www.5a3q.com Open in urlscan Pro
202.36.56.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.5a3q.com/
Effective URL:
https://www.5a3q.com/
Submission: On December 13 via manual (December 13th 2021, 1:55:55 pm UTC) from GB — Scanned from GB

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 20 domains to perform 77 HTTP transactions. The main IP is 202.36.56.229, located in Singapore and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is www.5a3q.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on June 24th 2021. Valid for: a year.

This is the only time www.5a3q.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	202.36.56.229 202.36.56.229	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
5	47.254.187.179 47.254.187.179	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2	202.36.56.227 202.36.56.227	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4800:11:1b7a:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
77	21

2 202.36.56.229 (Singapore) 1 redirects

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

www.5a3q.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 47.254.187.179 (Frankfurt am Main, Germany)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

ossimg1.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.36.56.227 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

ip.zuciwang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4800:11:1b7a:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	376 KB
17	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	107 KB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
5	gstatic.com www.gstatic.com p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com	15 KB
5	aliyuncs.com ossimg1.oss-accelerate.aliyuncs.com	33 KB
4	baidu.com hm.baidu.com	27 KB
3	googletagservices.com www.googletagservices.com	110 KB
3	google.co.uk adservice.google.co.uk	1 KB
2	gemius.pl 1 redirects googlecm.hit.gemius.pl	588 B
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	zuciwang.com ip.zuciwang.com	678 B
2	5a3q.com 1 redirects www.5a3q.com	31 KB
1	openx.net rtb.openx.net	350 B
1	quantserve.com cms.quantserve.com	464 B
1	googleapis.com fonts.googleapis.com	1 KB
1	googleadservices.com partner.googleadservices.com	642 B
1	google-analytics.com www.google-analytics.com	345 B
1	qhres2.com s.ssl.qhres2.com	929 B
1	googletagmanager.com www.googletagmanager.com	61 KB
77	20

	Domain	Requested by
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.5a3q.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	ossimg1.oss-accelerate.aliyuncs.com pagead2.googlesyndication.com www.5a3q.com googleads.g.doubleclick.net www.googletagservices.com
5	ossimg1.oss-accelerate.aliyuncs.com	www.5a3q.com ossimg1.oss-accelerate.aliyuncs.com
4	cm.g.doubleclick.net	1 redirects www.5a3q.com googleads.g.doubleclick.net
4	hm.baidu.com	www.5a3q.com ossimg1.oss-accelerate.aliyuncs.com
3	www.google.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
2	googlecm.hit.gemius.pl	1 redirects www.5a3q.com
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com
2	ip.zuciwang.com	www.5a3q.com
2	www.5a3q.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	s.ssl.qhres2.com	ossimg1.oss-accelerate.aliyuncs.com
1	www.googletagmanager.com	ossimg1.oss-accelerate.aliyuncs.com
77	24

This site contains no links.

Subject Issuer	Validity	Valid
www.5a3q.com Encryption Everywhere DV TLS CA - G1	`2021-06-24` - `2022-06-24`	a year	crt.sh
*.oss-eu-central-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-01-25` - `2022-02-26`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
*.zuciwang.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-22` - `2022-05-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.ssl.qhres2.com WoTrus OV SSL CA	`2020-01-07` - `2022-04-07`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.5a3q.com/
Frame ID: EA393DE69692A15641B41D0C8B001DE1
Requests: 26 HTTP requests in this frame

Frame: https://ip.zuciwang.com/job.html?ue=aHR0cHM6Ly93d3cuNWEzcS5jb20v
Frame ID: AC67C04A7FE05BAF55D0408256EBDBB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: C2FE0DDE4473587F5A92F8623573D6E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&adk=2687186628&adf=2508249660&lmt=1639403749&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.5a3q.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403749716&bpp=2&bdt=3471&idt=188&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7514934403095&frm=20&pv=2&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2722338757810091&pem=214&tmod=795&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: 420CE82AFC390D807B6FC9E43A5E227B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7152236D7DD7040A6BA9F82C314CBD1A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 03ACB43FF4C8B2D31E66F5E0677B23B1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 29F1D82D3DBF98E416F60938C8803F6B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: 0E97FD284BFA0EAA8F0CF7DBEBFF9349
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 06A3DAE957C00F71725379A8635E8DFC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1639403750&psa=1&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403750933&bpp=1&bdt=4688&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1755dd84c57797f7-229d548b06cd0049%3AT%3D1639403750%3ART%3D1639403750%3AS%3DALNI_MbdE6jxsKQIgGB29O00A7lAZQeorg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=7514934403095&frm=20&pv=1&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&psts=AGkb-H8neKfgp-Bh35p2eqH6lH5bpzGQ3g31eUPZ4atjMmb4XE0D16CqWvanRZWir1R95AyX2O7CklsuCywhVAJqpoj-bNMudarVxg97vcY&pvsid=2722338757810091&pem=214&tmod=795&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XLdsGoXXTS&p=https%3A//www.5a3q.com&dtd=4
Frame ID: 0A21D6732A3EB6F720474738EDF5C560
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 82A19316A78131857D348922EBFC8414
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: B5C44026ACCF9CE402061CC4A1FE4FCD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E1B21FE71EC80604D8AB921147473E86
Requests: 2 HTTP requests in this frame

Frame: https://p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 294D43B56EC79E8210FF8215113DF388
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21FF02DED5982FEE2C0055CAE4D46BD5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 876510789C854689D131FFAF6BC3D4CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

酷生活网

Page URL History Show full URLs

http://www.5a3q.com/ HTTP 301
https://www.5a3q.com/ Page URL

Page Statistics

77
Requests

94 %
HTTPS

52 %
IPv6

20
Domains

24
Subdomains

21
IPs

7
Countries

766 kB
Transfer

2147 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.5a3q.com/ HTTP 301
https://www.5a3q.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLX8Rakbd4Htp2id5woZOiDloxF7NfsWfoM13SoPTGKuMmNS77Z0iNpdgTC8F5AOGeH-oMDD2HlxB-GbVutr_KsZn7E_hD28eYWF4eo5xJ-otxQWL_MLlTQJyMbfAw9ozO_FfnXVK8zjEfmzKm1u_Y&google_gid=CAESEMNsjX06VLeYeMdEX8t0esM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLX8Rakbd4Htp2id5woZOiDloxF7NfsWfoM13SoPTGKuMmNS77Z0iNpdgTC8F5AOGeH-oMDD2HlxB-GbVutr_KsZn7E_hD28eYWF4eo5xJ-otxQWL_MLlTQJyMbfAw9ozO_FfnXVK8zjEfmzKm1u_Y&google_gid=CAESEMNsjX06VLeYeMdEX8t0esM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxMzU1NTIwMDAyMjMyODYzNzk0Ng%3D%3D&google_push=AYg5qPLX8Rakbd4Htp2id5woZOiDloxF7NfsWfoM13SoPTGKuMmNS77Z0iNpdgTC8F5AOGeH-oMDD2HlxB-GbVutr_KsZn7E_hD28eYWF4eo5xJ-otxQWL_MLlTQJyMbfAw9ozO_FfnXVK8zjEfmzKm1u_Y

Request Chain 66

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDQEw8DRkUclcdUzXxmO73c&google_cver=1&google_push=AYg5qPKUDyvWJOhXXV6nMy_vNxnq3ItMP0QARUBgZ9zZYDepCRbFQxRaAbqGZ0TnJgkjYntjITsbNMdR3r186DiMOHyVMz9Zww_i_PYihkSLw5F8ALWOtY8ZGH5bQxGxF5pz4I5xrxE9N0vUpA2ln8boQKM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDQEw8DRkUclcdUzXxmO73c&google_cver=1&google_push=AYg5qPKUDyvWJOhXXV6nMy_vNxnq3ItMP0QARUBgZ9zZYDepCRbFQxRaAbqGZ0TnJgkjYntjITsbNMdR3r186DiMOHyVMz9Zww_i_PYihkSLw5F8ALWOtY8ZGH5bQxGxF5pz4I5xrxE9N0vUpA2ln8boQKM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1QODCaAuTsKvlt8WWhXbcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUDyvWJOhXXV6nMy_vNxnq3ItMP0QARUBgZ9zZYDepCRbFQxRaAbqGZ0TnJgkjYntjITsbNMdR3r186DiMOHyVMz9Zww_i_PYihkSLw5F8ALWOtY8ZGH5bQxGxF5pz4I5xrxE9N0vUpA2ln8boQKM

Request Chain 67

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1

Request Chain 68

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKV7gycWzS_d7aJdBMUX-V8&google_cver=1&google_push=AYg5qPJ33I8a93FGvt_Jxl6pUDnNol67JAgVtA47LNnO-0w6kW3MKXedZA7CyECO6Y2u_dGFNBnP0GJEGFFC5KEIL4gdtgUaQBJLyoj6WsAYHl3xN0bit0oYegD046SzE6Mpj6oujZKh54HrkwCj491XjCk HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ33I8a93FGvt_Jxl6pUDnNol67JAgVtA47LNnO-0w6kW3MKXedZA7CyECO6Y2u_dGFNBnP0GJEGFFC5KEIL4gdtgUaQBJLyoj6WsAYHl3xN0bit0oYeg&google_hm= HTTP 302
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

77 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.5a3q.com/
Redirect Chain

http://www.5a3q.com/
https://www.5a3q.com/

63 KB
31 KB

1531ms
601ms

Document
text/html

202.36.56.229
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5a3q.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 202.36.56.229 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cc9d8f6cf018b077027a18071f10417ac6ad3f09cbafb4246d69d7f08c5fd4d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Cache-Control: public,max-age=60
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 13 Dec 2021 13:55:58 GMT

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.5a3q.com/
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Mon, 13 Dec 2021 13:55:57 GMT
Content-Length: 144

GET
H/1.1 200
OK main.css
ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/ 169 KB
27 KB 2554ms
301ms Stylesheet
text/css 47.254.187.179
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/main.css?t=637749504000000000
Requested by: Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.179 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 21e536a6fbc899a94b2c197acea787fe6fe35992fa617ac876b6a7b94a18e58b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 13 Dec 2021 13:55:48 GMT
Content-Encoding: gzip
x-oss-request-id: 61B750E49AB67DE7137C37A0
Last-Modified: Wed, 17 Nov 2021 09:54:47 GMT
Server: AliyunOSS
Content-MD5: ZE5dXYRA7HLfU6/Vq/CVBw==
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
x-oss-storage-class: Standard
Connection: keep-alive
x-oss-hash-crc64ecma: 8291838087406827394
x-oss-server-time: 2

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 35 KB
13 KB 1946ms
1367ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?58578877db2604fd2c7066e40cc78860

Requested by

Host: www.5a3q.com
URL: https://www.5a3q.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f1dc2f317623db0ca5f17fd22fa79cb9d7b7fb13f2a4ed2937db42b5e26ed1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:55:47 GMT
Content-Encoding: gzip
Server: apache
Etag: 82b9a2b83b215562f58637326f801b99
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 12933

GET
H/1.1 200
OK ip.js Show response
ip.zuciwang.com/ 102 B
475 B 1647ms
325ms Script
text/javascript 202.36.56.227
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://ip.zuciwang.com/ip.js?t=637750293596107833
Requested by: Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 202.36.56.227 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5e013adcdd2a262fd9c48ae5a5cc667448ae0e8002f121dca1bc552b237490ad

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:56:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Content-Length: 202

GET
H/1.1 200
OK main.js Show response
ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/ 1 KB
1 KB 2996ms
726ms Script
application/javascript 47.254.187.179
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/main.js?t=637749504000000000
Requested by: Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.179 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 748183e82da0455336527a3343555f7e6cc99cc17209bf4feb04d628d776852d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 13 Dec 2021 13:55:49 GMT
Content-Encoding: gzip
x-oss-request-id: 61B750E5087FD3A04399C695
Last-Modified: Wed, 17 Nov 2021 09:54:47 GMT
Server: AliyunOSS
Content-MD5: tyLaLQE1eUz4FXxk3BiZeA==
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
x-oss-storage-class: Standard
Connection: keep-alive
x-oss-hash-crc64ecma: 4332477989397077199
x-oss-server-time: 2

GET
H/1.1 404
Not Found i.jpg
ossimg1.oss-accelerate.aliyuncs.com/ 0
0 262ms
262ms Image
application/xml 47.254.187.179
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ossimg1.oss-accelerate.aliyuncs.com/i.jpg
Requested by: Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.179 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 1394ms
1393ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1852473620&si=58578877db2604fd2c7066e40cc78860&v=1.2.89&lv=1&sn=45724&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.5a3q.com%2F&tt=%E9%85%B7%E7%94%9F%E6%B4%BB%E7%BD%91

Requested by

Host: www.5a3q.com
URL: https://www.5a3q.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:55:49 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK job.html Show response
ip.zuciwang.com/ Frame AC67 0
203 B 323ms
323ms Document
text/html 202.36.56.227
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://ip.zuciwang.com/job.html?ue=aHR0cHM6Ly93d3cuNWEzcS5jb20v
Requested by: Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 202.36.56.227 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/

Response headers

Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 13 Dec 2021 13:56:02 GMT
Content-Length: 0

GET
H/1.1 200
OK t3.js Show response
ossimg1.oss-accelerate.aliyuncs.com/i/js/ 11 KB
4 KB 268ms
268ms Script
application/javascript 47.254.187.179
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js
Requested by: Host: ossimg1.oss-accelerate.aliyuncs.com
URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/main.js?t=637749504000000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.179 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 5e52e80d2e69eeb714e9746c57ea94d3d4e33d1f49550365a6b097d2a3aee3fa

Request headers

Referer: https://www.5a3q.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-oss-object-type: Normal
Date: Mon, 13 Dec 2021 13:55:49 GMT
Content-Encoding: gzip
x-oss-request-id: 61B750E5087FD3A04399C6E3
Last-Modified: Tue, 07 Dec 2021 10:12:44 GMT
Server: AliyunOSS
Content-MD5: 6faEk+K9HSmpsngKNFkWAw==
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
x-oss-storage-class: Standard
Connection: keep-alive
x-oss-hash-crc64ecma: 10432601357433136725
x-oss-server-time: 2

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 126ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6023592932492329

Requested by

Host: ossimg1.oss-accelerate.aliyuncs.com
URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9ad21a2087c5792cfd5217b69a496a7e1c3110a8a31fdb7fee82029a5e14b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5a3q.com/
Origin: https://www.5a3q.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51931
x-xss-protection: 0
server: cafe
etag: 7522392777421470564
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 13:55:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 113ms
40ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BN7QZ4ZXP1

Requested by

Host: ossimg1.oss-accelerate.aliyuncs.com
URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

520cf0d033f7fc2de20c83df24ed74fb3c9a1e69274874edaec272d3d0a6b865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61820
x-xss-protection: 0
expires: Mon, 13 Dec 2021 13:55:49 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 35 KB
13 KB 1853ms
1407ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?0cf98a9dffdb90c9dfe21f39a613dff6

Requested by

Host: ossimg1.oss-accelerate.aliyuncs.com
URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d4cad1b44f8bb4a125345a40598e59cb19923316ca340aaf90075d2b59d890ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:55:50 GMT
Content-Encoding: gzip
Server: apache
Etag: 4f2832ca5e507078e2b962ba01096ab2
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 12935

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres2.com/ssl/ 478 B
929 B 1367ms
32ms Script
application/javascript 2600:9000:206f:4800:11:1b7a:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: ossimg1.oss-accelerate.aliyuncs.com
URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:11:1b7a:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer: https://www.5a3q.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 08 Jun 2021 21:42:11 GMT
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc02.lato;MISS from w-sc02.lato
age: 16215219
x-qstatic-hit: 1
x-cache: Hit from cloudfront
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"6a5b3175a87e4950"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: ipSKm6bey7CxLGcxkpBy517H8A1D_vy4tJF0ufbYmViu7r-QFZL7xw==
expires: Fri, 06 Jun 2031 21:42:11 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
345 B 148ms
40ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BN7QZ4ZXP1&gtm=2oec10&_p=1284325706&sr=1600x1200&ul=en-us&cid=1082716363.1639403750&_s=1&dl=https%3A%2F%2Fwww.5a3q.com%2F&dt=%E9%85%B7%E7%94%9F%E6%B4%BB%E7%BD%91&sid=1639403749&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BN7QZ4ZXP1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5a3q.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.5a3q.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 102ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6023592932492329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101736
x-xss-protection: 0
server: cafe
etag: 6975236974516728872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 13:55:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame C2FE 11 KB
5 KB 118ms
33ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6023592932492329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 12 Dec 2021 18:37:20 GMT
expires: Sun, 26 Dec 2021 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 69509
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
642 B 111ms
40ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.5a3q.com&callback=_gfp_s_&client=ca-pub-6023592932492329

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6023592932492329&plah=www.5a3q.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6b6bb2b61835bcb3da0f1ccacf8aa723ec1ca40200edef46a493dbc2046987c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 127ms
40ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.5a3q.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 111ms
39ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.5a3q.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 420C 248 KB
61 KB 516ms
477ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&adk=2687186628&adf=2508249660&lmt=1639403749&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.5a3q.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403749716&bpp=2&bdt=3471&idt=188&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7514934403095&frm=20&pv=2&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2722338757810091&pem=214&tmod=795&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a8b5b49f03fa537aeb3ab963f5759de17b88a8e6569f2cd9e9f7ac79a2f3189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 13:55:50 GMT
server: cafe
content-length: 62541
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 13:55:50 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 149 KB
53 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54388
x-xss-protection: 0
server: cafe
etag: 7489837695308457557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 13:55:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 81ms
40ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.5a3q.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 82ms
40ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.5a3q.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 7152 11 KB
5 KB 36ms
35ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 12 Dec 2021 19:07:16 GMT
expires: Sun, 26 Dec 2021 19:07:16 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 67714
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 03AC 11 KB
5 KB 34ms
34ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 12 Dec 2021 19:07:16 GMT
expires: Sun, 26 Dec 2021 19:07:16 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 67714
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 7152 4 KB
1 KB 111ms
41ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 12:34:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 13:55:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 13:55:50 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7152 205 B
743 B 103ms
31ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 08:08:52 GMT
x-content-type-options: nosniff
age: 20818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Dec 2022 08:08:52 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7152 604 B
695 B 103ms
32ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 14:27:36 GMT
x-content-type-options: nosniff
age: 84494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 12 Dec 2022 14:27:36 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 7152 19 KB
8 KB 119ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:43:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 03AC 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqz4T5VC3YYXIPLmA1fAPzfaE4AqdrLCLZ77ulcqHD5yfiN7MJBABIKzRxyBgu76ug9AKoAGmieuMA8gBAqgDAcgDyQSqBMABT9BkKUJZn_Pgj7B_3sut5jI9uB6R0UKJZ_T-U7POmcW4w7btssFgCt8LrZMiT-c4pKJtvRCeFYM_cMb1iCxhRYpYV8zVcQ3Gn8SOMDYONBnzce2___J_zrnVR3FUHJ33DxM1Qrh_cFfOEo57bsCiWu-TzX5vRbtsFJktPJIWbRg3key3BUuoO-TMYmBs90OyiynPrV-fy65vbYHsBNEilqlfEIrzxeS_kP7SMxfCcJDh99wY3VdqkOsvg1UMeb9HwATg1-SRgQSSBQQIBBgBkgUECAUYBKAGAoAH-_PO4QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCVmwnSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjAyMzU5MjkzMjQ5MjMyORgA&sigh=reI96qLWiE0&uach_m=[UACH]

Requested by

Host: www.5a3q.com
URL: https://www.5a3q.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Dec 2021 13:55:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Dec 2021 13:55:50 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 03AC 19 KB
8 KB 95ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:53:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 03AC 2 KB
1 KB 121ms
57ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:49:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03AC 119 KB
37 KB 179ms
104ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:55:50 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 03AC 15 KB
6 KB 98ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:46:41 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 03AC 27 KB
11 KB 115ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 20:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Dec 2021 20:31:13 GMT

GET
H2 200 15555423327077929514
tpc.googlesyndication.com/simgad/ Frame 03AC 37 KB
37 KB 122ms
59ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15555423327077929514?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn1gpEoSjO27WGO6n2Ro-MDJiI_1w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21e7f8d9828ad7c1e13532c579dc288e1e52a57897ef1bc42d96636c03d72a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 14:19:12 GMT
x-content-type-options: nosniff
age: 84998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37580
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 20:34:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Dec 2022 14:19:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29F1 143 B
163 B 33ms
32ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 13:02:20 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0E97 1 KB
880 B 81ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:43:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0E97 19 KB
8 KB 73ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:53:01 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0E97 2 KB
1 KB 80ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:49:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E97 119 KB
37 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:55:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0E97 15 KB
6 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:38:03 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 0E97 27 KB
11 KB 71ms
32ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 19:06:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29F1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

80ms
80ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:55:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 13:55:51 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:55:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06A3 143 B
163 B 33ms
32ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 13:02:20 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 03AC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac754d8ac02593a171691fe9d23a29169204e2566cedbae1ed14e515d06cde7c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK logo.png
ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/ 810 B
1 KB 264ms
264ms Image
image/png 47.254.187.179
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/logo.png
Requested by: Host: ossimg1.oss-accelerate.aliyuncs.com
URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/main.css?t=637749504000000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.179 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 04389b5ed25cf0948075917bb801ddaf02fa2f51efed2b57b0272e1bb312e3b3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/main.css?t=637749504000000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:55:51 GMT
x-oss-request-id: 61B750E77A62ACA5F874D03A
Content-MD5: 4Rx9YgN9X5v1iN38j8RU6g==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 810
x-oss-object-type: Normal
Last-Modified: Wed, 17 Nov 2021 09:54:47 GMT
Server: AliyunOSS
ETag: "E11C7D62037D5F9BF588DDFC8FC454EA"
Content-Type: image/png
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11101650390573611532
x-oss-server-time: 3

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 54ms
53ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.5a3q.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.5a3q.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A21 76 KB
30 KB 730ms
729ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1639403750&psa=1&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403750933&bpp=1&bdt=4688&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1755dd84c57797f7-229d548b06cd0049%3AT%3D1639403750%3ART%3D1639403750%3AS%3DALNI_MbdE6jxsKQIgGB29O00A7lAZQeorg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=7514934403095&frm=20&pv=1&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&psts=AGkb-H8neKfgp-Bh35p2eqH6lH5bpzGQ3g31eUPZ4atjMmb4XE0D16CqWvanRZWir1R95AyX2O7CklsuCywhVAJqpoj-bNMudarVxg97vcY&pvsid=2722338757810091&pem=214&tmod=795&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XLdsGoXXTS&p=https%3A//www.5a3q.com&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58af4e73bed059a9a5d7042392c11cbc854ff2803aceabc4b76dc6f32733999e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 13:55:51 GMT
server: cafe
content-length: 30512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06A3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

91ms
91ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:55:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 13:55:51 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:55:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 82A1 35 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: www.5a3q.com
URL: https://www.5a3q.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:43:21 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame B5C4 35 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:43:21 GMT

GET
H3 200 10420970452935652652
tpc.googlesyndication.com/simgad/ Frame 0A21 8 KB
8 KB 33ms
33ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10420970452935652652?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn5Rb9-k37cFL9lO0cXg8iH5OlK_w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1639403750&psa=1&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403750933&bpp=1&bdt=4688&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1755dd84c57797f7-229d548b06cd0049%3AT%3D1639403750%3ART%3D1639403750%3AS%3DALNI_MbdE6jxsKQIgGB29O00A7lAZQeorg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=7514934403095&frm=20&pv=1&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&psts=AGkb-H8neKfgp-Bh35p2eqH6lH5bpzGQ3g31eUPZ4atjMmb4XE0D16CqWvanRZWir1R95AyX2O7CklsuCywhVAJqpoj-bNMudarVxg97vcY&pvsid=2722338757810091&pem=214&tmod=795&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XLdsGoXXTS&p=https%3A//www.5a3q.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

751f1417cb6d048bf1b097e53fa56c39ee3262912140dee544904463618f4f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 01:56:42 GMT
x-content-type-options: nosniff
age: 302349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7886
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 13:39:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Dec 2022 01:56:42 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0A21 19 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:53:01 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0A21 2 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:49:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0A21 15 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 13:38:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A21 119 KB
36 KB 81ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:55:51 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0A21 27 KB
11 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 20:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Dec 2021 20:31:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0A21 0
0 73ms
72ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C10DO51C3YamGA9WmtOUPr6iboAeI3-mDZqa6_7rhDsHxuMC4IBABIKzRxyBgu76ug9AKoAHQsfaZA8gBAqgDAcgDyQSqBLgBT9CuT8wNKEZGSkLWurbrFpXchpM9Lvjd4zFRjZXV4oIMhARt7K7-LNcTov1xsCpqWGa2L172u_EeiXV_vIn2bFenfQm2PLiHPvl-7wMIlJ8c2LbeSW7SCYy2SNvtnhCimPnECkRzVrkoaHSUyT3LOoHsGc7r_I70KMEdXC-8Mcx9WvYnMAdN2tKE9KUCijH958qhgefNU5aLYkqpzAD1WscNdQIdF85ZO4I02c6LvRMRtbva4xNVl8AEqo_Z7OQDkgUECAQYAZIFBAgFGASgBgKAB5jOiWaoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDP6w3SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjAyMzU5MjkzMjQ5MjMyORgA&sigh=iqhiywewk28&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1639403750&psa=1&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403750933&bpp=1&bdt=4688&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1755dd84c57797f7-229d548b06cd0049%3AT%3D1639403750%3ART%3D1639403750%3AS%3DALNI_MbdE6jxsKQIgGB29O00A7lAZQeorg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=7514934403095&frm=20&pv=1&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&psts=AGkb-H8neKfgp-Bh35p2eqH6lH5bpzGQ3g31eUPZ4atjMmb4XE0D16CqWvanRZWir1R95AyX2O7CklsuCywhVAJqpoj-bNMudarVxg97vcY&pvsid=2722338757810091&pem=214&tmod=795&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XLdsGoXXTS&p=https%3A//www.5a3q.com&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Dec 2021 13:55:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1B2 143 B
163 B 33ms
30ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1639403750&psa=1&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403750933&bpp=1&bdt=4688&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1755dd84c57797f7-229d548b06cd0049%3AT%3D1639403750%3ART%3D1639403750%3AS%3DALNI_MbdE6jxsKQIgGB29O00A7lAZQeorg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=7514934403095&frm=20&pv=1&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&psts=AGkb-H8neKfgp-Bh35p2eqH6lH5bpzGQ3g31eUPZ4atjMmb4XE0D16CqWvanRZWir1R95AyX2O7CklsuCywhVAJqpoj-bNMudarVxg97vcY&pvsid=2722338757810091&pem=214&tmod=795&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XLdsGoXXTS&p=https%3A//www.5a3q.com&dtd=4

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 13:02:20 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 294D 247 B
963 B 147ms
38ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

5146f2ce25313bb9e48c6150baad0a619ef9a792187086336b696c948c1e8a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-vyI6N7BrUMsD8ZFIhA-Wtw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
date: Mon, 13 Dec 2021 13:55:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 21FF 1 KB
749 B 32ms
31ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1779
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0A21 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a02f9319dee26d71e73cb59f9516c64002c1d27513506a962d711aa7378b5bb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 21FF 35 B
464 B 144ms
32ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIGPMUodTTXy6Dw4HrCn780&google_cver=1&google_push=AYg5qPI-XqK_jZgcgpDHWWbI2xfiWLIECfvecJMkz2VD_HwdQ5lQha_VaerKruwZrAmcqDWN_CAmnANWSUYfYe7XCdcJQ3B0Pgq96T_kSvYK0J059NsinQORfAjd-QDtkOueViR3gA3sNHNXfDTJgV3dFg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FF
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLX8Rak...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLX8Rak...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxMzU1NTIwMDAyMjMyODYzNzk0Ng%3D%3D&google_push=AYg5qPLX8Rakbd4Htp2id5woZOiDloxF7NfsWfoM13SoPTGKuMmNS77Z0iNpdgTC8F5AOG...

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxMzU1NTIwMDAyMjMyODYzNzk0Ng%3D%3D&google_push=AYg5qPLX8Rakbd4Htp2id5woZOiDloxF7NfsWfoM13SoPTGKuMmNS77Z0iNpdgTC8F5AOGeH-oMDD2HlxB-GbVutr_KsZn7E_hD28eYWF4eo5xJ-otxQWL_MLlTQJyMbfAw9ozO_FfnXVK8zjEfmzKm1u_Y

Requested by

Host: www.5a3q.com
URL: https://www.5a3q.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxMzU1NTIwMDAyMjMyODYzNzk0Ng%3D%3D&google_push=AYg5qPLX8Rakbd4Htp2id5woZOiDloxF7NfsWfoM13SoPTGKuMmNS77Z0iNpdgTC8F5AOGeH-oMDD2HlxB-GbVutr_KsZn7E_hD28eYWF4eo5xJ-otxQWL_MLlTQJyMbfAw9ozO_FfnXVK8zjEfmzKm1u_Y
pragma: no-cache
date: Mon, 13 Dec 2021 13:55:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 13 Dec 2021 13:55:52 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 21FF 43 B
350 B 71ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOIUOUYzq-xKKUx7iRlltA0&google_cver=1&google_push=AYg5qPIpU5jtKqyHL6rpGx5Udw7-oH-v6Gn4a6qIVkO9f7YT_6zUegmecfLMqiFNA_vHPj9aM0NfwJKIzDYX469GerjKpb9KSOk9H818Z_ATyABWDcfqSDksH14ek-6ficHystV_oLY0w3TR37CdOU27Mwc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6023592932492329&output=html&h=90&slotname=1629586894&adk=2022022571&adf=1062953761&pi=t.ma~as.1629586894&w=970&lmt=1639403750&psa=1&format=970x90&url=https%3A%2F%2Fwww.5a3q.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639403750933&bpp=1&bdt=4688&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1755dd84c57797f7-229d548b06cd0049%3AT%3D1639403750%3ART%3D1639403750%3AS%3DALNI_MbdE6jxsKQIgGB29O00A7lAZQeorg&prev_fmts=0x0%2C1600x1200%2C1005x124&nras=3&correlator=7514934403095&frm=20&pv=1&ga_vid=1082716363.1639403750&ga_sid=1639403750&ga_hid=1284325706&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&psts=AGkb-H8neKfgp-Bh35p2eqH6lH5bpzGQ3g31eUPZ4atjMmb4XE0D16CqWvanRZWir1R95AyX2O7CklsuCywhVAJqpoj-bNMudarVxg97vcY&pvsid=2722338757810091&pem=214&tmod=795&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XLdsGoXXTS&p=https%3A//www.5a3q.com&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:51 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: j2iosbgpjr2i9i05sqqd1ks5m8c40jb1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1QODCaAuTsKvlt8WWhXbcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

92ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1QODCaAuTsKvlt8WWhXbcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUDyvWJOhXXV6nMy_vNxnq3ItMP0QARUBgZ9zZYDepCRbFQxRaAbqGZ0TnJgkjYntjITsbNMdR3r186DiMOHyVMz9Zww_i_PYihkSLw5F8ALWOtY8ZGH5bQxGxF5pz4I5xrxE9N0vUpA2ln8boQKM

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1QODCaAuTsKvlt8WWhXbcw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUDyvWJOhXXV6nMy_vNxnq3ItMP0QARUBgZ9zZYDepCRbFQxRaAbqGZ0TnJgkjYntjITsbNMdR3r186DiMOHyVMz9Zww_i_PYihkSLw5F8ALWOtY8ZGH5bQxGxF5pz4I5xrxE9N0vUpA2ln8boQKM
date: Mon, 13 Dec 2021 13:55:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 21FF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTL...

0
0

GET
H2

200

dot.gif
googlecm.hit.gemius.pl/ Frame 21FF
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKV7gycWzS_d7aJdBMUX-V8&google_cver=1&google_push=AYg5qPJ33I8a93FGvt_Jxl6p...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ33I8a93FGvt_Jxl6pUDnNol67JAgVtA47LNnO-0w6kW3MKXedZA7CyECO6Y2u_dGFNBnP0GJEGFFC5KEIL4gdtgUaQBJLyoj6WsAYHl3xN0bit0oYeg&googl...
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5

43 B
235 B

51ms
50ms

Image
image/gif

217.182.200.29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by: Host: www.5a3q.com
URL: https://www.5a3q.com/
Protocol: H2
Server: 217.182.200.29 , France, ASN16276 (OVH, FR),
Reverse DNS: gcm7.host.hit.gemius.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:52 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Sun, 12 Dec 2021 13:55:52 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 21FF 0
232 B 108ms
38ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGQuPMxXQoSa988ii3RZ9f06bJP2o3vnuvYXy_rWMF6cMtTfADEWqiCTNwDS-hy-U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:55:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

83ms
83ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:55:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 13:55:51 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 13:55:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe.html Show response
p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 294D 4 KB
2 KB 79ms
39ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

393dec89c3ac30c09fb36ebd2437393461b00b6f9be83c93fabf6862630d7499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-0OliF5iaigWfp-O4y-E2Fg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1861
date: Mon, 13 Dec 2021 13:55:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8765 35 KB
13 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:43:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 03AC 42 B
64 B 108ms
69ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveplfHsUHMNwXkR3k5-OibT4zmiu_G4IwzcB8IkGebmqXeBhbsozyCIFFkKldpkgVo7Y8lIfF_paH0T6GUIy_0zfizCUDGxd_KXV_NEro7u_9g1lKK1A&sai=AMfl-YR5yfTy_iTczV8lEAI-LxTPv9WzpBwYXTa_a0oxjh59REAFSwcoIn8GWONVECHv9oUprsyXugTTCYq0&sig=Cg0ArKJSzAtBUZE3FCZYEAE&id=lidar2&mcvt=1028&p=0,0,124,1005&mtos=193,877,1028,1179,1179&tos=193,684,151,151,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2687186621&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639403750567&rpt=305&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0A21 42 B
64 B 68ms
68ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssun5Ctm-hPTkY1RC0sqBIE34XBXQ9FWbRObY-nUOON_0trTZBZ5zhQyt6qATY81G23QfP0VofbsmgbFtNNW9V-eO0EFQrQ_6cA5W1l3_muSIdnKSiNBA&sai=AMfl-YRscxkoxiHjUSA6fsfi7ajCY7OEc-VlUi_G4EZb0MtdCIy_yFy9FMBSbcSvtIphVe_qlzqW1mGrP9oZ2b0kuLMVWoX7flbJUuYoKCGA8m5M46tYFtOTesxD-HA&sig=Cg0ArKJSzCpH-uIMHzMEEAE&cid=CAASF-Roj5J-WA3jpoKlsssvbO9vnaGRnYMz&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2022022571&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639403750938&rpt=867&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 628ms
628ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=799438121&si=0cf98a9dffdb90c9dfe21f39a613dff6&v=1.2.89&lv=1&sn=45730&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.5a3q.com%2F&tt=%E9%85%B7%E7%94%9F%E6%B4%BB%E7%BD%91

Requested by

Host: www.5a3q.com
URL: https://www.5a3q.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:55:55 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 43ms
43ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a46084bb083ea10e5119c32a6883f9d10790adfe3c69d83f7efad66efacefc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.5a3q.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: D34700049B76BED8
.5a3q.com/	1970-01-20 08:08:59	Name: Hm_lvt_58578877db2604fd2c7066e40cc78860 Value: 1639403749
.5a3q.com/	1969-12-31 23:59:59	Name: Hm_lpvt_58578877db2604fd2c7066e40cc78860 Value: 1639403749
www.5a3q.com/	1970-01-19 23:24:50	Name: pp Value: 1
.5a3q.com/	1970-01-20 16:54:35	Name: _ga_BN7QZ4ZXP1 Value: GS1.1.1639403749.1.0.1639403749.0
.5a3q.com/	1970-01-20 16:54:35	Name: _ga Value: GA1.1.1082716363.1639403750
.5a3q.com/	1970-01-20 08:44:59	Name: __gads Value: ID=1755dd84c57797f7-229d548b06cd0049:T=1639403750:RT=1639403750:S=ALNI_MbdE6jxsKQIgGB29O00A7lAZQeorg
.doubleclick.net/	1970-01-20 08:44:59	Name: IDE Value: AHWqTUnzSzZ61v1prItrJfyJhiCjrtWQ6HpECGpQC0swYfsalqN5C7q9-hljeiKkFng
.doubleclick.net/	1970-01-19 23:23:27	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-19 23:24:50	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:32:59	Name: KADUSERCOOKIE Value: D5038309-A02E-4EC2-AF96-DF165A15DB73
.quantserve.com/	1970-01-20 01:32:59	Name: d Value: EEUBCQH5JIEA
.quantserve.com/	1970-01-20 08:53:38	Name: mc Value: 61b750e7-dc1b4-9a9a8-15d7a
.casalemedia.com/	1970-01-20 08:08:59	Name: CMID Value: YbdQ504Yucr6PloY7C4dkAAA
.casalemedia.com/	1970-01-20 01:32:59	Name: CMPS Value: 1853
.e.dlx.addthis.com/	1970-01-20 08:53:38	Name: na_tc Value: Y
.hit.gemius.pl/	1970-01-19 23:33:28	Name: Gtest Value: KlGPpRMGQMQGnCIpsMXPTIiissGMXP8cXRbG
.casalemedia.com/	1970-01-20 01:32:59	Name: CMPRO Value: 674
.casalemedia.com/	1970-01-19 23:24:50	Name: CMST Value: YbdQ6GG3UOgA
.addthis.com/	1970-01-20 08:53:38	Name: na_id Value: 2021121313555200022328637946
.addthis.com/	1970-01-20 08:53:38	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:53:38	Name: uid Value: 61b750e8c050e7ce
.addthis.com/	1970-01-20 08:53:38	Name: ouid Value: 61b750e800010e3094f65645b2d9f10e68e9605513c782874680
.dlx.addthis.com/	1970-01-20 00:06:35	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 00:06:35	Name: na_sr Value: 20211213
.dlx.addthis.com/	1970-01-19 23:23:23	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 00:06:35	Name: na_sc_e Value: 0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ossimg1.oss-accelerate.aliyuncs.com/i.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/main.js?t=637749504000000000(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/www.5a3q.com/main.js?t=637749504000000000(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js(Line 308) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ossimg1.oss-accelerate.aliyuncs.com/i/js/t3.js(Line 308) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbdQ504Yucr6PloY7C4dkAAAAqIAAAIB&google_push=AYg5qPICwxEoavwm3HKat6Da5xseZGwldtFDvRyXf0TPJ_26K9ZsluXrwz1o9bN1xrx6oWrcOYolxF3pzcspKUMDTLGguZdqqfm-FF-iWeWwV1aJfemCOwyEVsLX7dSNZCseS-DHmUjdbVQ2RjewCIfcRws&google_gid=CAESEJnKXDfEehQGI3mI2eUAycE&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hm.baidu.com
image6.pubmatic.com
ip.zuciwang.com
ossimg1.oss-accelerate.aliyuncs.com
p4-g22aumlrimbdo-eutjo5huuvs7ksx4-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.openx.net
s.ssl.qhres2.com
tpc.googlesyndication.com
www.5a3q.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
tpc.googlesyndication.com
103.235.46.191
104.89.42.102
142.250.185.130
142.250.186.131
142.250.186.66
185.64.190.78
202.36.56.227
202.36.56.229
217.182.200.29
2600:9000:206f:4800:11:1b7a:9b00:93a1
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
35.227.252.103
47.254.187.179
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
04389b5ed25cf0948075917bb801ddaf02fa2f51efed2b57b0272e1bb312e3b3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a46084bb083ea10e5119c32a6883f9d10790adfe3c69d83f7efad66efacefc0
21e536a6fbc899a94b2c197acea787fe6fe35992fa617ac876b6a7b94a18e58b
21e7f8d9828ad7c1e13532c579dc288e1e52a57897ef1bc42d96636c03d72a1b
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
393dec89c3ac30c09fb36ebd2437393461b00b6f9be83c93fabf6862630d7499
3a8b5b49f03fa537aeb3ab963f5759de17b88a8e6569f2cd9e9f7ac79a2f3189
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5146f2ce25313bb9e48c6150baad0a619ef9a792187086336b696c948c1e8a9f
520cf0d033f7fc2de20c83df24ed74fb3c9a1e69274874edaec272d3d0a6b865
58af4e73bed059a9a5d7042392c11cbc854ff2803aceabc4b76dc6f32733999e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e013adcdd2a262fd9c48ae5a5cc667448ae0e8002f121dca1bc552b237490ad
5e52e80d2e69eeb714e9746c57ea94d3d4e33d1f49550365a6b097d2a3aee3fa
6b6bb2b61835bcb3da0f1ccacf8aa723ec1ca40200edef46a493dbc2046987c1
748183e82da0455336527a3343555f7e6cc99cc17209bf4feb04d628d776852d
751f1417cb6d048bf1b097e53fa56c39ee3262912140dee544904463618f4f61
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a02f9319dee26d71e73cb59f9516c64002c1d27513506a962d711aa7378b5bb7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9ad21a2087c5792cfd5217b69a496a7e1c3110a8a31fdb7fee82029a5e14b6b
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac754d8ac02593a171691fe9d23a29169204e2566cedbae1ed14e515d06cde7c
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
cc9d8f6cf018b077027a18071f10417ac6ad3f09cbafb4246d69d7f08c5fd4d6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4cad1b44f8bb4a125345a40598e59cb19923316ca340aaf90075d2b59d890ae
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dbea79f2df0b90afb4a54efb447d86eeb387be30ca8387fb69b069a46ae4896a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dc2f317623db0ca5f17fd22fa79cb9d7b7fb13f2a4ed2937db42b5e26ed1e3
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.5a3q.com Open in urlscan Pro 202.36.56.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

77 Requests

94 %HTTPS

52 %IPv6

20 Domains

24 Subdomains

21 IPs

7 Countries

766 kBTransfer

2147 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.5a3q.com Open in urlscan Pro
202.36.56.229 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

94 %
HTTPS

52 %
IPv6

20
Domains

24
Subdomains

21
IPs

7
Countries

766 kB
Transfer

2147 kB
Size

27
Cookies

77 HTTP transactions
2 data transactions