9aQYSRTh9SUiNVWjz1d7CFG9vkwLkC7OCzaJKn_zrWaesJ0fUfZy0SprfdWJLqaQ7KYurI4Ichuq2HLw26xeON70_dPWLZXdQEf8OWAiV7QGkqjEJfCJJ7yyTl9X4Pd7hl_fj1lOw-yZBNBoYHnWMqKNRrUU-xNlui3dJxxDeMqHVHigLC-4zxI5udeXmgVuCf4XaP8WMHcmMzz3ReCR-1oPZQf3PcdLKOOaY33cK7DKcRDO_u-99QKY89I9DneUQsITa7FSqvR23issgl-SOYbO4l&sai=AMfl-YRfC19G5_WFcXdk5l0nR0yA9SUEpCQhrRAsZIxGx0rvaH-EWvecA62S310eaqHrSreX--WFAPDXN_mj-vgA7aZe6YWcB7GPTDl85OqWceaVbkp744DeDW4GtmJEwhYWyPqlNKVPt4zVmazNjccNy5PJfAnWDMghiCA6TOGigQVJIyIOsSfkokgn8jj9G9twozA0ZibkK1Ii5ea6w75ecJjtn6Iu4Qerw0vkwTNC8hvYCUUAcDa4-n07RKQLq3yHp3-755DEx1z2GqgjPDF0&sig=Cg0ArKJSzJJJoaPCSsHeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&cbvp=1&cstd=286&cisv=r20230104.73347&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Jan 2023 01:46:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 09 Jan 2023 01:46:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiRoX33G7Y-fxHYbMx_AP0vCF0A0AAAAAOAHgBAI&bg=!HxylHFjNAAYDMoyoIzI7ACkAdvg8WtN7UKheiPkdsR7N84CU_vTcNqXZ9jXYKh6U1EAqBF-qfxxxKgIAAABUUgAAAANoAQeZArlr1qHPP2ZfwNuAd0nqQjz5LdQmrTXtFp5nbsbMa5jNQxHfXd5ON2mg-r003iBLwTYYo-SY_7xDt3o4axww99mOgd4QDdHVc8Zu6NdW31Ko4I_naVjipUCktqQu8K7CEArxe85qo3VIhjZgt2xedxW1ZfpVmHyYxi9402OFKOuplhU9YpcTICwX1jqxDH6TgwnJT29riKNFSFAfic93j7CsRHpYm-5JIal9mB98nXo1yNN07nTkdhxlN6QiTKeEIndjB2nnFhTARUZmDKZVrWc-_fWH3UI9K_uyWhNKVkHBvujPgnWMqpMWS7P1ActlO-ZvDTdTpFK97h1LnnKwQwIkoAq-e8v6WSUmsPLapD7quaEPfOuH5EZaGV3-UVFcFD5WYf__KK8ZNmor7QpyFRhSo2n7iCMLxsF9C1___j5TbLIW43ZtPJahXnXaabv93GiiCBMJKMfCTMIWgkj9976SUi4A7JFw6KjnXD0KxqvyjuOoAEqU7rHajf0_KbU64nl2mclFVulgcO2xC-gvI-XKYYxMY6x9hZu__SdmO6IOrW1alU1eCFNjdkpSlweqa-s0DrxTfF0x1EMFQeXzA370kioXzNV5u1U5a7jab_6ArakrFeD_PPrNE8gwL0iIv6-oeCfX9EmwQ1ERmEe9PLyAPCDo0TXJ3fPY76ixJmxzZPQVbhBtg7QqNQ5ePiJCb7xC8C6JyJOA1qeqH38j_54ilo-WBqRLxqivuQH1e6VyvMZN0ng9GulHiuAFzg_hmlny46fQY6E-_8aFC-7f9S0PdaC6_ctPPQ_DwjLdUYb6PYPotBit7qI4x58Mu-5RdtM7OUwUlLqi8JdrKf3fhtecqndyUpk2uRAEag3z7C6LT_U26ciQV13Db6wLE4dxvtFA7P2LBoSLt_SXnfII0qcfKTHGoCJO0aWG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062049157955815&output=html&h=600&slotname=2546915181&adk=1074214784&adf=624120279&pi=t.ma~as.2546915181&w=300&lmt=1648871992&format=300x600&url=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673228766840&bpp=3&bdt=8016&idt=3&shv=r20230104&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13672709fcb6aa0c-222ef4de35db00bc%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw&gpic=UID%3D00000ba05f9f6352%3AT%3D1673228766%3ART%3D1673228766%3AS%3DALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ&prev_fmts=336x280&correlator=5735965714302&frm=20&pv=1&ga_vid=70730884.1673228766&ga_sid=1673228766&ga_hid=2138913865&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1024&ady=1743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44777508%2C44774606%2C31071269&oid=2&pvsid=3154506033089752&tmod=300537959&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1oPRbuiCo7&p=https%3A//www.1ppt.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 04AD 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 15:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Jan 2023 15:59:13 GMT
btn_cta_arrow.svg
s0.2mdn.net/sadbundle/17564367843676312214/ Frame 04AD 		363 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17564367843676312214/btn_cta_arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfab66d751406c5e6727e929d9b193032067092d25695ffe1cce3cfce5dbef8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 18:21:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 18:21:58 GMT
kia.woff
s0.2mdn.net/sadbundle/17564367843676312214/ Frame 04AD 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17564367843676312214/kia.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 18:21:59 GMT
x-content-type-options
nosniff
age
113049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23072
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 18:21:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 04AD 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e749e79955390a24d129d68cf69089f88265e0d111a828d9da365f720fca6724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5600
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1018 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7NGpXoKPgF1BHYtPqNauh874HC8dqkPyPiAJ9d4XL8SE3ixXh8GVoX0djAMa5EAlXKtFU0UvKG1APs8nZ3TtzeQdX7vTNTxs5y3HU06IIfZWIP2Rm-hL8MvPKTJH0UEW7eLhModp4AZpSu7aPm7IiOL1Z89luqYlHsgv7UNRBOhIxLaSwur__qc80rfDcb5_mVuflYmyM09MPZR5YMYORl3ZN-QJodIEOtFYLw_xI9jNgtSBO0sV6iIJbMvxqGSRWzvjF9UnCSFR_p6jAJf60iQE72MxmX5IxjTBnKs_nstPL9jjt0Bw9XN-VtJqnnmnln9KE1sAh2aZUrWMTQ35UJ2L6B9HWp_D7olu984slG2HpD0zLGueAz9qVTc5jzyCf4uN8ausib3OWHPQJBTBnvUVrpTHlbXCUEYdNKvhsNC5Go38ba009x7GoeMgnF2H3R6ljpBrSuMh2P4DiZmPDtuYPwVdx3nFXkl2iTy6xL-yGm2b8m7S0nk4h_RJFk0_aVqR5ErlKjxyZyMFlLAbtdIbhrtU4Ctz4ncn1oRbdD6VS0c_s8tbEEdKFgFHLrHOo_dG30A_EN6QsmiuLOGRtuVnQJOG_RHgQWvdOTOOnpZVezmAGRckiKvp7DPKl-USquTtOf4Te9hIspHwwNg8Dx6h37VlYuX8dZKdsPCSPRzjx-V7BdV5I2V4wKm_XNK6fwIQAtx8LB0poSA_4seNhYaIkI3Y6PpfaKa8gDCG0q61whzmhjo1yL7Y0uDFFs0wBdJARt5pQ75VYSU4Xpmf3-E1W5mqZAMeDNUKI8mzsQEIInbhlGl3sK5zVr4jS7Jz_41fGP96BM7Ov2_2toUUO2uafIok4FhikNFNSZhKkukFVfrtQiigQc7IG9noy3cmCClpf4zBLLvNzX3m0qBTAHq7v69HiZXfl6dMtry9aQYSRTh9SUiNVWjz1d7CFG9vkwLkC7OCzaJKn_zrWaesJ0fUfZy0SprfdWJLqaQ7KYurI4Ichuq2HLw26xeON70_dPWLZXdQEf8OWAiV7QGkqjEJfCJJ7yyTl9X4Pd7hl_fj1lOw-yZBNBoYHnWMqKNRrUU-xNlui3dJxxDeMqHVHigLC-4zxI5udeXmgVuCf4XaP8WMHcmMzz3ReCR-1oPZQf3PcdLKOOaY33cK7DKcRDO_u-99QKY89I9DneUQsITa7FSqvR23issgl-SOYbO4l&sai=AMfl-YRfC19G5_WFcXdk5l0nR0yA9SUEpCQhrRAsZIxGx0rvaH-EWvecA62S310eaqHrSreX--WFAPDXN_mj-vgA7aZe6YWcB7GPTDl85OqWceaVbkp744DeDW4GtmJEwhYWyPqlNKVPt4zVmazNjccNy5PJfAnWDMghiCA6TOGigQVJIyIOsSfkokgn8jj9G9twozA0ZibkK1Ii5ea6w75ecJjtn6Iu4Qerw0vkwTNC8hvYCUUAcDa4-n07RKQLq3yHp3-755DEx1z2GqgjPDF0&sig=Cg0ArKJSzJJJoaPCSsHeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=653&vt=11&dtpt=361&dett=3&cstd=286&cisv=r20230104.73347&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 09 Jan 2023 01:46:08 GMT
motif.svg
s0.2mdn.net/sadbundle/17564367843676312214/ Frame 04AD 		533 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17564367843676312214/motif.svg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4c05690fb6e7d3dab847ccd11e9d9308555a0707a6932d11d721529ea407bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 18:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
384
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 18:21:59 GMT
logo_kia.svg
s0.2mdn.net/sadbundle/17564367843676312214/ Frame 04AD 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17564367843676312214/logo_kia.svg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43e8a1ddd47984faed5564cece77ecf8693f90ff884626dbf01b9e753cf92fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 18:21:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2117
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 07 Jan 2024 18:21:59 GMT
23717839_20220615075305325_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 04AD 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615075305325_bg_01.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7540294e6818a7b0d6e4bd4c20298480bb0fa3430aa0a66ce4d5c859694c078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 18:37:29 GMT
x-content-type-options
nosniff
age
25719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56880
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 14:53:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Jan 2023 18:37:29 GMT
23717839_20220615075308476_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 04AD 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615075308476_bg_02.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ee50f0817dc1f3728da33cfb3ddae4badf028b5c93f44627d0e197997a4811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 18:37:29 GMT
x-content-type-options
nosniff
age
25719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89420
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 14:53:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Jan 2023 18:37:29 GMT
23717839_20220615075311807_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 04AD 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615075311807_bg_03.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d734587f9a4db8c26c50122d4b83a39ca75b7d3c2d24e28ee70a17bd21ae1759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 18:37:29 GMT
x-content-type-options
nosniff
age
25719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54027
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 14:53:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Jan 2023 18:37:29 GMT
23717839_20220615075301968_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 04AD 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220615075301968_bg_04.jpg
Requested by
Host: www.1ppt.com
URL: https://www.1ppt.com/article/49508.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bff1d5a48ff287d90ca81a5f36b1851d59d9a94d1c7d6828078e69377ebf63ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17564367843676312214/index.html?e=69&leftOffset=0&topOffset=0&c=QLvTonkOvH&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 18:37:29 GMT
x-content-type-options
nosniff
age
25719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70161
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 14:53:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Jan 2023 18:37:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 04AD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 01:46:08 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame D717 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 12:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 12:12:54 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F193 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNXXNSOV8NSSaCMsi22abb4dpJaClGI_5GpkbPqHf7MlImXN_vyHyAF2vc7NOGeka_14eJkdDPjJdS7K8jO25XTar0Bxyx9d_Ai2RJGUYCd_S0JJU_VcjHg85pJjhI6Z8x6oR18A&sai=AMfl-YSNnpiMIgkiKVQhtxJqej-l9-2yPl40WnRrqM8XosTe_ONaNjhX1bvGEGnmDdfA0Hly676IyTLcDXJ9mCI&sig=Cg0ArKJSzLbY-EvcwPjeEAE&cid=CAQSGwDq26N9J0OwqtYVIslTiok4F4Xsh4d0Pq6ZmRgBIBM&id=lidar2&mcvt=1012&p=0,0,280,336&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3232139631&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673228766309&rpt=1303&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 01:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f579346696c1207fd115946ca580ccde9a70a7a54a05bf28250c286f12aa29b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11069
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062049157955815&plah=www.1ppt.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 01:46:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D5E1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 23:02:08 GMT
expires
Mon, 08 Jan 2024 23:02:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CA65 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bff03612143afeea6b589a34367fd6296a2d82a76cb9943af4558053e02ccde
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-axuVBCLnBKwzfYTFSNUJ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.1ppt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-axuVBCLnBKwzfYTFSNUJ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 01:46:10 GMT
expires
Mon, 09 Jan 2023 01:46:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u933009_0&ver=1221&rdm=1673228770335
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=6482289_0&ver=1221&rdm=1673228770336
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=6482153_0&ver=1221&rdm=1673228770337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=6485747_0&ver=1221&rdm=1673228770338
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=7393532_0&ver=1221&rdm=1673228770379
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=6802009_0&ver=1221&rdm=1673228770379
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=6300280_0&ver=1221&rdm=1673228770380
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
se.jpg
eclick.baidu.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/se.jpg?type=baiduDomShowMonitor&tuidIndex=u3474914_0&ver=1221&rdm=1673228770381
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 09 Jan 2023 01:46:10 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame D5E1 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 12:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 12:12:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CA65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230104&jk=3154506033089752&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D5E1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?b2rGAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 01:46:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230104&jk=3154506033089752&bg=!ubqluv7NAAYDMoyoIzI7ACkAdvg8WrGFzzF36k1_pG7cWLefeZeK9L-oiFgd9gelD49WNPQzxKNBXAIAAABfUgAAAAhoAQcKALIGejj3LaT3rCTsX1_czPF_PKatrW7P3gMbeFD488Nin4VXhzRcqUSJTWzQU0PUFebZkyAWXFG7SJm7yOZ8z03qYND2Ej0lniUryMZjd_OrnFBPTCXC7shI71_S4qKVDZLzNgoEjosTGT-OX3QbVgfnMa_PONqCgFcskzMZZQbPa8byIaLDPgLtsR33Ee6cN1h7w1nnnSlZGHldzfjuDOdLSIb2b_G7aai2H1atlhfYiF0WmQKlEK5VWeonw3FNs6565ouCJLVRBcqhnnSopde8a5ZxjS2aC1fX-MNabSXmjYi3GQyg8vaL07mBBkJXxMw_gLmJhu6eZGKFfF1mUXsrht837jAxUc5j0DaJvx1aLkSsvmatnVLzE6Q0folGbsVU60PvAWv3t1hMRGSSyXXLemuVBFpIKt3ZTtTyWs6C2PdFRRgJyfNzOhhGIusi5EcLhleUY84UuVeLySLa4O4sCdRjKEde76pgRgUmPyAfNGDZ_Uah5nKXr-2lRtOB8oM1DsZTBlX-T3h2ETPkDF5lAwfSlvKvqc0rgmDcw5k3clmHXRTVjGYcPVIqTUremhbhFaX-oABWi92rPb4VgHM4edgM-PmbVmZnqjfMyuxgbDquNZhjZygAq-R0xFKvFpEgCamvr7NVo_2uZZxK9noJMoBcEogSjE2SGSXgXuorgB05xm2XhKZpP4fwwXIg00TzOoeTsLhFyInj1Wj7l9qEdI-38QMyYP4fui-Y6BvpgJBvyWjahanY5_WXMmIEHD5UBe9b7HvjQ-_j5R86h5asVduNof3TFU7j1Wafvdg1tnU2AYPFZaeexa1rptLUKcKyXSggeP-xVN-Jf24WPBW6X3cvfuvnJG-3Mt45tbA1Fz9itvgnrASmQ8pLIfUWmRWLvf1Ef6d1wHMIG6lR-t1yeLkwCT7QPh_cJODQjKN51IXRhIMn9GhgDEYg11rxwcNp4fXXxafZL_6WMEKg4Wwx-MU11z6Ocq6tNcIVO0QAWsezNvhxd20K_926J9nO_y1D5TnCGUaURSRsPJ7znNOjVIsHsB8UobQZ4WjLO5JKHZzf-vyiza1yn5OIV2NWjpGzKkpA-apf4nhz0WOblNbNV3iOqAQ6N6Tkz7MAqIt1522X_BTXFFz9cH0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rs.jpg
eclick.baidu.com/ 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eclick.baidu.com/rs.jpg?pageSearchId=1673228765831311xen4513a&content=%7BpgSacI%22%2263275331e41a%2CneUla%22tu%2Cwno_%22%5B%22ye%3Awno_%22%22fae%22%5B%22lce%220%2C%22lce%220%5D%5D%22idw5%3A%22ye%3Aubokd%2CatBok%3A%7D%22nilcNBok%3A%2CnAtBok%3A%7D%22aeerhd%3A17286811xn53%22%22edpod%3Are%22idw4%3A%7Btp%22%22idw4%2Cirms%3A%7Bbokd%3A%7D%7Bbokd%3A%7D%7D%2Cwno_%22%7Btp%22%22nlce%22%22nilc%22%7B%2CatBokolc%222%22onilc%220%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
110.242.68.137 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1ppt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 01:46:11 GMT
Last-Modified
Fri, 15 Jul 2022 05:10:08 GMT
Server
nginx
Etag
"62d0f6b0-0"
Content-Type
image/jpeg
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Mon, 09 Jan 2023 01:46:11 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontentvisibilityautostatechange function| ads object| __delivery_global_ object| ___delivery___global___counter___ object| ___baidu_union object| BAIDU_SSP__info function| ___adblockplus_ function| ___baidu_union_callback number| BAIDU_DUP2_pageFirstRequestTime object| cpro_id object| cproArray object| cpro_mobile_slot object| BAIDU_DUP object| BAIDU_CLB_SLOT_ID function| BAIDU_CLB_fillSlot function| BAIDU_CLB_singleFillSlot function| BAIDU_CLB_fillSlotWithSize function| BAIDU_CLB_fillSlotAsync function| BAIDU_CLB_prepareMoveSlot function| BAIDU_CLB_setConfig function| BAIDU_CLB_addOrientation function| BAIDU_CLB_addSlot function| BAIDU_CLB_enableAllSlots function| BAIDU_CLB_preloadSlots function| BAIDU_DUP_addSlotStatusCallback object| slotbydup function| _0x5b7f object| antifraud function| _0x3264 object| JSBridge object| __core-js_shared__ object| core function| __abbaidu_20180315_2066_zidgetf function| __abbaidu_2066_bidgetf function| __abbaidu_2066_subidgetf function| __abbaidu_2066_extra_datagetf object| xaf object| BAIDU_DUP_log_ownv6x object| storage number| time object| __baidu_dup_jobruner object| adsbygoogle function| unblockedMonitor function| setPresentContainer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| jt object| LA number| laWaitTime number| google_rum_task_id_counter object| googletag object| GoogleGcLKhOms object| BAIDU_DUP_log_ktrl2 object| BAIDU_DUP_log_tqg4mb object| BAIDU_DUP_log_mml06 object| BAIDU_DUP_log_mkhawg object| BAIDU_DUP_log_icc4de object| BAIDU_DUP_log_3z3igq object| BAIDU_DUP_log_ghih9q object| BAIDU_DUP_log_livca9 object| google_image_requests

17 Cookies

Domain/Path Name / Value
www.1ppt.com/ Name: acw_tc
Value: 276077a016732287587233554ecd0acadf78f3a4117a57a9d98fd6d1197c25
.1ppt.com/ Name: __bid_n
Value: 1859434c66f3bab9634207
.baidu.com/ Name: BAIDUID_BFESS
Value: 3981F0186B82AA5CBB73B0E6FDB1BBB5:FG=1
.1ppt.com/ Name: FPTOKEN
Value: sMJAFCoeYbUvG1RIi/9KiBUBlAw21a+uUXnJzR3ADPqcs+U/FVFWZZuT0g7NUSnkXGlbQR4RwRlvC1k+/8dUEPdc8ykVurQBkQ05nDRSGWzmUCgQqWHNnqqQ7wHp+TALgvaNOLoy/T4cUzpLt3/uVTguV8LG0T+3PPVJvYKDG/kXB2eFeVqE+dK+UO/hoPKj6/1jaUk9/NzQ0qT4mxx+E7kvyJnXvWTia5tAkK+cAwMmbc+U7M1U2jjHWjdkL0KRKbPhGDJ4NxrnzL9e3JMswOCCdycYvAHUyB9smYG6hjNHrBNK4SbkUC8m/I53Dr2e/yEMmXBhDq9Oe5cLy53YDF86+xKc/DemnKTsUg2NAWgg0kOGWwGt+VPAYhOdxK3aOwtK4ERxDPd7NI+EoZnXdw==|4qr4cMj6pTAyc2VMAf2a1/e9Pw3J3LqoACNBAdTdmDM=|10|bde01cf1a1f8ec502341a40a6f2c4def
.1ppt.com/ Name: __gads
Value: ID=13672709fcb6aa0c-222ef4de35db00bc:T=1673228766:RT=1673228766:S=ALNI_MY30VM9CFpMIBl8-9B9_QLxgJxnVw
.1ppt.com/ Name: __gpi
Value: UID=00000ba05f9f6352:T=1673228766:RT=1673228766:S=ALNI_MajX1z_NPZw102QMzwvli4jtI0JrQ
www.1ppt.com/ Name: __vtins__Je1p5lxAB8oshp4Q
Value: %7B%22sid%22%3A%20%2229e18a4b-7b04-5bf8-b2a3-812a763d4913%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201673230566855%2C%20%22ct%22%3A%201673228766855%7D
www.1ppt.com/ Name: __51uvsct__Je1p5lxAB8oshp4Q
Value: 1
www.1ppt.com/ Name: __51vcke__Je1p5lxAB8oshp4Q
Value: a1bcaaf2-de2c-52b0-991d-b5e1f137113d
www.1ppt.com/ Name: __51vuft__Je1p5lxAB8oshp4Q
Value: 1673228766858
.doubleclick.net/ Name: IDE
Value: AHWqTUnQs9qBlREaObXAd16nzlvYZXmVVqHmrj5sL5xO1mnXPTnSacaeyoySCigrzss
.adnxs.com/ Name: uuid2
Value: 4314451637523320799
.casalemedia.com/ Name: CMID
Value: Y7tx36-AwWeEvgIdloviIwAA
.casalemedia.com/ Name: CMPS
Value: 3322
.casalemedia.com/ Name: CMPRO
Value: 3322
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVVv!Lr#!]tbPl1M>e)ZlrFUfJ+tGXxp2?3qvV:V=^]F@MWF@JvH:K(YXP^NG.[Hx.Hy3If)y3KL9D3I?+nB<T@`

24 Console Messages

Source Level URL
Text
javascript warning URL: https://js.1ppt.com/ads.js(Line 58)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 58)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6482289&uuid=60cbfb6356b59e37&dri=0&dis=0&dai=0&ps=120x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6482289&uuid=60cbfb6356b59e37&dri=0&dis=0&dai=0&ps=120x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 69)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 69)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6482153&uuid=e4d92efd8c46cea9&dri=0&dis=0&dai=0&ps=182x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6482153&uuid=e4d92efd8c46cea9&dri=0&dis=0&dai=0&ps=182x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 74)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 74)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6485747&uuid=759cb10fd9f1e2f1&dri=0&dis=0&dai=0&ps=274x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6485747&uuid=759cb10fd9f1e2f1&dri=0&dis=0&dai=0&ps=274x240&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228765, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 173)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 173)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=7393532&uuid=22d69803f53d8ca8&dri=0&dis=0&dai=0&ps=2158x248&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x2167&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=7393532&uuid=22d69803f53d8ca8&dri=0&dis=0&dai=0&ps=2158x248&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x2167&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 168)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 168)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6802009&uuid=8e8e80b6b4b4b1a8&dri=0&dis=0&dai=0&ps=2486x248&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x2494&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6802009&uuid=8e8e80b6b4b4b1a8&dri=0&dis=0&dai=0&ps=2486x248&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x2494&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 185)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://js.1ppt.com/ads.js(Line 185)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbjs.baidu.com/js/m.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6300280&uuid=3fb35a7695ba8320&dri=0&dis=0&dai=0&ps=654x1024&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x3010&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d1.1ppt.com/xtvzuvo.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://pos.baidu.com/xcem?di=6300280&uuid=3fb35a7695ba8320&dri=0&dis=0&dai=0&ps=654x1024&enu=encoding&exps=110011&ant=0&psi=2e24bdd3d6e3fcef&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1673228762470&ti=%E4%B8%89%E5%BC%A0%E6%A2%85%E8%8A%B1%E7%81%AF%E7%AC%BC%E6%98%A5%E8%8A%82PPT%E8%83%8C%E6%99%AF%E5%9B%BE%E7%89%87%20-%20%E7%AC%AC%E4%B8%80PPT&ari=2&ver=1221&dbv=2&drs=1&pcs=1600x1200&pss=1600x3010&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1648871992&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.1ppt.com%2Farticle%2F49508.html&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1673228766, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cbjs.baidu.com
cm.g.doubleclick.net
collect-v6-alqy.51.la
collect-v6.51.la
cpro.baidustatic.com
d1.1ppt.com
d2.1ppt.com
dsum-sec.casalemedia.com
eclick.baidu.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.1ppt.com
js.1ppt.com
pagead2.googlesyndication.com
partner.googleadservices.com
pos.baidu.com
s0.2mdn.net
sdk.51.la
sofire.baidu.com
sofire.bdstatic.com
tpc.googlesyndication.com
unmc.cdn.bcebos.com
wn.pos.baidu.com
www.1ppt.com
www.google.com
www.googletagservices.com
103.143.19.103
110.242.68.137
111.174.61.132
111.174.61.133
119.188.176.49
120.78.77.218
142.251.39.66
172.217.16.194
182.61.200.109
182.61.62.32
183.131.118.38
183.136.232.44
185.80.39.216
220.169.152.35
2409:8c15:2812:1000:8000:0:b00:92
2a00:1450:4001:80b::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:400d:802::2006
2a00:1450:400d:805::2002
2a00:1450:400d:808::2002
36.110.192.156
37.252.171.52
39.107.194.178
47.253.50.2
60.190.116.48
04d581f6989f348fdbb6a5ec61ef79a184b569ad1d9a98ed595b3c05f7d485b0
0513d6a92436fcd786f0be7a7e8d364d5d81c2906a313f94f26bb04937d53c43
063205ced11cfb8b6582590f54b2be24e5999f1b2abe3577e8a0e66f23109e2f
0b281083190dab05cc28baca239368cfd4032c557da6cf4a84015aaa0576c16d
0b7390aa142fea8bd1f3131f13d2b420ba484b1e3d51b0d6b909a9e47af8bfdc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1848a8c4d5720a57c7ed330ea7ed917cdf290282af271fad0510067a8d1a3b03
1ac0fba1ad700ae7dd3141cbca40567c8976aa82ed1b3c92e0e3d2f26a2d2f99
1d6b560e2e0a4e379f6447b75f17f4c993f601d91c22d20af513a7781d6c0c4d
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
21e9d127e7b67e29ef24388c0c4036233236ce6e3e4b2ac1262c70f876674e95
24483a68ad83ebfd0a83b3885bc50dd7d3690b8026fe2f8234a6fa6511402c2f
25a984c98b4566820d07ed330cca9df432b07ff477abb7d9a943474b9d6adb9c
2ba25a6fed0a4e157c1e427d86342a5a535bcc57094c88a1fd11a4a208b841ba
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3faeb0318266a710db70a0b14f711149b26554758ee287c13268fc02a211a601
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
42b89ca84e2408125a670f5ccd1122b97e412307c53cb96b489b6cce3e75309c
431fa2bdc454f28dc95f2cfb362c6baacac7c2d00621a8645f648aa4a26d3239
43e8a1ddd47984faed5564cece77ecf8693f90ff884626dbf01b9e753cf92fed
44364bbc2bfde11a30f86a3572f285be6581444ecd1b9d2e509e2d433004f1b7
4724d1d261d91b79aac9869ae9b68c36ece8d3fffe78b0b8a18a947e8496d535
4863d0316450463f3ad38d970740edbe099777eca3b4bc074779e7fc16b9f034
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dccdee0d68bb48df3a6f0dafdc948f7ec8f78d347f67006ed45b935e5997281
503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5216f693f84f0ab04845c53c2a94d4465ca9da6794f9bcf316205e5de2c876c8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cf918a4c57517262d4669bbae11a1a97e7dce492f199a7d3cb6889d8f8e7c6
572eceef7cba4a35a23cb21ee854b70aa4f29149e38701d2431ca2951554bc92
58ee735aabcdfc20b81eeeaa491e237f89255067827416ed383b386befa0a31d
5bff03612143afeea6b589a34367fd6296a2d82a76cb9943af4558053e02ccde
5cda01a9655d5719b0b23abeb42d9654a259bec0b38aa6b8be0c307e6692c172
5f579346696c1207fd115946ca580ccde9a70a7a54a05bf28250c286f12aa29b
605440c6e1769b7a488bc99af00ab2d327b04453f4aa099efc08ffc7c4247f94
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ef18f4c87bf659e058771c2526f62a4827ce991618d6eba7ade0437ae5abcf
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd
69c3b88fccd0127a1a844a2c2fad85be5683fe0e0188fb1feaf808efd2b0abbb
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
6f328380ca578fed790dbe1f7d7e6e32fdfdf839c32dda7fce23c9ef4280338b
70b4458f5833fa4d58f737118735eed08ace44d19d76962c4602aca60ef05004
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
73b4b00540dcaa77e2daa02c322e1dd05b44d76e57329720e5e633b39b4728ae
74536ba01c6246c2d68469d616eda8ab1614c4b4df5cc125bb0877cb26ef9a2d
770d4729e571e74ec240e6bb395ff8b4573e4754f86e5aa3f68797d594e92eab
8695379e0dd8df21c5520292bf0a8edb2f64761c770f1b774573b74eb7d6efab
871d0bef341bbc966671571903ea67292fe473a21821fd4e4f938f44ea8218bf
87332396860ea6ea43ac0f3e5d7f6b03f17d07ff20a81544c1dd2a016462b097
8cb9e15fd203fdd77693fa1b52ad7a7b60d51d62da317265059756ee91fa83b5
8e4eeec502297afa076b7cdbf83c4acd5cd8a4a9595cc4a038f183fce54bf266
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
93bb969581d9fa1270d0595cda5ca5d59d02fe0d0c3d30ef44235db515bc8875
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98ee50f0817dc1f3728da33cfb3ddae4badf028b5c93f44627d0e197997a4811
9cd8ccae7511a39665c55efcf02c008d864871d3217a7ed98ad3b7e0c43082ab
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1803876248fe8399c67663bde0e14c7e9f75fc0cbd70548e66d16637f8cce6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae7986c839995dfd2e83ed430d281c6ee025183a87e8b01ced6ae650a9c82f8f
b0c6aeb621b80dc3cdd959277027a636c01531514340b06a69e357d37c5776c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28c8e57a61f7ee5cd2202c834615a63adbdee2cb81268fdf97b2e56959ba161
bc2bb9fc634e64624ecb8cb30f989b65f67e4da241bdfe069f09c54f9e48f693
bce01a69747fe40a3b27bb25572bd4885837a1a51ba4dfbd990c98f3f3261ad3
bfab66d751406c5e6727e929d9b193032067092d25695ffe1cce3cfce5dbef8f
bff1d5a48ff287d90ca81a5f36b1851d59d9a94d1c7d6828078e69377ebf63ec
c783b4ac4360e109ac5c9460a8206b3a6f169e6fbc9d9f10c12584350595407c
cdace91f0ca34fd6f3aad0b51c3993557d1abef48c6bf4f8bb1779f4f98f4ad2
cdef471689e90bb3eb49efc6935eed65c1ebb5e5de2d5dc8b7ca963518471e6a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf649be8086f03718ee2d806c97100bed137183a33478c5344c571e72186512c
d734587f9a4db8c26c50122d4b83a39ca75b7d3c2d24e28ee70a17bd21ae1759
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57eec460e24ef7a1dbef84b6564f2b1c999c9f30e349f259e1c3778ebb777d3
e6bc92458e7750b6a65a8f6a85b300dad7a16c80b65a0ec7b2191c1a493b7def
e749e79955390a24d129d68cf69089f88265e0d111a828d9da365f720fca6724
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
eb4c05690fb6e7d3dab847ccd11e9d9308555a0707a6932d11d721529ea407bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012f754c1f5e78fb4b99e0b0fc3f56297c1654488072f7a39bcb3ef37b58c14
f37f9804b3b49a2971c55a441e67780aa036eb3c9e13668e9475051af8b3feae
f5c029757d14aba168a8e4504953874591925e34504283c9643bc4dc6ec234fe
f6a4fabcc414cee681c92dad16a3694cf88cf8d2e5922c936ff9efa884dd934e
f7540294e6818a7b0d6e4bd4c20298480bb0fa3430aa0a66ce4d5c859694c078