www.51wendang.com Open in urlscan Pro
62.234.199.163 Public Scan

URL:
https://www.51wendang.com/
Submission: On May 21 via manual (May 21st 2021, 7:16:46 am UTC) from GB

Summary HTTP 107 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 107 HTTP transactions. The main IP is 62.234.199.163, located in China and belongs to CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is www.51wendang.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on June 2nd 2020. Valid for: a year.

This is the only time www.51wendang.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	62.234.199.163 62.234.199.163	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:b200:0:e2b1:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
17	36.27.212.105 36.27.212.105	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	119.188.176.48 119.188.176.48	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	103.235.46.39 103.235.46.39	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
107	17

27 62.234.199.163 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

www.51wendang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:b200:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

jspassport.ssl.qhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 36.27.212.105 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

share.xuehi.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.188.176.48 (Nanjing, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

zz.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.46.39 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	321 KB
27	51wendang.com www.51wendang.com	470 KB
17	xuehi.cn share.xuehi.cn	79 KB
10	doubleclick.net googleads.g.doubleclick.net	70 KB
5	google.com 2 redirects adservice.google.com www.google.com	914 B
3	googletagservices.com www.googletagservices.com	99 KB
3	baidu.com hm.baidu.com sp0.baidu.com	15 KB
2	google.de adservice.google.de	330 B
1	bdstatic.com zz.bdstatic.com	562 B
1	googleadservices.com partner.googleadservices.com	643 B
1	qhimg.com jspassport.ssl.qhimg.com	473 B
0	qhres.com Failed s.ssl.qhres.com Failed
0	cnzz.com Failed s95.cnzz.com Failed
107	13

	Domain	Requested by
27	tpc.googlesyndication.com	www.51wendang.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
27	www.51wendang.com	www.51wendang.com
17	share.xuehi.cn	www.51wendang.com share.xuehi.cn
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.51wendang.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	www.51wendang.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	hm.baidu.com	www.51wendang.com
1	sp0.baidu.com	www.51wendang.com
1	zz.bdstatic.com	www.51wendang.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	jspassport.ssl.qhimg.com	www.51wendang.com
0	s.ssl.qhres.com Failed	jspassport.ssl.qhimg.com
0	s95.cnzz.com Failed	www.51wendang.com
107	16

This site contains links to these domains. Also see Links.

Domain
www.beian.miit.gov.cn
m.51wendang.com
www.baidu.com

Subject Issuer	Validity	Valid
www.51wendang.com TrustAsia TLS RSA CA	`2020-06-02` - `2021-06-03`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.ssl.qhimg.com WoTrus OV SSL CA	`2020-02-11` - `2022-05-11`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
share.xuehi.cn TrustAsia TLS RSA CA	`2020-08-25` - `2021-08-25`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.51wendang.com/
Frame ID: 521C064B2561F6406E5A812DAC770787
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: C69869865BC31FFCE5C7F94090B34625
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=4053313444&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371166&bpp=4&bdt=1252&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4071306610566&frm=20&pv=2&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zyM0sttG7y&p=https%3A//www.51wendang.com&dtd=76
Frame ID: 6D923CBDA30E9E701C8D1148762D366A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83
Frame ID: 99F05578EE6A9AE5C784C32FB3E419E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html
Frame ID: EBDFDE8AE706CA015565A1209B5E1B94
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CuD9JO16nYMeREKuMjuwPp6aEaPOKx9Bi8aXpjK8NrgIQASCvo_olYJUCoAHQxqPhA8gBCakCt0WzEsMogD6oAwHIA0iqBOQBT9D0c63NEmMBGDXJzwulbHLctvYZxVQq0XxyBdyPiPKzKJaM0d40_6bH0WwpPHS-KrspwmxtPCLZjnQgXkOIiF34aeFd0KPwD3-H_JytTa0YRwjblpiciYPdwZqR0OOftUhkb9hwJVY6Yn7xsm3muK6tLR-PDi4pbGjKM9Ad9ZQn0qv7ZkXHSglWHGMrSVMLtqgSBaQyi2Tqbd5bqahCIKq5lJD2glFN5J1fJhJeq1sy5LQyoE22SDePptdyW-eIt3KQpw5Ah8U2X3VLM24p_1nFhRvSZplWRlzjbZzYdCmmToxTwATR2seY8QGSBQQIBBgBkgUECAUYBKAGLoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDryQHSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItODM2NjM1MDAzMjYyMTUxOQ&sigh=dINmPE_qJv0&template_id=419
Frame ID: 475CC5B249A4228A1410D433D6D33002
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 75A466E74463F1610333820CED23A8E3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html
Frame ID: C012C4068960745130F5C0CA7F8D421E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cxc38O16nYLutEJT03wOHuKWgC5mlto5i76jH6_sM9MK1q64BEAEgr6P6JWCVAqAB5rC9vwPIAQmpAtW6khh2hbQ-qAMByANIqgTqAU_QpXlOcljaVyNRNZjy8YUKOGDjMPcJK7sKKDBL5kodJ_2doN1EcO1pJ34Ua-6A4fv1O7fXXOEakvBYC_U5zyIIBVR0E8msj5_6v_0rvvWKy0-zVCSPtzQzPrbPQSIx0mg40BB55CBQYeo4s1Sfm3K0V0V1qwYUHIcjIalKYybk6sCX9BgVrwaH9j20TEAN4jL0IDeV0ytamdGZ5ilR9OzC3cBEYn5nsZW69KNwNFBJsJe5OCNPQlR9EHd_yTaerhqezGKd9HEPf3EyR3wf6qNsw_Y-JEUnHhV-fqaWYY0vcdYv8NpqZXbDFcAEqd6vxMEDkgUECAQYAZIFBAgFGASgBi6AB4LPwkCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQvpcG0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTgzNjYzNTAwMzI2MjE1MTk&sigh=mzLSm_ZRRRk&template_id=419
Frame ID: 02FE7B8346681F76D603594E0FA71043
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DD7597801EFED3C3003DFA94C31CA712
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&adk=1812271804&adf=3025194257&lmt=1621568128&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.51wendang.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581395776&bpp=1&bdt=25861&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90%2C660x90&nras=1&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=9
Frame ID: 313BA0DA27AC1628061B906CC7EEEC93
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 461CC63785B2012CED787B52B6E71CCF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28BA97586437839A1279188D996B3117
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

107
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

1057 kB
Transfer

2147 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.beian.miit.gov.cn/publish/query/indexFirst.action
Title: 闽ICP备15022310号

Search URL Search Domain Scan URL

URL: https://m.51wendang.com/
Title: 手机版

Search URL Search Domain Scan URL

URL: http://www.baidu.com/s?wd=&tn=SE_hldp08010_vurs2xrp
Title: 百度一下

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

107 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.51wendang.com/ 57 KB
21 KB 1640ms
207ms Document
text/html 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7abab7c894814f2b3ff900b4906bccb7404d9cb8a8c12e489d4185e116a47077

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.51wendang.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:09 GMT
content-type: text/html
content-length: 20879
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:09 GMT; Path=/
content-encoding: gzip
last-modified: Fri, 21 May 2021 03:35:28 GMT
accept-ranges: bytes
etag: "411adf57f24dd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/8.5
content-security-policy: upgrade-insecure-requests

GET
H2 200 style.css
www.51wendang.com/css/ 19 KB
5 KB 440ms
440ms Stylesheet
text/css 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.51wendang.com/css/style.css

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

fda27727f1506bc6524ab77b0a1939053ee4e3b0dbfad9799eb5a0b35b823d8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /css/style.css
pragma: no-cache
cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jul 2017 12:42:46 GMT
server: Microsoft-IIS/8.5
etag: "067352fb13d31:0"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4921

GET
H2 200 common.js Show response
www.51wendang.com/js/ 21 KB
6 KB 441ms
441ms Script
application/javascript 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.51wendang.com/js/common.js

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

15afb4a8224f7e9e062bae649b33525d061d2c1a44db871908400e5310398de5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /js/common.js
pragma: no-cache
cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private
content-security-policy: upgrade-insecure-requests
set-cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0; path=/; HttpOnly
content-length: 5721

GET
H2 200 logo.png
www.51wendang.com/images/ 4 KB
4 KB 669ms
667ms Image
image/png 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/logo.png

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d2d73efb429ee71a996cdf3cd2e416a8b9f77fa08186c834a6fd769b01bf3d99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/logo.png
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 09:34:16 GMT
server: Microsoft-IIS/8.5
etag: "09c4bf949dd01:0"
content-type: image/png
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 4061

GET
H2 200 gongzuozongjie.jpg
www.51wendang.com/images/ 18 KB
18 KB 813ms
810ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/gongzuozongjie.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9a9158acd142cf1a4589fc1005a01d693213e5943178c04d43f105783d34ef5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/gongzuozongjie.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:12 GMT
server: Microsoft-IIS/8.5
etag: "0801cf543dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 18050

GET
H2 200 cizhibaogao.jpg
www.51wendang.com/images/ 17 KB
17 KB 674ms
672ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/cizhibaogao.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

8473488b34007c5e32ad863ffa861356f7b85ce8af8499b47f0f74b886053458

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/cizhibaogao.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:04 GMT
server: Microsoft-IIS/8.5
etag: "0cc57f043dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 17539

GET
H2 200 fangwuzulinhetong.jpg
www.51wendang.com/images/ 30 KB
31 KB 811ms
809ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/fangwuzulinhetong.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ae90784f76bdff53e39773f3616a50cd8b962eb03530c5829c150aa58de8c56f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/fangwuzulinhetong.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:06 GMT
server: Microsoft-IIS/8.5
etag: "0f988f143dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 30968

GET
H2 200 cizhixin.jpg
www.51wendang.com/images/ 39 KB
40 KB 777ms
776ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/cizhixin.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a2a9a3746e2c4885a90f59aaa6482338de4b9c11c43ca207106a438d8bca024a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/cizhixin.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:06 GMT
server: Microsoft-IIS/8.5
etag: "0f988f143dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 40311

GET
H2 200 weituoshu.jpg
www.51wendang.com/images/ 42 KB
43 KB 776ms
775ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/weituoshu.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

745ff975b5b47c91c090b6d0a0e855ca53dfabed0440ff1f7d994ad7ceade4e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/weituoshu.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:50:46 GMT
server: Microsoft-IIS/8.5
etag: "0379de543dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 43260

GET
H2 200 zufanghetong.jpg
www.51wendang.com/images/ 26 KB
27 KB 774ms
773ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/zufanghetong.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ac5eb2fc379ff0bed87890bc30d86aef6635db25f73d0f1fc12a1fa3c3d02fe4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/zufanghetong.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:04 GMT
server: Microsoft-IIS/8.5
etag: "0cc57f043dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 26850

GET
H2 200 weituoshufanben.jpg
www.51wendang.com/images/ 34 KB
34 KB 915ms
913ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/weituoshufanben.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b6ba5695754f232f3bb0493494fcbfe7b9de1246267e9ffb23429600400c7673

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/weituoshufanben.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:50:50 GMT
server: Microsoft-IIS/8.5
etag: "091ffe743dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 34898

GET
H2 200 gerenjianlibiaoge.jpg
www.51wendang.com/images/ 31 KB
31 KB 915ms
914ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/gerenjianlibiaoge.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

8967838af01c4e338496140d6dce10241549c221dfdf6aa32e154f1a33dd22da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/gerenjianlibiaoge.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:10 GMT
server: Microsoft-IIS/8.5
etag: "053ebf343dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 31614

GET
H2 200 ziwojianding.jpg
www.51wendang.com/images/ 22 KB
22 KB 913ms
912ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/ziwojianding.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

898a83129398ef1d22a50d3696aafa860e892cf64fea8334698854fa03230a4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/ziwojianding.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 09:37:36 GMT
server: Microsoft-IIS/8.5
etag: "03081704add01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 22695

GET
H2 200 fangwuzulinhetongfanben.jpg
www.51wendang.com/images/ 40 KB
40 KB 772ms
771ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/fangwuzulinhetongfanben.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

8e781f3b58a4606f84b03601a3b90ed5d1fc0380e0a0a3557fcc7506ed323bf3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/fangwuzulinhetongfanben.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:08 GMT
server: Microsoft-IIS/8.5
etag: "026baf243dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 40608

GET
H2 200 zhuanzhengshenqing.jpg
www.51wendang.com/images/ 27 KB
28 KB 770ms
769ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/zhuanzhengshenqing.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

2dcc69a7468acc2c7a7d97272891f1dc550a5dbffdea0af672f559e3b3f40ba6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/zhuanzhengshenqing.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:50:52 GMT
server: Microsoft-IIS/8.5
etag: "0be30e943dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 27881

GET
H2 200 gongzuozhengming.jpg
www.51wendang.com/images/ 33 KB
34 KB 814ms
813ms Image
image/jpeg 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/gongzuozhengming.jpg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c0e7691ce2dc48f32363aeb21dcc34b53c08571bdc51bed67bc7f9f2ce860271

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/gongzuozhengming.jpg
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 08:51:12 GMT
server: Microsoft-IIS/8.5
etag: "0801cf543dd01:0"
content-type: image/jpeg
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 34063

GET
H2 200 jquery.1.7.2.min.js Show response
www.51wendang.com/js/ 93 KB
42 KB 222ms
221ms Script
application/javascript 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.51wendang.com/js/jquery.1.7.2.min.js

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a02ec7f0625e67860df684ecf0d578451bebb448a99fc9b60d9712d6afbe56a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /js/jquery.1.7.2.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
content-encoding: gzip
last-modified: Sun, 03 Sep 2017 19:05:56 GMT
server: Microsoft-IIS/8.5
etag: "cc9ababe724d31:0"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 42669

GET
H2 200 jquery.img_silder.js Show response
www.51wendang.com/js/ 3 KB
2 KB 635ms
634ms Script
application/javascript 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.51wendang.com/js/jquery.img_silder.js

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

45af09ce6592ec3981a1ce0bc36c605e0c1794aef9135f1839bed8c07782a507

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /js/jquery.img_silder.js
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
content-encoding: gzip
last-modified: Mon, 01 Dec 2014 08:51:40 GMT
server: Microsoft-IIS/8.5
etag: "0f6cc544dd01:0"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 1851

GET
H2 200 tousu.png
www.51wendang.com/images/ 2 KB
2 KB 206ms
206ms Image
image/png 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/tousu.png

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

f146463bb198f83aee2570419dc7d31e8c14f70baa79ffd06229691f116a9c20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/tousu.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:12 GMT
last-modified: Fri, 14 Apr 2017 18:35:06 GMT
server: Microsoft-IIS/8.5
etag: "06952d64db5d21:0"
content-type: image/png
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:12 GMT; Path=/
accept-ranges: bytes
content-length: 1839

GET
H2 200 top.png
www.51wendang.com/images/ 4 KB
4 KB 206ms
205ms Image
image/png 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/top.png

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b070bdefedc0899808258daca9718c653c7ecf901bf3f91148dde5e881662f75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/top.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:12 GMT
last-modified: Sat, 22 Nov 2014 18:39:56 GMT
server: Microsoft-IIS/8.5
etag: "06623b6836d01:0"
content-type: image/png
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:12 GMT; Path=/
accept-ranges: bytes
content-length: 3958

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 356ms
356ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?636d5c990b21e80c99e1d229707e264a

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/js/common.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

55e387a745edd2d98b55a14463abbe0ad160a8db4a303e83d7e21eb62c3550d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:10 GMT
Content-Encoding: gzip
Server: apache
Etag: 06786fc70749310826dc57a92958f600
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14042

GET
H2 200 headerbg.png
www.51wendang.com/images/ 337 B
608 B 610ms
609ms Image
image/png 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/headerbg.png

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

70568b75170f32bf904a9d10a4fff48f49760e1699c43d652022a088ad374c17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/headerbg.png
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Mon, 01 Dec 2014 09:35:20 GMT
server: Microsoft-IIS/8.5
etag: "03c711f4add01:0"
content-type: image/png
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 337

GET
H2 200 fill_x2.gif
www.51wendang.com/images/ 87 B
357 B 611ms
611ms Image
image/gif 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/fill_x2.gif

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

91001575c1b0b9411c31ba156e969ef52e3e494d5eed62da9a51b4aefd07c5e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/fill_x2.gif
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Sat, 22 Nov 2014 18:39:52 GMT
server: Microsoft-IIS/8.5
etag: "0cc1b3836d01:0"
content-type: image/gif
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 87

GET
H2 200 x.gif
www.51wendang.com/images/ 9 KB
10 KB 612ms
612ms Image
image/gif 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/x.gif

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

5d6dbce0a54a9c45161e229f7b37e17ac9882bbbe9af964b51fc6d5ebbf64d47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/x.gif
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Sat, 22 Nov 2014 18:39:56 GMT
server: Microsoft-IIS/8.5
etag: "06623b6836d01:0"
content-type: image/gif
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 9542

GET
H2 200 y.gif
www.51wendang.com/images/ 4 KB
4 KB 611ms
610ms Image
image/gif 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/y.gif

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9420e92044dedd11c2c0d4f797ba8b8592ed708dd682fa90355f4c902c5cca59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/y.gif
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Sat, 22 Nov 2014 18:39:56 GMT
server: Microsoft-IIS/8.5
etag: "06623b6836d01:0"
content-type: image/gif
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 4029

GET
H2 200 round_bg.gif
www.51wendang.com/images/ 708 B
980 B 590ms
589ms Image
image/gif 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/images/round_bg.gif

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c8157516212182f53fb281ce56947e15e868d4724f636d23830b2a7ebc60ea75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /images/round_bg.gif
pragma: no-cache
cookie: ASP.NET_SessionId=quivxjs5t2td345xer4pqyi0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:10 GMT
last-modified: Sat, 22 Nov 2014 18:39:54 GMT
server: Microsoft-IIS/8.5
etag: "039f2b4836d01:0"
content-type: image/gif
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=dfd58d87fcf9db6c87d30235424882cf; Expires=Fri, 21-May-2021 07:17:10 GMT; Path=/
accept-ranges: bytes
content-length: 708

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/js/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 07:16:11 GMT

GET stat.php
s95.cnzz.com/ 0
0

GET
H2 200 11.0.1.js Show response
jspassport.ssl.qhimg.com/ 105 B
473 B 515ms
499ms Script
application/x-javascript 2600:9000:206f:b200:0:e2b1:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jspassport.ssl.qhimg.com/11.0.1.js?a6a275dec791fcf504ed09dde5109c41
Requested by: Host: www.51wendang.com
URL: https://www.51wendang.com/js/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b200:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 21 May 2021 07:16:11 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
kcs-via: REVALIDATED from w-fc02.lato;REVALIDATED from w-sc02.lato
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
cache-control: max-age=600
x-amz-cf-id: PzF3PujOJPvk3N5JJwPSaZPtABkIbrVD435ghqJonT3jBQ0wSaeaPQ==
expires: Fri, 21 May 2021 07:26:11 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8366350032621519&plah=www.51wendang.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 07:16:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame C698 10 KB
4 KB 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.51wendang.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.51wendang.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 May 2021 22:33:52 GMT
expires: Thu, 03 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 31339
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
643 B 79ms
29ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.51wendang.com&callback=_gfp_s_&client=ca-pub-8366350032621519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8366350032621519&plah=www.51wendang.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

54bac95c6d0a80b40c2ce62ec90e07ab6b90ade2a1e7375a07de5774c2f2254f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.51wendang.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.51wendang.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D92 101 KB
32 KB 274ms
273ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=4053313444&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371166&bpp=4&bdt=1252&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4071306610566&frm=20&pv=2&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zyM0sttG7y&p=https%3A//www.51wendang.com&dtd=76

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51d807a42d21f6721e4cb74e89b6b98128e5a26959e0e9692fbdd356b39bc452

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIeb76yd2vACFSuGgwcdJxMBDQ&gqi=O16nYMLWD4yt3wOp5Ly4Cg&layout=/sadbundle/%24csp%253Der3%24/6432107785598890853/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=4053313444&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371166&bpp=4&bdt=1252&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4071306610566&frm=20&pv=2&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zyM0sttG7y&p=https%3A//www.51wendang.com&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.51wendang.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.51wendang.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIeb76yd2vACFSuGgwcdJxMBDQ&gqi=O16nYMLWD4yt3wOp5Ly4Cg&layout=/sadbundle/%24csp%253Der3%24/6432107785598890853/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 07:16:11 GMT
server: cafe
content-length: 32926
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 07:31:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 07:16:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Fri, 21 May 2021 07:16:11 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 99F0 102 KB
32 KB 385ms
384ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd2cd364879f5e4f4fad1c62ef7520adb109c8708d941aac74046f5f1f24b615

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPu276yd2vACFRT6dwodB1wJtA&gqi=O16nYITuD8iGjuwPkOiBuAg&layout=/sadbundle/%24csp%253Der3%24/13621489450116898791/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.51wendang.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.51wendang.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPu276yd2vACFRT6dwodB1wJtA&gqi=O16nYITuD8iGjuwPkOiBuAg&layout=/sadbundle/%24csp%253Der3%24/13621489450116898791/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 07:16:11 GMT
server: cafe
content-length: 33073
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 07:31:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 07:16:11 GMT
cache-control: private

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 346ms
346ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=958496471&si=636d5c990b21e80c99e1d229707e264a&v=1.2.80&lv=1&sn=48866&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.51wendang.com%2F&tt=%E6%97%A0%E5%BF%A7%E6%96%87%E6%A1%A3_%E5%85%8D%E8%B4%B9word%E6%96%87%E6%A1%A3%E5%9C%A8%E7%BA%BF%E9%98%85%E8%AF%BB%E4%B8%8E%E4%B8%8B%E8%BD%BD%E4%B8%AD%E5%BF%83

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 May 2021 07:16:11 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/ Frame EBDF 11 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9a4d682fa421b3380c7f17f0869180438e3b4160a1688cc0c383aba762a56

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6432107785598890853/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3294
date: Thu, 20 May 2021 22:11:49 GMT
expires: Fri, 20 May 2022 22:11:49 GMT
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 32662
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 475C 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuD9JO16nYMeREKuMjuwPp6aEaPOKx9Bi8aXpjK8NrgIQASCvo_olYJUCoAHQxqPhA8gBCakCt0WzEsMogD6oAwHIA0iqBOQBT9D0c63NEmMBGDXJzwulbHLctvYZxVQq0XxyBdyPiPKzKJaM0d40_6bH0WwpPHS-KrspwmxtPCLZjnQgXkOIiF34aeFd0KPwD3-H_JytTa0YRwjblpiciYPdwZqR0OOftUhkb9hwJVY6Yn7xsm3muK6tLR-PDi4pbGjKM9Ad9ZQn0qv7ZkXHSglWHGMrSVMLtqgSBaQyi2Tqbd5bqahCIKq5lJD2glFN5J1fJhJeq1sy5LQyoE22SDePptdyW-eIt3KQpw5Ah8U2X3VLM24p_1nFhRvSZplWRlzjbZzYdCmmToxTwATR2seY8QGSBQQIBBgBkgUECAUYBKAGLoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDryQHSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItODM2NjM1MDAzMjYyMTUxOQ&sigh=dINmPE_qJv0&template_id=419

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=4053313444&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371166&bpp=4&bdt=1252&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4071306610566&frm=20&pv=2&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zyM0sttG7y&p=https%3A//www.51wendang.com&dtd=76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 07:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 21 May 2021 07:16:11 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 475C 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=4053313444&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371166&bpp=4&bdt=1252&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4071306610566&frm=20&pv=2&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zyM0sttG7y&p=https%3A//www.51wendang.com&dtd=76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 07:09:47 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 475C 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 07:13:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 475C 118 KB
36 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Fri, 21 May 2021 07:16:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 475C 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 07:12:23 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75A4 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=4053313444&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371166&bpp=4&bdt=1252&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4071306610566&frm=20&pv=2&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zyM0sttG7y&p=https%3A//www.51wendang.com&dtd=76
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=4053313444&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371166&bpp=4&bdt=1252&idt=58&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4071306610566&frm=20&pv=2&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zyM0sttG7y&p=https%3A//www.51wendang.com&dtd=76

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 21 May 2021 06:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1141
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame EBDF 9 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 May 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EBDF 26 KB
10 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 May 2021 23:11:01 GMT

GET
H3-29 200 efd5af212b790b949ef103480dddb5e7.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/ Frame EBDF 69 KB
18 KB 19ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/efd5af212b790b949ef103480dddb5e7.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 93270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18481
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
server: sffe
date: Thu, 20 May 2021 05:21:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 05:21:41 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 75A4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

38ms
38ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnUZvF7k5HNzFttHygaqFG11iyONZCxhxC5sRdGwqgZviMPtNzKKErdSioAXHI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 07:16:11 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 21-May-2021 08:16:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 07:16:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 07:16:11 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 475C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e8905fbfbe8c65d826477638249e01a4c378280e4ab20fb98a7a76d08f5604a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 f3eb2e6b547bdcaba9937e94fc99f45e.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/ Frame EBDF 18 KB
18 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/f3eb2e6b547bdcaba9937e94fc99f45e.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9ff6ef45e206b85a00a5f77eb1e416f46032a8ee37c708881111d90038f4be8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 93270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18660
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
server: sffe
date: Thu, 20 May 2021 05:21:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 05:21:41 GMT

GET
H3-29 200 b81f3e2a66ebc06252d022527586f988.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/ Frame EBDF 19 KB
19 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/b81f3e2a66ebc06252d022527586f988.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12cd4a333425c4d178f59ce12eca33b584c0886f9e4c12bd336b9ead5f4141ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 55972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19612
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
server: sffe
date: Thu, 20 May 2021 15:43:19 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 15:43:19 GMT

GET
H3-29 200 6b8dd078cfe4efa188262de7394fda82.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/ Frame EBDF 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/6b8dd078cfe4efa188262de7394fda82.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c05b105ff7755a63433495cfd6e27ce7587b9ddbaf9d835fef5b3c8227c21343

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 93270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2397
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
server: sffe
date: Thu, 20 May 2021 05:21:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 05:21:41 GMT

GET
H3-29 200 2b3adcca8a1337928d60a7c53293531f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/ Frame EBDF 7 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/2b3adcca8a1337928d60a7c53293531f.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59369ee0cb901244b3340cae33becc5e92960686819ee7b72525c61d3061be34

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 273264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1710
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
server: sffe
date: Tue, 18 May 2021 03:21:47 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 May 2022 03:21:47 GMT

GET
H3-29 200 da1599ceb131023918c95a0ac7351b88.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/ Frame EBDF 5 KB
5 KB 12ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/da1599ceb131023918c95a0ac7351b88.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd7794609b4b15fb09cb3266ea55904c0727bc2b0479cedc4f22594f909acd7d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 62775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5019
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
server: sffe
date: Thu, 20 May 2021 13:49:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 13:49:56 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/ Frame C012 81 KB
18 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91567888fa862e4d04864ae63681864c04c6004668c14ac4001abb3a6c6027ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/13621489450116898791/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 20 May 2021 22:47:15 GMT
expires: Fri, 20 May 2022 22:47:15 GMT
last-modified: Wed, 27 Jan 2021 11:48:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 18169
age: 30536
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 02FE 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxc38O16nYLutEJT03wOHuKWgC5mlto5i76jH6_sM9MK1q64BEAEgr6P6JWCVAqAB5rC9vwPIAQmpAtW6khh2hbQ-qAMByANIqgTqAU_QpXlOcljaVyNRNZjy8YUKOGDjMPcJK7sKKDBL5kodJ_2doN1EcO1pJ34Ua-6A4fv1O7fXXOEakvBYC_U5zyIIBVR0E8msj5_6v_0rvvWKy0-zVCSPtzQzPrbPQSIx0mg40BB55CBQYeo4s1Sfm3K0V0V1qwYUHIcjIalKYybk6sCX9BgVrwaH9j20TEAN4jL0IDeV0ytamdGZ5ilR9OzC3cBEYn5nsZW69KNwNFBJsJe5OCNPQlR9EHd_yTaerhqezGKd9HEPf3EyR3wf6qNsw_Y-JEUnHhV-fqaWYY0vcdYv8NpqZXbDFcAEqd6vxMEDkgUECAQYAZIFBAgFGASgBi6AB4LPwkCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQvpcG0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTgzNjYzNTAwMzI2MjE1MTk&sigh=mzLSm_ZRRRk&template_id=419

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 07:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 02FE 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 07:09:47 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 02FE 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 07:13:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02FE 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Fri, 21 May 2021 07:16:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 02FE 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 07:11:19 GMT

GET
H3-29 200 24801f6d128cff0bc68ef5b2143ed5ec.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/ Frame EBDF 4 KB
1 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/media/24801f6d128cff0bc68ef5b2143ed5ec.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6432107785598890853/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64d2c1d8552f2ffe138c1688656745193026b699c8e461b7a4e116ce2c61c44

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 279532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1317
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:19:58 GMT
server: sffe
date: Tue, 18 May 2021 01:37:19 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 May 2022 01:37:19 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD75 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnUZvF7k5HNzFttHygaqFG11iyONZCxhxC5sRdGwqgZviMPtNzKKErdSioAXHI; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 21 May 2021 06:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1141
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 02FE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ab58bc80f17e89301e867af86d0ab10c6207efc1ad55a636f73a7aef11e5e71

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C012 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C012 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 May 2021 23:11:01 GMT

GET
H3-29 200 iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response
pagead2.googlesyndication.com/bg/ Frame EBDF 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 06:49:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 87981
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
expires: Fri, 20 May 2022 06:49:50 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD75
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&h=90&slotname=1507775387&adk=4035358706&adf=2807893907&pi=t.ma~as.1507775387&w=660&lmt=1621568128&psa=0&format=660x90&url=https%3A%2F%2Fwww.51wendang.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581371170&bpp=1&bdt=1255&idt=79&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=2138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dYiqnxSa7v&p=https%3A//www.51wendang.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnUZvF7k5HNzFttHygaqFG11iyONZCxhxC5sRdGwqgZviMPtNzKKErdSioAXHI; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 07:16:11 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 21-May-2021 08:16:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 07:16:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 07:16:11 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response
pagead2.googlesyndication.com/bg/ Frame C012 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 06:49:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 87981
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
expires: Fri, 20 May 2022 06:49:50 GMT

GET
H3-29 200 Element_10.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/ Frame C012 3 KB
1 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/Element_10.svg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f302ec3836fa1926654519d57e97f113fcd1b5915eee786fa8713b6ed0f9499d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 433133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:36 GMT
server: sffe
date: Sun, 16 May 2021 06:57:18 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 06:57:18 GMT

GET
H3-29 200 Element_12.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/ Frame C012 13 KB
4 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/Element_12.svg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b57a900a7570cd4fc3f006c7eba27d18b1e27e402e0d309e678b0d75d24075d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 30284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3763
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:36 GMT
server: sffe
date: Thu, 20 May 2021 22:51:27 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 22:51:27 GMT

GET
H3-29 200 Element_4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/ Frame C012 244 B
228 B 10ms
9ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/Element_4.svg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97dcf08320a7d374e45f3c5c670be5db8e70579cccb452c14070b93f1c557195

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 30284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:36 GMT
server: sffe
date: Thu, 20 May 2021 22:51:27 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 22:51:27 GMT

GET
H3-29 200 Element_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/ Frame C012 2 KB
807 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/Element_3.svg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea426f090eddf03e65a6287915fac51a6eca6e0d1f58879591c203fc43c2f97f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 30284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:36 GMT
server: sffe
date: Thu, 20 May 2021 22:51:27 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 22:51:27 GMT

GET
H3-29 200 Element_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/ Frame C012 452 B
293 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/Element_2.svg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75aafcfbcc756aac5901316036889ec372828731cc76015b5645677e7a88df6e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 192522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:36 GMT
server: sffe
date: Wed, 19 May 2021 01:47:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 01:47:29 GMT

GET
H3-29 200 Element_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/ Frame C012 9 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13621489450116898791/Element_1.svg

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d29468ae56ad0dc7cebc4ea02f0e87a0654a04eff47148faa495afa8d84d3e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 30284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2364
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:36 GMT
server: sffe
date: Thu, 20 May 2021 22:51:27 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 22:51:27 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 475C 42 B
108 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstabvWLApwULLIwPZAcRdTK-j168l4yDThy-tGQliV18ZAXwA0Bhtgsd4evDAyWBqPtuQejA9WQugZ2XGUWs9FS-y9EJnhhPMugC7y0r98-zlnRwkZUSz0e4sCylg&sai=AMfl-YR7x97lLgZiU5BrkewOImj-WQd6eoPtd4R_DqZjOA7u9z6k8Ix5HIvcLTS2Y4OkY2XERN26YQBliJM_&sig=Cg0ArKJSzL5zOg4RStmPEAE&id=lidar2&mcvt=1000&p=462,300,545,946&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=2&adk=4035358706&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621581371245&dlt=282&rpt=49&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 07:16:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK share.js Show response
share.xuehi.cn/static/api/js/ 19 KB
9 KB 1186ms
222ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/share.js
Requested by: Host: www.51wendang.com
URL: https://www.51wendang.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: b03a8708973db9c571fb2a267a1b479c249383943182dd91eac7917180c170cf

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Nov 2019 16:03:00 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "74aaf7ea998d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581396.413-s14jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8503
VAR-Cache: hit:0

GET
H2 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
562 B 1006ms
274ms Script
application/x-javascript 119.188.176.48
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: www.51wendang.com
URL: https://www.51wendang.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.188.176.48 Nanjing, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:36 GMT
ohc-cache-hit: jn2un96 [4], xzuncache85 [2]
ohc-response-time: 1 0 0 0 0 0
last-modified: Fri, 14 May 2021 10:00:57 GMT
server: JSP3/2.0.14
age: 23295
etag: W/"609e4a59-134"
content-type: application/x-javascript
cache-control: max-age=86400
tracecode: 29001950290484283914051708
accept-ranges: bytes
content-encoding: gzip
expires: Sat, 22 May 2021 00:48:20 GMT

GET ab77b6ea7f3fbf79.js
s.ssl.qhres.com/ssl/ 0
0

GET
H2 200 slider.css
www.51wendang.com/css/ 1003 B
868 B 208ms
208ms Stylesheet
text/css 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.51wendang.com/css/slider.css

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/js/jquery.img_silder.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7dd59976d877e0c53db107e3cf342503eec0208c07ef878b2d19de70024c429e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /css/slider.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.51wendang.com
referer: https://www.51wendang.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:35 GMT
content-encoding: gzip
last-modified: Mon, 01 Dec 2014 08:51:24 GMT
server: Microsoft-IIS/8.5
etag: "08e43fc43dd01:0"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
set-cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf; Expires=Fri, 21-May-2021 07:17:35 GMT; Path=/
accept-ranges: bytes
content-length: 562

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.51wendang.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 07:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.51wendang.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 07:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 313B 3 KB
793 B 67ms
67ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8366350032621519&output=html&adk=1812271804&adf=3025194257&lmt=1621568128&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.51wendang.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581395776&bpp=1&bdt=25861&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90%2C660x90&nras=1&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08a0571644c49018ea68a9567add2209871c6bdad114890acb0e7dcf76ad6e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8366350032621519&output=html&adk=1812271804&adf=3025194257&lmt=1621568128&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.51wendang.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621581395776&bpp=1&bdt=25861&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=660x90%2C660x90&nras=1&correlator=4071306610566&frm=20&pv=1&ga_vid=1854542181.1621581371&ga_sid=1621581371&ga_hid=947895810&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739391%2C21066435%2C31060945%2C44743204&oid=3&pvsid=1539846699924031&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.51wendang.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.51wendang.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 07:16:35 GMT
server: cafe
content-length: 599
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 07:31:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 07:16:35 GMT
cache-control: private

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 38ms
38ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=3158&su=www.51wendang.com&d=5000

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 07:16:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 tit_bg.png
www.51wendang.com/css/ 3 KB
3 KB 211ms
210ms Image
text/html 62.234.199.163
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.51wendang.com/css/tit_bg.png

Requested by

Host: www.51wendang.com
URL: https://www.51wendang.com/css/slider.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

62.234.199.163 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

a64b48cce78c7c118176fd7affacf8827f13b0e5dd9d2f646a51ee741a667e02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /css/tit_bg.png
pragma: no-cache
cookie: tgw_l7_route=3b0bdfd5709d4996fb113637d32e27cf
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.51wendang.com
referer: https://www.51wendang.com/css/slider.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.51wendang.com/css/slider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
server: Microsoft-IIS/8.5
date: Fri, 21 May 2021 07:16:36 GMT
content-length: 3387
content-type: text/html

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 1064ms
521ms Image
text/plain 103.235.46.39
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.51wendang.com/
Requested by: Host: www.51wendang.com
URL: https://www.51wendang.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.46.39 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK share_api.js Show response
share.xuehi.cn/static/api/js/share/ 636 B
949 B 220ms
219ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/share/share_api.js?v=226108fe.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 077a78aab60584687c7f7ded046ec798e3ac4cf077ef47f9d0c23075f6d5ab47

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581396.636-s12jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 516
VAR-Cache: hit:0

GET
H/1.1 200
OK share_view.js Show response
share.xuehi.cn/static/api/js/view/ 1 KB
1 KB 440ms
220ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/view/share_view.js?v=3ae6026d.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: cb18f69444d3a92b6b20f449762848b1767816905eaad1cbb82e873cd6848b99

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581396.856-s12jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 962
VAR-Cache: hit:0

GET
H/1.1 200
OK slide_api.js Show response
share.xuehi.cn/static/api/js/share/ 471 B
872 B 652ms
221ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/share/slide_api.js?v=ec14f516.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 7cd7017f254e4c7bc5042047ce4e061c9232a6275b9c925ad1745f256c1f6d1f

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.071-s12jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 439
VAR-Cache: hit:0

GET
H/1.1 200
OK slide_view.js Show response
share.xuehi.cn/static/api/js/view/ 2 KB
2 KB 656ms
222ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/view/slide_view.js?v=08373964.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: c2f51091d48432d311dc6482f3ed9c8a193c353541c3aadd38bb5352e19d4588

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.074-s12jhg-s2jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1390
VAR-Cache: hit:0

GET
H/1.1 200
OK select_api.js Show response
share.xuehi.cn/static/api/js/share/ 359 B
803 B 658ms
223ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/share/select_api.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 36de1b9cfb6c8e7cdc4400f820dad89e76d50f52ed058e491ce2e3a0bb5b4a1e

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.077-s13jhg-s7jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 370
VAR-Cache: hit:0

GET
H/1.1 200
OK select_view.js Show response
share.xuehi.cn/static/api/js/view/ 4 KB
3 KB 656ms
222ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/view/select_view.js?v=85fc7cec.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 26a27c7e1cfbb9a7c7d6c5e8adf4800b7e697faf5018584017f7cac3c6aa5aae

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.077-s13jhg-s7jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2369
VAR-Cache: hit:0

GET
H/1.1 200
OK image_api.js Show response
share.xuehi.cn/static/api/js/share/ 453 B
860 B 444ms
223ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/share/image_api.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 3ccb1cc4f8622fe1f567e16db4da1133b6b860422e5fa3830a90a706b5085315

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.080-s12jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 427
VAR-Cache: hit:0

GET
H/1.1 200
OK image_view.js Show response
share.xuehi.cn/static/api/js/view/ 4 KB
3 KB 228ms
227ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/view/image_view.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 4ca56f5e976bcdaf7002f7b77dcc2fb721aae3090424c2df394070b27d260987

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.085-s12jhg-s2jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2129
VAR-Cache: hit:0

GET
H/1.1 200
OK tangram.js Show response
share.xuehi.cn/static/api/js/base/ 107 KB
36 KB 426ms
425ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/base/tangram.js?v=37768233.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 2b7fc19ce6cbcd3a161b62abb3766cb953a72e8473f4fd0f38fcdba3515ae487

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.298-s9jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36079
VAR-Cache: hit:0

GET
H/1.1 200
OK api_base.js Show response
share.xuehi.cn/static/api/js/share/ 1 KB
1 KB 225ms
224ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/share/api_base.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 14a42e9371611c4b0405e74a309ea8b8e99461d8af3643012902e7453e36f40a

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.305-w-s11jhg-s7jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 780
VAR-Cache: hit:0

GET
H/1.1 200
OK view_base.js Show response
share.xuehi.cn/static/api/js/view/ 2 KB
1 KB 225ms
225ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/view/view_base.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 0a761914b5c673c75aa37204fc5a55624d03c5bd6df2ba93720cd9c33a0bf7f1

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "02fe8e9db44d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.306-w-s11jhg-s2jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 935
VAR-Cache: hit:0

GET
H/1.1 200
OK share_style0_32.css
share.xuehi.cn/static/api/css/ 4 KB
1 KB 217ms
217ms Stylesheet
text/css 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/css/share_style0_32.css?v=4413acf0.css
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 3d7e511c077e36867dfc3589aa3f368f5ff24dabeabcf4384dd874a986b88ec3

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Sep 2018 07:35:51 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "fcc653bd5843d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.938-s14jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1074
VAR-Cache: hit:0

GET
H/1.1 200
OK slide_share.css
share.xuehi.cn/static/api/css/ 6 KB
2 KB 218ms
218ms Stylesheet
text/css 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/css/slide_share.css?v=9c50d088.css
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: cf12826174cba36f35502a6622f7958cdaaba72208056f758cbe0fe8084280a1

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Sep 2018 07:36:37 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Etag: "2b9bd4d85843d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581397.940-s10jhg-s2jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1678
VAR-Cache: hit:0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 27ms
26ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e53d83661bc289d57fc14d06a14226248397416f2b2b60a0f79d40b6bb233c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 07:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7591
x-xss-protection: 0

GET
H/1.1 200
OK r0.gif
share.xuehi.cn/static/api/img/share/ 977 B
1 KB 225ms
224ms Image
image/gif 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share.xuehi.cn/static/api/img/share/r0.gif?v=d9371706.gif
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/css/slide_share.css?v=9c50d088.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: f18f049d3d00b87e023e452ff6c2c2fffd4e84a5bc3c2123278de9a67aba4260

Request headers

Referer: https://share.xuehi.cn/static/api/css/slide_share.css?v=9c50d088.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:38 GMT
Etag: "02fe8e9db44d21:0"
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Content-Type: image/gif
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581398.173-s13jhg-s2jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 977
VAR-Cache: hit:0

GET
H/1.1 200
OK icons_0_16.png
share.xuehi.cn/static/api/img/share/ 15 KB
16 KB 229ms
228ms Image
image/png 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share.xuehi.cn/static/api/img/share/icons_0_16.png?v=91362611.png
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/css/slide_share.css?v=9c50d088.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: 70b7372eea2e87354fb529a0c54e39971873a50ed2029778b0ef61ca74d688c2

Request headers

Referer: https://share.xuehi.cn/static/api/css/slide_share.css?v=9c50d088.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:38 GMT
Etag: "02fe8e9db44d21:0"
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Content-Type: image/png
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581398.174-s9jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15587
VAR-Cache: hit:0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 07:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 21 May 2021 07:16:38 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 461C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.51wendang.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.51wendang.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 20 May 2021 20:58:08 GMT
expires: Fri, 20 May 2022 20:58:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37110
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 28BA 783 B
534 B 15ms
15ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0cd125edc9f5515b081aeab2114fa411489c1927092eab635b6cefdfc97b6425

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RgDRe+2A2JS84Tanq1FIdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.51wendang.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.51wendang.com/

Response headers

expires: Fri, 21 May 2021 07:16:38 GMT
date: Fri, 21 May 2021 07:16:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RgDRe+2A2JS84Tanq1FIdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js Show response
pagead2.googlesyndication.com/bg/ Frame 461C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 06:49:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 88008
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
expires: Fri, 20 May 2022 06:49:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=1539846699924031&bg=!urmluf3NAAZ7hX_Ue4U7ACkAdvg8Wla27v_Ir9hjTl7AA-F9t10ohMD1qAgS00D2rxnQ2A8WT0iFIQIAAABeUgAAAAtoAQcKATuZNAL9TqLRDBloa6ZiiIAf_iIqA9w5uU7V-zSvCZYZ6MJ4Uxadiz3vWaQcrdv9cJVRowaxLU2uINZnaILg6xs6juDnrfYI3eU6p-hOt9eMc8zeRSxXLSaHS75U3DMuyjLDxLNpD-kGBrTXghvTsDvTWV5YPyV4TkKquLAaop12SQs-Bfw2hTlZMiojiRwZwhNurXfPFXMBVXgEp66Zr3cLoZSaGkwRRhtZw_6bF1_-1msjnONoCct3iShCtJ4ZvaV9fghzc3gM869yUg4YSTRD_kVn2a04uYPYq-YDa6zq1IsrlKYAiJgcF74TeBadSAOTRopo2YBJD7nXtmwUGK7B6zdLgBcTWB5QAXj2rxGxpGnPJBhzK2gF8Xuzf98dGL7ZHp2d_DedkgsdQ0CEHBrfe8pD7xPG-UlmfPyZAjvbrjLcOvLkUrsUvmsKmiAIfOtchllUkswwbeuTl7LiuEMillSr5C6KWA3e64kZOzhReqWAdKt4d87KF1oYEteb9Bdo8o0BOSNefJP7un5vUk9dhw5wWDwfk86i9mGBqCOrdbNXkFrqEmrGoktsoi3ghFcK7iCJrQSkZp8JflGwa4GbbwsGGb4vadrrkmIZgF_8C8Oa0o9CVf-lUviAU7GVCpUxZtYS0_zABIanzk2n4aGe4Fb4GJDXFFMbAUZbmhKVKNbH7l6jDPtE1Hm0ewxR4KLV_b8hqaSiRqmUbfjQ9zVsphpl_4Pa3xj5JWfshzCtLOJjliNFCI0MoL2mMFVnKiq_vkvXCOOq8_68IOScKrQtn3ZwMRyib5-ZghEFjTi_xzeKN-Mevp6HWI0jK83MjYQPJ6nUUiXiE5whfkxw0tOlAnzCMWW6z9xAt-Hj9n3Y0LgzH7h1JIj-NYt9QHlA25GRV9-nMIoqEqlN48FZYMy0D9ICuj6ZrJJNax4Sg2gAOFMNd0FUNMEVZnckPQ-hK0x23iHfJA9SJFHh4caab8BY2l5bfLrjSr3Ob1XMK-al9_7tACuKD1CjFltT-0-jtQ9fUssGyE2c5yGj6mcdkkPfCeSQRHY-2Yq2-1OX_wU1V8Kr-kAc9ph_1McIGk-9l6wwrY0hHPQ6KxZ5EPEIXEhiel9Px1Z1fsEEco7EXYYqPBzlhD1Cx701ms_wRlNIhBlpHPKwzMzBWLktz2EHXFs62KT13HmvFepd

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 07:16:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK logger.js Show response
share.xuehi.cn/static/api/js/trans/ 0
383 B 221ms
219ms Script
application/javascript 36.27.212.105
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://share.xuehi.cn/static/api/js/trans/logger.js?v=d16ec0e3.js
Requested by: Host: share.xuehi.cn
URL: https://share.xuehi.cn/static/api/js/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.27.212.105 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CWAP-waf / wangzhan.qianxin.com
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 07:16:39 GMT
Etag: "02fe8e9db44d21:0"
Last-Modified: Tue, 22 Nov 2016 16:17:26 GMT
Server: CWAP-waf
age: 0
X-Powered-By: wangzhan.qianxin.com
Content-Type: application/javascript
Cache-Control: max-age=14400
WZWS-RAY: 002-1621581399.644-s9jhg-s3jhg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
VAR-Cache: hit:0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 39ms
38ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=3158&su=www.51wendang.com&d=5000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.51wendang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 07:16:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s95.cnzz.com
URL: https://s95.cnzz.com/stat.php?id=1253692797

Domain: s.ssl.qhres.com
URL: https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 18:26:22	Name: test_cookie Value: CheckForPermission
			www.51wendang.com/	1970-01-19 18:26:21	Name: tgw_l7_route Value: 3b0bdfd5709d4996fb113637d32e27cf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
hm.baidu.com
jspassport.ssl.qhimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.ssl.qhres.com
s95.cnzz.com
share.xuehi.cn
sp0.baidu.com
tpc.googlesyndication.com
www.51wendang.com
www.google.com
www.googletagservices.com
zz.bdstatic.com
s.ssl.qhres.com
s95.cnzz.com
103.235.46.191
103.235.46.39
119.188.176.48
172.217.23.98
2600:9000:206f:b200:0:e2b1:a380:93a1
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
36.27.212.105
62.234.199.163
077a78aab60584687c7f7ded046ec798e3ac4cf077ef47f9d0c23075f6d5ab47
08a0571644c49018ea68a9567add2209871c6bdad114890acb0e7dcf76ad6e1b
0a761914b5c673c75aa37204fc5a55624d03c5bd6df2ba93720cd9c33a0bf7f1
0cd125edc9f5515b081aeab2114fa411489c1927092eab635b6cefdfc97b6425
12cd4a333425c4d178f59ce12eca33b584c0886f9e4c12bd336b9ead5f4141ba
14a42e9371611c4b0405e74a309ea8b8e99461d8af3643012902e7453e36f40a
15afb4a8224f7e9e062bae649b33525d061d2c1a44db871908400e5310398de5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
26a27c7e1cfbb9a7c7d6c5e8adf4800b7e697faf5018584017f7cac3c6aa5aae
2ab58bc80f17e89301e867af86d0ab10c6207efc1ad55a636f73a7aef11e5e71
2b7fc19ce6cbcd3a161b62abb3766cb953a72e8473f4fd0f38fcdba3515ae487
2d29468ae56ad0dc7cebc4ea02f0e87a0654a04eff47148faa495afa8d84d3e6
2dcc69a7468acc2c7a7d97272891f1dc550a5dbffdea0af672f559e3b3f40ba6
2e8905fbfbe8c65d826477638249e01a4c378280e4ab20fb98a7a76d08f5604a
36de1b9cfb6c8e7cdc4400f820dad89e76d50f52ed058e491ce2e3a0bb5b4a1e
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3ccb1cc4f8622fe1f567e16db4da1133b6b860422e5fa3830a90a706b5085315
3d7e511c077e36867dfc3589aa3f368f5ff24dabeabcf4384dd874a986b88ec3
45af09ce6592ec3981a1ce0bc36c605e0c1794aef9135f1839bed8c07782a507
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4ca56f5e976bcdaf7002f7b77dcc2fb721aae3090424c2df394070b27d260987
51d807a42d21f6721e4cb74e89b6b98128e5a26959e0e9692fbdd356b39bc452
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54bac95c6d0a80b40c2ce62ec90e07ab6b90ade2a1e7375a07de5774c2f2254f
55e387a745edd2d98b55a14463abbe0ad160a8db4a303e83d7e21eb62c3550d5
59369ee0cb901244b3340cae33becc5e92960686819ee7b72525c61d3061be34
5d6dbce0a54a9c45161e229f7b37e17ac9882bbbe9af964b51fc6d5ebbf64d47
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b57a900a7570cd4fc3f006c7eba27d18b1e27e402e0d309e678b0d75d24075d
70568b75170f32bf904a9d10a4fff48f49760e1699c43d652022a088ad374c17
70b7372eea2e87354fb529a0c54e39971873a50ed2029778b0ef61ca74d688c2
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745ff975b5b47c91c090b6d0a0e855ca53dfabed0440ff1f7d994ad7ceade4e4
75aafcfbcc756aac5901316036889ec372828731cc76015b5645677e7a88df6e
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb
7abab7c894814f2b3ff900b4906bccb7404d9cb8a8c12e489d4185e116a47077
7cd7017f254e4c7bc5042047ce4e061c9232a6275b9c925ad1745f256c1f6d1f
7dd59976d877e0c53db107e3cf342503eec0208c07ef878b2d19de70024c429e
8473488b34007c5e32ad863ffa861356f7b85ce8af8499b47f0f74b886053458
8967838af01c4e338496140d6dce10241549c221dfdf6aa32e154f1a33dd22da
898a83129398ef1d22a50d3696aafa860e892cf64fea8334698854fa03230a4b
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
8e781f3b58a4606f84b03601a3b90ed5d1fc0380e0a0a3557fcc7506ed323bf3
91001575c1b0b9411c31ba156e969ef52e3e494d5eed62da9a51b4aefd07c5e9
91567888fa862e4d04864ae63681864c04c6004668c14ac4001abb3a6c6027ae
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
9420e92044dedd11c2c0d4f797ba8b8592ed708dd682fa90355f4c902c5cca59
97dcf08320a7d374e45f3c5c670be5db8e70579cccb452c14070b93f1c557195
9a9158acd142cf1a4589fc1005a01d693213e5943178c04d43f105783d34ef5d
a02ec7f0625e67860df684ecf0d578451bebb448a99fc9b60d9712d6afbe56a9
a2a9a3746e2c4885a90f59aaa6482338de4b9c11c43ca207106a438d8bca024a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64b48cce78c7c118176fd7affacf8827f13b0e5dd9d2f646a51ee741a667e02
a64d2c1d8552f2ffe138c1688656745193026b699c8e461b7a4e116ce2c61c44
ac5eb2fc379ff0bed87890bc30d86aef6635db25f73d0f1fc12a1fa3c3d02fe4
ae90784f76bdff53e39773f3616a50cd8b962eb03530c5829c150aa58de8c56f
b03a8708973db9c571fb2a267a1b479c249383943182dd91eac7917180c170cf
b070bdefedc0899808258daca9718c653c7ecf901bf3f91148dde5e881662f75
b6ba5695754f232f3bb0493494fcbfe7b9de1246267e9ffb23429600400c7673
bd2cd364879f5e4f4fad1c62ef7520adb109c8708d941aac74046f5f1f24b615
bd7794609b4b15fb09cb3266ea55904c0727bc2b0479cedc4f22594f909acd7d
c05b105ff7755a63433495cfd6e27ce7587b9ddbaf9d835fef5b3c8227c21343
c0e7691ce2dc48f32363aeb21dcc34b53c08571bdc51bed67bc7f9f2ce860271
c2f51091d48432d311dc6482f3ed9c8a193c353541c3aadd38bb5352e19d4588
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8157516212182f53fb281ce56947e15e868d4724f636d23830b2a7ebc60ea75
cb18f69444d3a92b6b20f449762848b1767816905eaad1cbb82e873cd6848b99
cf12826174cba36f35502a6622f7958cdaaba72208056f758cbe0fe8084280a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d73efb429ee71a996cdf3cd2e416a8b9f77fa08186c834a6fd769b01bf3d99
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9ff6ef45e206b85a00a5f77eb1e416f46032a8ee37c708881111d90038f4be8
daf9a4d682fa421b3380c7f17f0869180438e3b4160a1688cc0c383aba762a56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53d83661bc289d57fc14d06a14226248397416f2b2b60a0f79d40b6bb233c34
ea426f090eddf03e65a6287915fac51a6eca6e0d1f58879591c203fc43c2f97f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f146463bb198f83aee2570419dc7d31e8c14f70baa79ffd06229691f116a9c20
f18f049d3d00b87e023e452ff6c2c2fffd4e84a5bc3c2123278de9a67aba4260
f302ec3836fa1926654519d57e97f113fcd1b5915eee786fa8713b6ed0f9499d
fda27727f1506bc6524ab77b0a1939053ee4e3b0dbfad9799eb5a0b35b823d8b

www.51wendang.com Open in urlscan Pro 62.234.199.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

107 Requests

98 %HTTPS

63 %IPv6

13 Domains

16 Subdomains

17 IPs

4 Countries

1057 kBTransfer

2147 kBSize

2 Cookies

3 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.51wendang.com Open in urlscan Pro
62.234.199.163 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

98 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

17
IPs

4
Countries

1057 kB
Transfer

2147 kB
Size

2
Cookies

107 HTTP transactions
2 data transactions