baiyunju.cc Open in urlscan Pro
144.48.143.107 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://baiyunju.cc/
Effective URL:
https://baiyunju.cc/
Submission: On October 25 via api (October 25th 2023, 7:02:14 pm UTC) from US — Scanned from DE

Summary HTTP 449 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 41 domains to perform 449 HTTP transactions. The main IP is 144.48.143.107, located in Hong Kong and belongs to CROSS-AS-AP Cross Geminis Limited, HK. The main domain is baiyunju.cc.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 20th 2023. Valid for: 3 months.

This is the only time baiyunju.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	144.48.143.107 144.48.143.107	135343 (CROSS-AS-...) (CROSS-AS-AP Cross Geminis Limited)
91	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	163.181.92.148 163.181.92.148	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	58.254.150.48 58.254.150.48	136958 (UNICOM-GU...) (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network)
30	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	18.239.83.125 18.239.83.125	16509 (AMAZON-02) (AMAZON-02)
52	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
13 40	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3 7	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
80	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	34.240.213.30 34.240.213.30	16509 (AMAZON-02) (AMAZON-02)
16	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	104.193.88.77 104.193.88.77	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 6	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
5 10	54.78.81.175 54.78.81.175	16509 (AMAZON-02) (AMAZON-02)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	2a05:d018:d29... 2a05:d018:d29:3601:865d:cd9c:e13b:6712	16509 (AMAZON-02) (AMAZON-02)
2 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3 3	3.120.0.219 3.120.0.219	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	2606:4700::68... 2606:4700::6812:18ad	() ()
2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.158.5.115 18.158.5.115	() ()
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	() ()
1	178.250.1.9 178.250.1.9	() ()
1 1	35.204.158.49 35.204.158.49	() ()
1	35.71.131.137 35.71.131.137	() ()
2 2	37.157.6.232 37.157.6.232	() ()
10	2600:9000:21f... 2600:9000:21f3:ec00:8:48e:53c0:93a1	() ()
20	2600:1f18:1ac... 2600:1f18:1aca:4282:b37c:8600:2034:3140	() ()
449	41

32 144.48.143.107 (Hong Kong) 1 redirects

ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK)
PTR: s144-48-143-107.ap-east.sugarhosts.net

baiyunju.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.148 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.254.150.48 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)

zz.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.83.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-125.ams58.r.cloudfront.net

cdn.lamp.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 216.58.212.162 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.26.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.101 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.213.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-213-30.eu-west-1.compute.amazonaws.com

measure.lamp.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.193.88.77 (United States)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.161.51 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.78.81.175 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-81-175.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Mossingen, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:865d:cd9c:e13b:6712 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.0.219 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-0-219.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:18ad (None, ) 3 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.5.115 (None, )

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:21f3:ec00:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:1f18:1aca:4282:b37c:8600:2034:3140 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
143	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	1 MB
92	doubleclick.net 15 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 ad.doubleclick.net — Cisco Umbrella Rank: 180 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433	537 KB
80	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	972 KB
40	adsafeprotected.com 5 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1083 static.adsafeprotected.com dt.adsafeprotected.com	504 KB
32	baiyunju.cc 1 redirects baiyunju.cc	823 KB
16	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	744 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11 adservice.google.com — Cisco Umbrella Rank: 182	2 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	112 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	5 KB
6	tribalfusion.com 3 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
6	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 509 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	2 KB
6	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 2022	1 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	5 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	1 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1432 r.turn.com — Cisco Umbrella Rank: 6191	2 KB
4	avct.cloud cdn.lamp.avct.cloud — Cisco Umbrella Rank: 18580 measure.lamp.avct.cloud — Cisco Umbrella Rank: 17656	28 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	7 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	dotomi.com dclk-match.dotomi.com	207 B
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2803	292 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 3511	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11243	910 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1153	676 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 51511	1 KB
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011	227 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 863	409 B
2	google.de www.google.de — Cisco Umbrella Rank: 3974	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	138 KB
1	adsrvr.org match.adsrvr.org	149 B
1	simpli.fi 1 redirects um.simpli.fi	711 B
1	criteo.com dis.criteo.com	363 B
1	bidswitch.net x.bidswitch.net	146 B
1	baidu.com sp0.baidu.com — Cisco Umbrella Rank: 19978	116 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368	605 B
1	bdstatic.com zz.bdstatic.com — Cisco Umbrella Rank: 31782	554 B
1	alicdn.com at.alicdn.com — Cisco Umbrella Rank: 13382	19 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
449	41

	Domain	Requested by
91	pagead2.googlesyndication.com	baiyunju.cc pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
80	s0.2mdn.net	baiyunju.cc s0.2mdn.net googleads.g.doubleclick.net
52	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com baiyunju.cc pagead2.googlesyndication.com
40	cm.g.doubleclick.net	13 redirects googleads.g.doubleclick.net
32	baiyunju.cc	1 redirects baiyunju.cc
30	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net baiyunju.cc
20	dt.adsafeprotected.com	googleads.g.doubleclick.net
16	googleads4.g.doubleclick.net	baiyunju.cc
16	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net baiyunju.cc
10	static.adsafeprotected.com	googleads.g.doubleclick.net
10	fw.adsafeprotected.com	5 redirects baiyunju.cc
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	sync.teads.tv	2 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.google.com	1 redirects baiyunju.cc googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	sync-tm.everesttech.net	4 redirects
4	ad.doubleclick.net	2 redirects www.googletagservices.com
3	s.tribalfusion.com	googleads.g.doubleclick.net
3	a.tribalfusion.com	3 redirects
3	pm.w55c.net	3 redirects
3	pr-bh.ybp.yahoo.com	3 redirects
3	ups.analytics.yahoo.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	s0.2mdn.net googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	tr.blismedia.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	onetag-sys.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	measure.lamp.avct.cloud	cdn.lamp.avct.cloud
2	cdn.lamp.avct.cloud	googleads.g.doubleclick.net baiyunju.cc
2	www.google.de	baiyunju.cc
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	baiyunju.cc www.googletagmanager.com
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	adservice.google.com	s0.2mdn.net
1	sp0.baidu.com	baiyunju.cc
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	zz.bdstatic.com	baiyunju.cc
1	at.alicdn.com	baiyunju.cc
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
449	55

This site contains no links.

Subject Issuer	Validity	Valid
baiyunju.cc cPanel, Inc. Certification Authority	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2023-06-29` - `2024-07-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cdn.lamp.avocet.io Amazon RSA 2048 M01	`2023-02-24` - `2024-02-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.lamp.avct.cloud R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 64 frames:

Primary Page: https://baiyunju.cc/
Frame ID: A3FA2D17F1868063E581B6C84BB10440
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html
Frame ID: DEF7F8AA1EC4E8C7747BB97D4BA51C76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&adk=1812271804&adf=3025194257&lmt=1698253328&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=130x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fbaiyunju.cc%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528445&bpp=8&bdt=926&idt=286&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8504770521755&frm=20&pv=2&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=306
Frame ID: D0115049C53699B47C935BED8488F321
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&slotname=4389552404&adk=1499268799&adf=1710499955&pi=t.ma~as.4389552404&w=760&lmt=1698253328&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528453&bpp=1&bdt=934&idt=303&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9cTqTOkenu&p=https%3A//baiyunju.cc&dtd=308
Frame ID: 1A7C00AB505D6AEE167B91BDA626AF46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=600&slotname=6930711991&adk=119653711&adf=2344892108&pi=t.ma~as.6930711991&w=300&fwrn=4&fwrnh=100&lmt=1698253328&rafmt=1&format=300x600&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528454&bpp=1&bdt=935&idt=309&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x90&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=Xh4iNOZQFt&p=https%3A//baiyunju.cc&dtd=313
Frame ID: 7A19C2AB970E146F0A726126168EE636
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNUqMQyat-6pgx0pEjlzMp23ebNjqnBIliIPtFwEnXpFhpBROit5UwOYeq3w7ZeB2i9iYZBLIMtz_qXINgrcvqi3CfqoK5lzQ2yjwYvVQ2YpvKoCA5ycdyb1Qj73d22VTknH1gn7lwEJ--quFvkeS2RHsM5zqcEMfw98x5etFwQPg25oKoo
Frame ID: C1426F30F5A7AD770EDCB68D10CD6019
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1DB08A5FBA15170DF3FDC5F97F3DF53C
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E1B72B366B3AF6D35C5FE1BD1BB7CB37
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCr9p65Axi147f3ATAB&v=APEucNUHvfNQweg74EEJUspbz14cppeeT31nFPh7kuWvFjb4M777ntqC9JCB1T9Uud65X0rW-EklDsN_8pfSZxeGzAKxxB3TBKFMh4kBwcC-yn0j-kWIfpcGkeNKSoKM0m99m-j7D1fBUTT-RQ8NRPelWs8HF-0qLuqHLuXuq2WRiQMKQFWDTM0
Frame ID: F6AD9E96BC3ECC2596DC1EED91BE0528
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A7EA0E0889672623CDB9916A164842C9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F6605216D12139C873AE6868B9900001
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
Frame ID: FF71FC60D28BFA8D6832E1C1B2C8E584
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
Frame ID: 7ED0F37D100383539A0FE85498A30E2B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Frame ID: E910C1E0AEFF92E79CC35BBFEA4460B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Frame ID: FF29360AE137A0D7E6F21694AC7270D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Frame ID: 5765AA35B862D28ADE8F858F11F9BB0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Frame ID: C6FA19F15FF0B0518B69845533F9B792
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Frame ID: 9212DF83A732673F2A36AB902BDE64F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7C437BF95CCDF31A7117BB0C2F5764E0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: A6EAF8E355943352AC0F0C8714B9C6FC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: B2F26B083ACA74CEB878B838D9034C7C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Frame ID: 24358F1B0DCDF6A2AE7181264D5DD823
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNV8yID1njIwKcmuaZRfTtkz-Fazs5cuYoWDzTrbwMbP_iTnjJTdWfj7GJTK0JWyQDJ8lhKvdDLHvQTNFjxuQWBM5eZehe-wreXdxDgLPOQTx8SrqzRfR3KG5noQ3z2Rq0rzGAxZyODzrLzoSk9KR03Fi7hcNZsFIOX7q-tk1WctxroAkwQ
Frame ID: B1A7EFFF72326498785E788F0D49F9B9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8A5D0BAB6F3054C412C33FD8EA9D3E60
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js
Frame ID: D9B253EA03434978C9ED5F8AC5D679D8
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1CD34EF2656B93FD32563AE80C92546B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C87AFE45B99B7EAE47BCF5E8D521E288
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js
Frame ID: 693EC1B98989579E64A565603EA7BBC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js
Frame ID: FC273050906E412F3FFD91FFF6E36706
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXWAfrwIRktbqv5KP835S0tiAqqe7soFPiYflPuTLlS-OubvtpV0b_4hkqZf382dYQbGX6SARqXSDPN9F8Yx2kYKEImIpvVGv3FBdEuf-3p6WuUIoiacDaM6BUd8Z74QP_MhjMbJLlUCn0rA7_hsCmZD4gaoxad9CsT9QiSWxz0Coku8F4
Frame ID: C8E2A085CB3468C10FC06A579E553003
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0EA75AAD749EC92C128EBB8C3DA911B7
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6DD1EBC1D288552F8BF0EB5D93BE65D7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV2sZnwisj9NYQRVUCr2xfmNCifF5J1Bmnft-7lhXbjm7YSCQjqHC03KKtE6TXatg3QFccMMgYvv-lTJjoXNf73bN_L6_cFODupqSSIojiiCN-TgPu3sro_zt2bCM_rbbVf4paHergttQWstk4IecXwl0k0eoNgsC7dWcP5WYFTmMYjX_A
Frame ID: 7286768C91C75557A2E839EB85094785
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B21F0C9D3D17300F634A9D2EC22DF5CE
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXYb1heJp5Vw2LH-0IfLBQquI9_KMt79C3ksvIJxT9pWdaRUL5UnwUy3XyaFgbRGHzGnaCvx0Roa8UUrZIXl-aWeyr2hRNPd3KCWub9TxV-RTZgPtSZGo5y8mJ0ThTDR6i79-pfWEPPOjcmxFFjAqJlRV9G-z9zgoQESqhWxMD4wWQxJBU
Frame ID: A1B8F50ABC7B9BE01A1401745A9E0FCF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D2BA79A86FBE2A0833AB8132D426EDFB
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWWLw0FvRgzGeRJtyTk79jQ9fpM3Ge7ulZwQOt1j6-TvZjlJZg_By6UKxp5UgcIDBJoO7tL611YW6W_QKWch8cb9R5GYzw2JxfkCG43_OqzZbIeLrCDbLOapel_4Ay9MZbZDji071ldH--DG7tGe-LM8jWR1UMac9AXMx229jGwUEZclTQ
Frame ID: 15871DF306FDBF8052E15EA125B0D6CB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7E793E6E6B637E722895E2FCCCC96686
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXw-mj3So0rNYKTWjNhOs7gFHIj1Ier9GMn6Q3UErvj_Q0GYRNjeJjaZ6JlCd722hId-uLCfdspf06G41mAOQv7sexJNF3wS8vwTqIqhwAXm3-z-ldF-e1Txl0Jmdyu2bUbmEp15-WC2iDAj3j-qhSs7TaRXwDIgg7yYJ94rqQuQ2hloYQ
Frame ID: 979B5C1FC3219AB24A89D5C310A8E1D3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CC073A1796670DC14AAABAEF506B8CB3
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B532BCECAD1356151DF6028056106071
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
Frame ID: E3DD89B5EF945EA5D6027AB739888962
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64DD60976C5F62F549D43FFB462193B2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 307EC8FE934E40A3A58A85DC360071E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 394086F7C7704A2AB969130266877B03
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F054DBCA58C3DAC9DEECA064381BA715
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 176138AF1DEB9096236D871EBAC116C5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 42FE1861EA740A6C3BC3B3A0C35AB5C1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CF3623CF5AEA479ED0D7BD0D6F941188
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: 780F85C42077AC46532FD9CC4060A50D
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: 61C06CF91C3DB4D1273F3366E4CA44AB
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: A0BA5813DD0D75C5F7BDD4487C51329E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 70C0E086D922127E95394C94135416AF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: F8CE0D7E30046AFD2A612F6DA4EE84DF
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 05BEEEDBD7F1688BFD1D3D7C19782110
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 96EC81B8C93C50821A3C8E505C8B2408
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: 5524CCA6B3222E51FFCDD62949133CA1
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7327CED9A9804E6B8AFC0AC9B35403B1
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C30433DA36D2D114A50FD38E61AB756A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2E8CC172D1A37C26DFB1BDAEDD62C2DB
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 55C9824417FBDDC62B03C0D6F2FCBA31
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5B394FEC60815873036077D2A25BF54C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36E4D1F030152514BF3FFA9ED7E17353
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4480665E3A2174E8327E851CE1B8B8FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

『白云居』-世道秋风总萧索，何如高卧白云居

Page URL History Show full URLs

http://baiyunju.cc/ HTTP 301
https://baiyunju.cc/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

449
Requests

89 %
HTTPS

42 %
IPv6

41
Domains

55
Subdomains

41
IPs

9
Countries

5100 kB
Transfer

13928 kB
Size

38
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://baiyunju.cc/ HTTP 301
https://baiyunju.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTlmMRsANWW34YGt4cUCswAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEED8Z40oioUIc4HkmGFhkoY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED8Z40oioUIc4HkmGFhkoY%26google_cver%3D1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY3NzQ3MjYyNzcxODM0NTczMQ%3D%3D

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

Request Chain 82

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTlmMRsANWW34YGt4cUCswAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEED8Z40oioUIc4HkmGFhkoY&google_cver=1

Request Chain 84

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NzY4MTA1NDY5NTUwNTA4NQ%3D%3D

Request Chain 113

https://ad.doubleclick.net/ddm/activity/src=12067520;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9700145698183472 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12067520;dc_pre=CL6_pr3xkYIDFTNGHgIdLz8Pfg;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9700145698183472 HTTP 302
https://adservice.google.com/ddm/fls/z/src=12067520;dc_pre=CL6_pr3xkYIDFTNGHgIdLz8Pfg;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9700145698183472

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIbD24tJDokugw5hWEep-U8&google_cver=1

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEDUwgWlaED7DVAOLnzh1MeU&google_cver=1

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP0KloBRHJPd5dHMICBHVGE&google_cver=1

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

Request Chain 282

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1&google_push=AXcoOmRT8uUAAauvKK6zGF3EnMg-x_v53wwvvK_PmyfwddpjUs0v_JyyXDSwgNYYB0daiCVNHek4Z6S8QUK4lUA5Fxmk_pgB8jJ67eo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY5MjYyNzk1NjUzMzE2NzgyOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1

Request Chain 283

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmQ0mCsCbXyDQZ03gBQJma4bmcizVvP49Ha8Kaj-6G2yapgHH8UWpZ-Fagxg1YHqwCa_5qVS0kjVa4ym8LQKjHoOpL0ii-71INY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmQ0mCsCbXyDQZ03gBQJma4bmcizVvP49Ha8Kaj-6G2yapgHH8UWpZ-Fagxg1YHqwCa_5qVS0kjVa4ym8LQKjHoOpL0ii-71INY

Request Chain 284

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL33atUr1gucioMI8b6S81M&google_cver=1&google_push=AXcoOmTzNoJi6xYOW6Xtx0rZ4YrRPUobAdBmzKcriXdqCi10r8jcNKTF2p_b7zXynvOjeFPntGaydt92uiuxJrXRN1sOVdvLdpqlmcc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzNoJi6xYOW6Xtx0rZ4YrRPUobAdBmzKcriXdqCi10r8jcNKTF2p_b7zXynvOjeFPntGaydt92uiuxJrXRN1sOVdvLdpqlmcc&google_hm=cogTojyZR-219WSlMAYEChs

Request Chain 285

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO6swrVrkx1OtmwujDDcOKg&google_cver=1&google_push=AXcoOmSlsCUJTeE2Xf0zPBJz2HSQBJ1XcJf5wgRIIo1G1qwoX08le_LaBR4izgMSOeL8hnYVLFOtZVaN3yrOTDFx-WKAmOPiL8-Ora0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmSlsCUJTeE2Xf0zPBJz2HSQBJ1XcJf5wgRIIo1G1qwoX08le_LaBR4izgMSOeL8hnYVLFOtZVaN3yrOTDFx-WKAmOPiL8-Ora0

Request Chain 286

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgx2mQIZrU8Z8jtwerDiYY&google_cver=1&google_push=AXcoOmSKk1kglvEyqXpLp74S0eZ_MrTjQzu1YSGN_PG603qH1NkMMVuWFE2AGiEQ3lQS4GnWL7IW5jIz7QUrLzuSC8ROQ9QDGtSMYBo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKk1kglvEyqXpLp74S0eZ_MrTjQzu1YSGN_PG603qH1NkMMVuWFE2AGiEQ3lQS4GnWL7IW5jIz7QUrLzuSC8ROQ9QDGtSMYBo&google_hm=eS1PVndRaHZsRTJwRVU0aWhIYURJOWxLVHdrbkM4bE14en5B

Request Chain 287

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJm2QhgqPe4LeYsk2vphBjg&google_cver=1&google_push=AXcoOmTvoc8d7PjFQjkIDjTIXrahFIrWG0gn19helgWhTRrgGk1WKAEJGhPIgL8VSx1JdAOPi42Tt8NrDZ79fOCxs_KK2H_q631EEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTvoc8d7PjFQjkIDjTIXrahFIrWG0gn19helgWhTRrgGk1WKAEJGhPIgL8VSx1JdAOPi42Tt8NrDZ79fOCxs_KK2H_q631EEA

Request Chain 288

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIPbguS0n_5wUk2gwju4rQk&google_cver=1&google_push=AXcoOmRMxd8CnYtSCH5wOi13qVQYPZDixr9QRzX9q1KzDroNbCEupjBxWzhsAk6LoLX1mhZv652Ipo8N9o6Anjjqzs29zIxXYwCWdwY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRMxd8CnYtSCH5wOi13qVQYPZDixr9QRzX9q1KzDroNbCEupjBxWzhsAk6LoLX1mhZv652Ipo8N9o6Anjjqzs29zIxXYwCWdwY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 290

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmTnbOKceKu4Q8LgcwG1TIvFqLuuRNYLTowzyFQ0cGuBB40caelohVh7vTybxSYYhKuf_UILxk9xmZ6LRnD6JObgVMqRa1Fr3sQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmTnbOKceKu4Q8LgcwG1TIvFqLuuRNYLTowzyFQ0cGuBB40caelohVh7vTybxSYYhKuf_UILxk9xmZ6LRnD6JObgVMqRa1Fr3sQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmTnbOKceKu4Q8LgcwG1TIvFqLuuRNYLTowzyFQ0cGuBB40caelohVh7vTybxSYYhKuf_UILxk9xmZ6LRnD6JObgVMqRa1Fr3sQ

Request Chain 291

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmTeEx8HV7GZh7iDBajwXF-q9eoFTEAkWJs4d7br15WO-QTp5HnldVTvkDNbZa2yQeFbQILdLTpPz65WJr-OZrOQPKeDSZ6klg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmTeEx8HV7GZh7iDBajwXF-q9eoFTEAkWJs4d7br15WO-QTp5HnldVTvkDNbZa2yQeFbQILdLTpPz65WJr-OZrOQPKeDSZ6klg

Request Chain 292

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFclQ0MQzKccb4Qp20b02gY&google_cver=1&google_push=AXcoOmRZtf2uEsjoDpP5WBWnU_M_Iz6N8xL5KLDy-vlm_n5LNqqW9PgpPmQzth4p_jD0kQBy_r4NejFAa1abb5e76Y4Qa24srFX3p4c HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmRZtf2uEsjoDpP5WBWnU_M_Iz6N8xL5KLDy-vlm_n5LNqqW9PgpPmQzth4p_jD0kQBy_r4NejFAa1abb5e76Y4Qa24srFX3p4c

Request Chain 293

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSok5CLo_5oMSpPBKyYxHMw0vjWNDqr2lGpJS0ErpGq4rlZgr9sy8RkKr6uylko-hw2ogoizo9RjeC_SBB7JSUt0JP9Br_3iA&google_gid=CAESEBXE52_Jz_7IJsxHH_ftk3E&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSok5CLo_5oMSpPBKyYxHMw0vjWNDqr2lGpJS0ErpGq4rlZgr9sy8RkKr6uylko-hw2ogoizo9RjeC_SBB7JSUt0JP9Br_3iA&google_gid=CAESEBXE52_Jz_7IJsxHH_ftk3E&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMjUxOTAyMTMwMDA1MTg3NzY2NjQwNg%3D%3D&google_push=AXcoOmSok5CLo_5oMSpPBKyYxHMw0vjWNDqr2lGpJS0ErpGq4rlZgr9sy8RkKr6uylko-hw2ogoizo9RjeC_SBB7JSUt0JP9Br_3iA

Request Chain 294

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgx2mQIZrU8Z8jtwerDiYY&google_cver=1&google_push=AXcoOmRrRu8GS7XX6POqO3A720ztL_L2kLLgWolb40i85Xeoyp1uNgKDf82MfodRU7u5BPGWDNNveUqsPygqkXISf6_Rv1U2f4DnglI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRrRu8GS7XX6POqO3A720ztL_L2kLLgWolb40i85Xeoyp1uNgKDf82MfodRU7u5BPGWDNNveUqsPygqkXISf6_Rv1U2f4DnglI&google_hm=eS02ZWlPMlFkRTJwSGpLajVucmthWk1qWVN5QmVGbmppbn5B

Request Chain 296

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIPbguS0n_5wUk2gwju4rQk&google_cver=1&google_push=AXcoOmT5AZnO4iDTcS6tyk1TTDoRdhtODHs83OPgMpq_xHXIkLy_mSApxpCwc2s7PP5diht0IjJOmTM-7U1NQVjK2dS5LbohdybrSlb6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT5AZnO4iDTcS6tyk1TTDoRdhtODHs83OPgMpq_xHXIkLy_mSApxpCwc2s7PP5diht0IjJOmTM-7U1NQVjK2dS5LbohdybrSlb6 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 329

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 330

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL33atUr1gucioMI8b6S81M&google_cver=1&google_push=AXcoOmRFRGTd5qM5Evz5Y_sAaRjiYA-LEDjFRwIIdSY7uUh-kyIMfF1aZh9F2Dswzb-ZL9XBctaXiT2WG3tUvuW-eDs-oe3yg5WJdQs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRFRGTd5qM5Evz5Y_sAaRjiYA-LEDjFRwIIdSY7uUh-kyIMfF1aZh9F2Dswzb-ZL9XBctaXiT2WG3tUvuW-eDs-oe3yg5WJdQs&google_hm=cogTojyZR-219WSlMAYEChs

Request Chain 332

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO6swrVrkx1OtmwujDDcOKg&google_cver=1&google_push=AXcoOmQRvCtFqEDf97apI8s2fKNO5iboOC86x5ELP8b41JTJv-tcO7HZY2lDTj7ZOiVVedURD2g2DgfK7zxE5pMGOy6p9pvpQH78og HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmQRvCtFqEDf97apI8s2fKNO5iboOC86x5ELP8b41JTJv-tcO7HZY2lDTj7ZOiVVedURD2g2DgfK7zxE5pMGOy6p9pvpQH78og

Request Chain 334

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgx2mQIZrU8Z8jtwerDiYY&google_cver=1&google_push=AXcoOmT7Ac_Li9ONdEKOuZjCQXm10BoyPOWDS-5jU01cpEiemYi07Eg__YLId2bl4n_yzw26oiFWI2ucAmHXFL3LWXmet0nZyTIjqBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT7Ac_Li9ONdEKOuZjCQXm10BoyPOWDS-5jU01cpEiemYi07Eg__YLId2bl4n_yzw26oiFWI2ucAmHXFL3LWXmet0nZyTIjqBQ&google_hm=eS02ZWlPMlFkRTJwSGpLajVucmthWk1qWVN5QmVGbmppbn5B

Request Chain 335

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJm2QhgqPe4LeYsk2vphBjg&google_cver=1&google_push=AXcoOmTF4_kemlrC-OHqT8Cwc3bB5q7L2JSvyVsZRec5JKq3H9T_QRBhdf-z6udGu3vxVzljOtbPvxlPdDPhEk9ONMmi--F7Xhxv7zI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTF4_kemlrC-OHqT8Cwc3bB5q7L2JSvyVsZRec5JKq3H9T_QRBhdf-z6udGu3vxVzljOtbPvxlPdDPhEk9ONMmi--F7Xhxv7zI

Request Chain 337

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1&google_push=AXcoOmRlgPhn4aC5O4ulOOsZ63pfPj3QKBxoepQt5dxCzk0mUKrCJW8ZxtMVqNdNFa-cQw3DTWLBMd3_4hGmdNQd3D_rlH_ehOTMODU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY5MjYyNzk1NjUzMzE2NzgyOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1

Request Chain 339

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 340

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmSWk0MCzZq8G4HxPAvXVZ_4ZLerkm__cDaXrUieWUc57irjlEt2Pz1-Rq47KMB0MgxlcRaCDXe-VLKA8F2kdVVGAzXNIoGB2Ts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmSWk0MCzZq8G4HxPAvXVZ_4ZLerkm__cDaXrUieWUc57irjlEt2Pz1-Rq47KMB0MgxlcRaCDXe-VLKA8F2kdVVGAzXNIoGB2Ts

Request Chain 342

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFclQ0MQzKccb4Qp20b02gY&google_cver=1&google_push=AXcoOmT160ubAqaX-UFV4azYqy3WJR1BaVNcJ4amkR-2VYrIG5KuxUghTA7fM0dIP7eJ90Pn76njqx0Lfmoxz7Mpya8fIaXITXBk3A HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmT160ubAqaX-UFV4azYqy3WJR1BaVNcJ4amkR-2VYrIG5KuxUghTA7fM0dIP7eJ90Pn76njqx0Lfmoxz7Mpya8fIaXITXBk3A

Request Chain 346

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmS7tKsCf8Vk7ZhPjvNMLH_SZeV1EosB9RzSn-Obl9L91nv5Dy_VaqxXbN6zuAY2m7iYzR4oE5GpsJ8VFLOOKQ5BK3Nlm9h0rw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmS7tKsCf8Vk7ZhPjvNMLH_SZeV1EosB9RzSn-Obl9L91nv5Dy_VaqxXbN6zuAY2m7iYzR4oE5GpsJ8VFLOOKQ5BK3Nlm9h0rw

Request Chain 347

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 348

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmRPSEu5T3s6RwnNR0KqkcmmLn8iOlMZz3rYx-GMLk3gQb41pc4HeyFfM0Ue3TUZn4VtDaiOpxffxUj5G9xHReYpYQ6R2-J1Fg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmRPSEu5T3s6RwnNR0KqkcmmLn8iOlMZz3rYx-GMLk3gQb41pc4HeyFfM0Ue3TUZn4VtDaiOpxffxUj5G9xHReYpYQ6R2-J1Fg

Request Chain 349

https://um.simpli.fi/gp_match?google_gid=CAESED00TcErr7jTpucH1DcY7Ws&google_cver=1&google_push=AXcoOmTlCfgR1ZXhW2g_86n_RuJ5EFA7QqhGPIcvJdmOm6kqp63w7Lb9eMuDae-zfABDwbxPu7WZVwNKz2twp-mI25BCkgq2_o1m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20EA50D646EE452C9E3151D7F4A116C4&google_push=AXcoOmTlCfgR1ZXhW2g_86n_RuJ5EFA7QqhGPIcvJdmOm6kqp63w7Lb9eMuDae-zfABDwbxPu7WZVwNKz2twp-mI25BCkgq2_o1m

Request Chain 351

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDKpSIRH_ef7TU6rvc0Yfa0&google_cver=1&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44vHNObblqBy7SMTRYvp9y0vyHd1g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDKpSIRH_ef7TU6rvc0Yfa0&google_cver=1&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44vHNObblqBy7SMTRYvp9y0vyHd1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4MDcyMTQxNTM1NTg3Mzg0NQ&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44vHNObblqBy7SMTRYvp9y0vyHd1g

Request Chain 367

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hheG-_HTfPMpcHHTkn1txD&adContainerId=brand_safety_NGY5ZcDxDKeT9u8P58WFoAg&cbFunctionName=goog_wrapCb_NGY5ZcDxDKeT9u8P58WFoAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbaiyunju.cc&adsafe_type=g&adsafe_url=https%3A%2F%2Fbaiyunju.cc%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9529152553031266%26output%3Dhtml%26h%3D90%26adk%3D2437241550%26adf%3D3216561584%26pi%3Dt.aa~a.3914809518~rp.4%26w%3D760%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1698253330%26rafmt%3D1%26to%3Dqs%26pwprc%3D8643742065%26format%3D760x90%26url%3Dhttps%253A%252F%252Fbaiyunju.cc%252F%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698260530837%26bpp%3D1%26bdt%3D3319%26idt%3D1%26shv%3Dr20231023%26mjsv%3Dm202310180102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2214b802a57d9290%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw%26gpic%3DUID%253D00000ca41eb784e4%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ%26prev_fmts%3D0x0%252C760x90%252C300x600%252C760x90%252C760x90%252C760x90%252C760x90%26nras%3D6%26correlator%3D8504770521755%26frm%3D20%26pv%3D1%26ga_vid%3D1805518006.1698260529%26ga_sid%3D1698260529%26ga_hid%3D1913542126%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D355%26ady%3D4059%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079098%252C31079192%252C44805914%252C44805932%252C44806738%252C31078301%252C31079124%26oid%3D2%26psts%3DAOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE%26pvsid%3D1621882134783127%26tmod%3D385490013%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D8%26uci%3Da!8%26btvi%3D5%26fsb%3D1%26xpc%3DY7RtTiXi04%26p%3Dhttps%253A%2F%2Fbaiyunju.cc%26dtd%3D40&adsafe_type=bed&adsafe_jsinfo=,id:723ed8b4-9f20-6245-5a97-6aaf86e9a198,c:s5uLow,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-td9w7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C191*.990511-61634096%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d131%7C1d14,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:58,oid:014037ea-7369-11ee-9b1a-a667fa747f5b,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZcDxDKeT9u8P58WFoAg&cbFunctionName=goog_wrapCb_NGY5ZcDxDKeT9u8P58WFoAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 378

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJ-TbKjI7b2szfqEAEwJR5&adContainerId=brand_safety_NGY5ZefAD9nl7_UP6MirkAs&cbFunctionName=goog_wrapCb_NGY5ZefAD9nl7_UP6MirkAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbaiyunju.cc&adsafe_type=g&adsafe_url=https%3A%2F%2Fbaiyunju.cc%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9529152553031266%26output%3Dhtml%26h%3D90%26adk%3D2437241550%26adf%3D3429564163%26pi%3Dt.aa~a.3914811396~rp.4%26w%3D760%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1698253330%26rafmt%3D1%26to%3Dqs%26pwprc%3D8643742065%26format%3D760x90%26url%3Dhttps%253A%252F%252Fbaiyunju.cc%252F%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698260530837%26bpp%3D1%26bdt%3D3318%26idt%3D-M%26shv%3Dr20231023%26mjsv%3Dm202310180102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2214b802a57d9290%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw%26gpic%3DUID%253D00000ca41eb784e4%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ%26prev_fmts%3D0x0%252C760x90%252C300x600%26nras%3D2%26correlator%3D8504770521755%26frm%3D20%26pv%3D1%26ga_vid%3D1805518006.1698260529%26ga_sid%3D1698260529%26ga_hid%3D1913542126%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D355%26ady%3D1751%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079098%252C31079192%252C44805914%252C44805932%252C44806738%252C31078301%252C31079124%26oid%3D2%26psts%3DAOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE%26pvsid%3D1621882134783127%26tmod%3D385490013%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26cms%3D2%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3DHDT4PSOWH2%26p%3Dhttps%253A%2F%2Fbaiyunju.cc%26dtd%3D8&adsafe_type=bed&adsafe_jsinfo=,id:7f3108b6-8b11-54fd-2ca1-f0345df2e2ab,c:s5uLrK,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-jbxhn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tTJ67Ui+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:01405f10-7369-11ee-b496-ba1fc29d63aa,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZefAD9nl7_UP6MirkAs&cbFunctionName=goog_wrapCb_NGY5ZefAD9nl7_UP6MirkAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 380

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jI-ARaTziKLt0g9jmQuZLQ&adContainerId=brand_safety_NGY5ZYLeGL7L7_UP9-WhiAI&cbFunctionName=goog_wrapCb_NGY5ZYLeGL7L7_UP9-WhiAI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbaiyunju.cc&adsafe_type=g&adsafe_url=https%3A%2F%2Fbaiyunju.cc%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9529152553031266%26output%3Dhtml%26h%3D90%26adk%3D2437241550%26adf%3D861672672%26pi%3Dt.aa~a.3914808220~rp.4%26w%3D760%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1698253330%26rafmt%3D1%26to%3Dqs%26pwprc%3D8643742065%26format%3D760x90%26url%3Dhttps%253A%252F%252Fbaiyunju.cc%252F%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698260530837%26bpp%3D1%26bdt%3D3318%26idt%3D-M%26shv%3Dr20231023%26mjsv%3Dm202310180102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2214b802a57d9290%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw%26gpic%3DUID%253D00000ca41eb784e4%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ%26prev_fmts%3D0x0%252C760x90%252C300x600%252C760x90%252C760x90%252C760x90%26nras%3D5%26correlator%3D8504770521755%26frm%3D20%26pv%3D1%26ga_vid%3D1805518006.1698260529%26ga_sid%3D1698260529%26ga_hid%3D1913542126%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D355%26ady%3D3261%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079098%252C31079192%252C44805914%252C44805932%252C44806738%252C31078301%252C31079124%26oid%3D2%26psts%3DAOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE%26pvsid%3D1621882134783127%26tmod%3D385490013%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D7%26uci%3Da!7%26btvi%3D4%26fsb%3D1%26xpc%3DddqUO5dEF1%26p%3Dhttps%253A%2F%2Fbaiyunju.cc%26dtd%3D35&adsafe_type=bed&adsafe_jsinfo=,id:ad6617fb-96c2-26f4-13cc-8d85e5716be5,c:s5uLsv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-txbl8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tTJ67V3+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C1513%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C181*.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:181*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:01495f91-7369-11ee-a3a5-e61100c902f3,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZYLeGL7L7_UP9-WhiAI&cbFunctionName=goog_wrapCb_NGY5ZYLeGL7L7_UP9-WhiAI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 384

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hoLSqtGtGARBdTMoXKBukZ&adContainerId=brand_safety_NGY5ZbPUGM6F9u8P8t-UoAs&cbFunctionName=goog_wrapCb_NGY5ZbPUGM6F9u8P8t-UoAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbaiyunju.cc&adsafe_type=g&adsafe_url=https%3A%2F%2Fbaiyunju.cc%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9529152553031266%26output%3Dhtml%26h%3D90%26adk%3D2437241550%26adf%3D1298879487%26pi%3Dt.aa~a.3914813343~rp.4%26w%3D760%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1698253330%26rafmt%3D1%26to%3Dqs%26pwprc%3D8643742065%26format%3D760x90%26url%3Dhttps%253A%252F%252Fbaiyunju.cc%252F%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698260530837%26bpp%3D1%26bdt%3D3318%26idt%3D-M%26shv%3Dr20231023%26mjsv%3Dm202310180102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2214b802a57d9290%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw%26gpic%3DUID%253D00000ca41eb784e4%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ%26prev_fmts%3D0x0%252C760x90%252C300x600%252C760x90%252C760x90%26nras%3D4%26correlator%3D8504770521755%26frm%3D20%26pv%3D1%26ga_vid%3D1805518006.1698260529%26ga_sid%3D1698260529%26ga_hid%3D1913542126%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D355%26ady%3D2710%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079098%252C31079192%252C44805914%252C44805932%252C44806738%252C31078301%252C31079124%26oid%3D2%26psts%3DAOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE%26pvsid%3D1621882134783127%26tmod%3D385490013%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D3%26fsb%3D1%26xpc%3DJP7KnZ4eN4%26p%3Dhttps%253A%2F%2Fbaiyunju.cc%26dtd%3D32&adsafe_type=bed&adsafe_jsinfo=,id:3b0fc1a8-7692-5f33-82e4-82de7a272d86,c:s5uLtV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-txbl8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tTJ67Wr+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C15131%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C171*.990511-61634096%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C1815%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:0157b78f-7369-11ee-a3a5-e61100c902f3,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZbPUGM6F9u8P8t-UoAs&cbFunctionName=goog_wrapCb_NGY5ZbPUGM6F9u8P8t-UoAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 411

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcf9bQxT46aphd-W06gZUh&adContainerId=brand_safety_NGY5ZZP4GL-n9u8P2pKFsAM&cbFunctionName=goog_wrapCb_NGY5ZZP4GL-n9u8P2pKFsAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbaiyunju.cc&adsafe_type=g&adsafe_url=https%3A%2F%2Fbaiyunju.cc%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9529152553031266%26output%3Dhtml%26h%3D90%26adk%3D2437241550%26adf%3D3930193421%26pi%3Dt.aa~a.3914810381~rp.4%26w%3D760%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1698253330%26rafmt%3D1%26to%3Dqs%26pwprc%3D8643742065%26format%3D760x90%26url%3Dhttps%253A%252F%252Fbaiyunju.cc%252F%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698260530837%26bpp%3D1%26bdt%3D3318%26idt%3D-M%26shv%3Dr20231023%26mjsv%3Dm202310180102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2214b802a57d9290%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw%26gpic%3DUID%253D00000ca41eb784e4%253AT%253D1698260528%253ART%253D1698260528%253AS%253DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ%26prev_fmts%3D0x0%252C760x90%252C300x600%252C760x90%26nras%3D3%26correlator%3D8504770521755%26frm%3D20%26pv%3D1%26ga_vid%3D1805518006.1698260529%26ga_sid%3D1698260529%26ga_hid%3D1913542126%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D355%26ady%3D2107%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079098%252C31079192%252C44805914%252C44805932%252C44806738%252C31078301%252C31079124%26oid%3D2%26psts%3DAOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE%26pvsid%3D1621882134783127%26tmod%3D385490013%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3D8ctQ4741EO%26p%3Dhttps%253A%2F%2Fbaiyunju.cc%26dtd%3D29&adsafe_type=bed&adsafe_jsinfo=,id:6b02839e-2b35-e9f0-a8bd-a1e33a7a4627,c:s5uLwt,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-5jg52,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tTJ67YY+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C15131%7C1514%7C1515%7C161*.990511-61634096%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1715%7C1811%7C1812%7C1813%7C1814%7C1815%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:26,oid:018927e0-7369-11ee-85f6-1a4118e6990e,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZZP4GL-n9u8P2pKFsAM&cbFunctionName=goog_wrapCb_NGY5ZZP4GL-n9u8P2pKFsAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

449 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
baiyunju.cc/
Redirect Chain

http://baiyunju.cc/
https://baiyunju.cc/

78 KB
18 KB

1010ms
475ms

Document
text/html

144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 99d84cffe2be95f6c8347d0c87c0685c873410b9aa3e155a7fb09489aa0c5f1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 19:02:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Wed, 25 Oct 2023 19:02:03 GMT
location: https://baiyunju.cc/
server: LiteSpeed

GET
H2 200 style.min.css
baiyunju.cc/wp-includes/css/dist/block-library/ 102 KB
13 KB 281ms
280ms Stylesheet
text/css 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/wp-includes/css/dist/block-library/style.min.css?ver=52b4972f6bac2e9d7d5ed97415d42954
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:05 GMT
content-encoding: br
last-modified: Tue, 15 Aug 2023 14:53:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12962
expires: Wed, 01 Nov 2023 19:02:05 GMT

GET
H2 200 style.css
baiyunju.cc/wp-content/themes/xiu/ 105 KB
20 KB 512ms
512ms Stylesheet
text/css 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/wp-content/themes/xiu/style.css?ver=8.7
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 6be7b63bdd7fe0b451f7e564b2db3663775894827f4b13ce7902770ea58ee0ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:05 GMT
content-encoding: br
last-modified: Sun, 23 Apr 2023 22:36:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20267
expires: Wed, 01 Nov 2023 19:02:05 GMT

GET
H2 200 jquery.js Show response
baiyunju.cc/wp-content/themes/xiu/assets/js/ 94 KB
32 KB 510ms
510ms Script
application/javascript 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/js/jquery.js?ver=8.7
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:05 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 13:00:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32427
expires: Wed, 01 Nov 2023 19:02:05 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 132ms
77ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9529152553031266

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0e5c8fec151580237772c40323e59e1f52fd7dd55fe11a6b393bfb6a07c40d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Origin: https://baiyunju.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51502
x-xss-protection: 0
server: cafe
etag: 8512080303068124381
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:08 GMT

GET
H2 200 logo.png
baiyunju.cc/wp-content/themes/xiu/assets/images/ 2 KB
2 KB 690ms
690ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/images/logo.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 3886aa7f5e3da451738276d777fc8f5c20225032caffae8ba0315c25de877693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:05 GMT
last-modified: Mon, 26 Jun 2023 12:15:20 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2123
expires: Wed, 01 Nov 2023 19:02:05 GMT

GET
H2 200 logo-sj.png
baiyunju.cc/wp-content/themes/xiu/assets/images/ 2 KB
2 KB 757ms
756ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/images/logo-sj.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 79ce560154084a302b268df01c2f29635339b93dcfe7154a8c188f8b870a2ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:05 GMT
last-modified: Mon, 26 Jun 2023 12:15:20 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1644
expires: Wed, 01 Nov 2023 19:02:05 GMT

GET
H2 200 %E5%8F%A4%E9%A3%8E%E6%AD%8C%E6%9B%B2-baiyunju.cc.jpg
baiyunju.cc/wp-content/uploads/2020/10/ 93 KB
94 KB 268ms
267ms Image
image/jpeg 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2020/10/%E5%8F%A4%E9%A3%8E%E6%AD%8C%E6%9B%B2-baiyunju.cc.jpg
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: f96bc53d8ca1252ed4e4ed2a6f3c51d2e6c00b3bd2fc99d44772a7aec834ba1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
last-modified: Sun, 18 Oct 2020 02:51:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 95666
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H2 200 20210329%E8%A7%89%E9%86%92%E5%B9%B4%E4%BB%A3%E6%AF%9B%E4%B8%BB%E5%B8%AD760x280.jpg
baiyunju.cc/wp-content/uploads/2021/03/ 68 KB
68 KB 521ms
519ms Image
image/jpeg 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2021/03/20210329%E8%A7%89%E9%86%92%E5%B9%B4%E4%BB%A3%E6%AF%9B%E4%B8%BB%E5%B8%AD760x280.jpg
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: a5682afe0eb75ec3c830cf498b8bc9e45cc8f947a94966e60a888af2cba546d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
last-modified: Mon, 29 Mar 2021 14:30:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 70022
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H2 200 %E7%A4%BE%E4%BC%9A%E4%B8%BB%E4%B9%89%E6%A0%B8%E5%BF%83%E4%BB%B7%E5%80%BC%E8%A7%82%E5%AE%A3%E4%BC%A0760x280.png
baiyunju.cc/wp-content/uploads/2020/05/ 113 KB
113 KB 519ms
518ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2020/05/%E7%A4%BE%E4%BC%9A%E4%B8%BB%E4%B9%89%E6%A0%B8%E5%BF%83%E4%BB%B7%E5%80%BC%E8%A7%82%E5%AE%A3%E4%BC%A0760x280.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: f3f77c1d71500b9d9e23d6b1827d6fd768b78d425d2bbde2a3cebbc4595214dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
last-modified: Tue, 26 May 2020 09:01:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 116036
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H2 200 font_680485_5brisn7ij77.woff2
at.alicdn.com/t/ 18 KB
19 KB 444ms
40ms Font
font/woff2 163.181.92.148
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://at.alicdn.com/t/font_680485_5brisn7ij77.woff2
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.148 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a2ceb9d510ced32d604ff621657de88204c6ec57e01fee0a01f4ef35f8a64aca

Request headers

Referer: https://baiyunju.cc/
Origin: https://baiyunju.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 07:49:55 GMT
via: cache1.l2us1[0,0,200-0,H], cache37.l2us1[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache10.de5[1,0]
x-oss-request-id: 643E4BA3FC091B303533BA50
content-md5: BkNaxyT1qxSob1EKr6x4LQ==
age: 16456333
x-swift-cachetime: 23589621
x-cache: HIT TCP_HIT dirn:13:212602970
x-swift-savetime: Fri, 14 Jul 2023 07:09:34 GMT
content-length: 18924
x-oss-object-type: Normal
last-modified: Sat, 25 Dec 2021 03:15:21 GMT
server: Tengine
etag: "06435AC724F5AB14A86F510AAFAC782D"
vary: Origin
ali-swift-global-savetime: 1681804195
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=63072000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17133634954100616587
eagleid: a3b55c9e16982605286868329e
x-oss-server-time: 83

GET
H2 200 iconfont.woff2
baiyunju.cc/wp-content/themes/xiu/assets/fonts/ 6 KB
6 KB 513ms
513ms Font
font/woff2 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/fonts/iconfont.woff2?ver=8.7
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/wp-content/themes/xiu/style.css?ver=8.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 385401bd6a6bcd0c8d610a1540710a94a3e248299f71309cafacb6d6e6d7af34

Request headers

Referer: https://baiyunju.cc/wp-content/themes/xiu/style.css?ver=8.7
Origin: https://baiyunju.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
last-modified: Mon, 26 Jun 2023 13:00:04 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 6328
content-type: font/woff2

GET
H2 200 %E8%82%A1%E7%A5%A8%E5%85%A5%E9%97%A8%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86-baiyunju.cc.png
baiyunju.cc/wp-content/uploads/2020/09/ 3 KB
3 KB 523ms
522ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2020/09/%E8%82%A1%E7%A5%A8%E5%85%A5%E9%97%A8%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86-baiyunju.cc.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 90c47d126c451c704877cdc3bcbfbd74feb3cf00ee2a1a36c0cb3bae83e7e315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
last-modified: Thu, 03 Sep 2020 13:29:44 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3498
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H2 200 %E7%BC%A0%E4%B8%AD%E8%AF%B4%E7%A6%85108%E8%AF%BE%E5%8E%9F%E6%96%87-baiyunju.cc.png
baiyunju.cc/wp-content/uploads/2020/07/ 6 KB
6 KB 523ms
522ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2020/07/%E7%BC%A0%E4%B8%AD%E8%AF%B4%E7%A6%85108%E8%AF%BE%E5%8E%9F%E6%96%87-baiyunju.cc.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 4a194f5d92dd6081926dd722075bc361945f5e8e2467fba7089de7a268935993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
last-modified: Fri, 24 Jul 2020 05:40:33 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5998
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 94ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-39765619-6

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19ed2db4b8d7d3ad488812ca8c5c4af9a446a349b151267535f72f85dfabeffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51049
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 19:02:08 GMT

GET
H2 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
554 B 1985ms
304ms Script
application/x-javascript 58.254.150.48
UNICOM-GUANGZHOU-...

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.254.150.48 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
content-encoding: br
tracecode: 07572954260679645706102517
ohc-response-time: 1 0 0 0 0 0
last-modified: Wed, 24 May 2023 22:11:30 GMT
server: JSP3/2.0.14
age: 34779
etag: "646e8b92-134"
ohc-cache-hit: gz3un51 [2], zhuzuncache65 [2]
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
ohc-global-saved-time: Wed, 25 Oct 2023 09:12:37 GMT

GET
H2 200 bootstrap.js Show response
baiyunju.cc/wp-content/themes/xiu/assets/js/ 31 KB
8 KB 561ms
558ms Script
application/javascript 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/js/bootstrap.js?ver=8.7
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 13:00:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8188
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H2 200 swiper.min.js Show response
baiyunju.cc/wp-content/themes/xiu/assets/js/ 125 KB
31 KB 561ms
559ms Script
application/javascript 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/js/swiper.min.js?ver=8.7
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 6229770d211d3e9ec87b1daf5fb2576cd88a3caab6a9cd45baf2240703c35800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 13:00:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31683
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H2 200 custom.js Show response
baiyunju.cc/wp-content/themes/xiu/assets/js/ 66 KB
18 KB 723ms
722ms Script
application/javascript 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/js/custom.js?ver=8.7
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 393b3fc949730680c944764cc6958127a643827df45371084be0d9ce56aa0ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:06 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 13:00:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18789
expires: Wed, 01 Nov 2023 19:02:06 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180102/ 395 KB
134 KB 136ms
92ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9529152553031266&plah=baiyunju.cc&bust=31079124

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9529152553031266

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b7b00104b652a68894852f9e1630981e03a7d9e344a801854b5c46c9c8536cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137064
x-xss-protection: 0
server: cafe
etag: 17634404587108581715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/ Frame DEF7 10 KB
5 KB 74ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9529152553031266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 04:34:22 GMT
etag: 4569948109300706969
expires: Wed, 08 Nov 2023 04:34:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0JMHSJRT0D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-39765619-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac25e9f9ace0e608832fd4ba56da37f4e0ae82c5864e4f5417db0b94346ab8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 19:02:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-39765619-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 17:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4235
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 19:51:33 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 76ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0JMHSJRT0D&gtm=45je3an0v888681928&_p=1913542126&_gaz=1&cid=1805518006.1698260529&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698260528&sct=1&seg=0&dl=https%3A%2F%2Fbaiyunju.cc%2F&dt=%E3%80%8E%E7%99%BD%E4%BA%91%E5%B1%85%E3%80%8F-%E4%B8%96%E9%81%93%E7%A7%8B%E9%A3%8E%E6%80%BB%E8%90%A7%E7%B4%A2%EF%BC%8C%E4%BD%95%E5%A6%82%E9%AB%98%E5%8D%A7%E7%99%BD%E4%BA%91%E5%B1%85&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0JMHSJRT0D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baiyunju.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 89ms
29ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0JMHSJRT0D&cid=1805518006.1698260529&gtm=45je3an0v888681928&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0JMHSJRT0D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baiyunju.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 107ms
58ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0JMHSJRT0D&cid=1805518006.1698260529&gtm=45je3an0v888681928&aip=1&z=1997670621

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 29ms
29ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1913542126&t=pageview&_s=1&dl=https%3A%2F%2Fbaiyunju.cc%2F&ul=en-us&de=UTF-8&dt=%E3%80%8E%E7%99%BD%E4%BA%91%E5%B1%85%E3%80%8F-%E4%B8%96%E9%81%93%E7%A7%8B%E9%A3%8E%E6%80%BB%E8%90%A7%E7%B4%A2%EF%BC%8C%E4%BD%95%E5%A6%82%E9%AB%98%E5%8D%A7%E7%99%BD%E4%BA%91%E5%B1%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1641893474&gjid=1088717325&cid=1805518006.1698260529&tid=UA-39765619-6&_gid=762038622.1698260529&_r=1&gtm=457e3an0&jsscut=1&z=1526171233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://baiyunju.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baiyunju.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 43ms
28ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-39765619-6&cid=1805518006.1698260529&jid=1641893474&gjid=1088717325&_gid=762038622.1698260529&_u=YADAAUAAAAAAACAAI~&z=1144804810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baiyunju.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 25 Oct 2023 19:02:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baiyunju.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 122ms
65ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-39765619-6&cid=1805518006.1698260529&jid=1641893474&_u=YADAAUAAAAAAACAAI~&z=1548017840

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 59ms
59ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-39765619-6&cid=1805518006.1698260529&jid=1641893474&_u=YADAAUAAAAAAACAAI~&z=1548017840

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 82ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=baiyunju.cc&callback=_gfp_s_&client=ca-pub-9529152553031266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9529152553031266&plah=baiyunju.cc&bust=31079124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b58931984824cbf5abfc6b946838b605fd1861812cbf91cbf941af42fb0cdf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D011 569 KB
104 KB 1942ms
1941ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&adk=1812271804&adf=3025194257&lmt=1698253328&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=130x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fbaiyunju.cc%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528445&bpp=8&bdt=926&idt=286&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8504770521755&frm=20&pv=2&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

065a805274aa9dda80a209a37391d6d65c0db66abb7fbdb4877d1a5c3ef8bfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 105752
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:10 GMT
expires: Wed, 25 Oct 2023 19:02:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A7C 28 KB
11 KB 810ms
809ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&slotname=4389552404&adk=1499268799&adf=1710499955&pi=t.ma~as.4389552404&w=760&lmt=1698253328&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528453&bpp=1&bdt=934&idt=303&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9cTqTOkenu&p=https%3A//baiyunju.cc&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba3b8fc344c47591d48e4151e049bd9cc755a3a9de8291f8b81be64d653a63ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11527
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:09 GMT
expires: Wed, 25 Oct 2023 19:02:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A19 102 KB
43 KB 1320ms
1319ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=600&slotname=6930711991&adk=119653711&adf=2344892108&pi=t.ma~as.6930711991&w=300&fwrn=4&fwrnh=100&lmt=1698253328&rafmt=1&format=300x600&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528454&bpp=1&bdt=935&idt=309&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x90&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=Xh4iNOZQFt&p=https%3A//baiyunju.cc&dtd=313

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2b98709eade1745216956d07a8b77286bf3291b02ab43351407d51fed5d807e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44000
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:10 GMT
expires: Wed, 25 Oct 2023 19:02:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 20221001maozhuxi380x266.png
baiyunju.cc/wp-content/uploads/2022/10/ 27 KB
27 KB 275ms
273ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2022/10/20221001maozhuxi380x266.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: cf50fe12213503752fccb0726cc95368bc83166da9104bbf9a4505706870afa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Sun, 02 Oct 2022 03:48:55 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27843
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E7%AC%94%E8%AE%B0Notion%E9%A6%96%E9%A1%B5-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2022/10/ 55 KB
55 KB 276ms
272ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2022/10/%E7%AC%94%E8%AE%B0Notion%E9%A6%96%E9%A1%B5-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 89645ef885977d68817cfda4a1c6f874b24bc2232385d89e9e759fe8ce4dd85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Thu, 06 Oct 2022 05:23:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 56162
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E8%82%A1%E7%A5%A8%E5%A4%A7%E4%BD%9C%E6%89%8B%E6%93%8D%E7%9B%98%E6%9C%AF%E5%9C%A8%E7%BA%BF%E9%98%85%E8%AF%BB%E5%9B%BE%E8%A7%A3-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2022/08/ 60 KB
60 KB 277ms
274ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2022/08/%E8%82%A1%E7%A5%A8%E5%A4%A7%E4%BD%9C%E6%89%8B%E6%93%8D%E7%9B%98%E6%9C%AF%E5%9C%A8%E7%BA%BF%E9%98%85%E8%AF%BB%E5%9B%BE%E8%A7%A3-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: e2a8032eb7c364799cf6021aa91f11550ed0ecd71bb20ffbfbf3612f2a2b021c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Fri, 26 Aug 2022 14:52:31 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 61729
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 thumbnail.png
baiyunju.cc/wp-content/themes/xiu/assets/images/ 985 B
1016 B 275ms
272ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/themes/xiu/assets/images/thumbnail.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: ede9054596a10b9110068274f17a0b731ca0449535c2d529e8e73615c5f668ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Mon, 26 Jun 2023 12:15:20 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 985
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E5%9F%BA%E9%87%91%E6%8A%95%E8%B5%84%E7%90%86%E8%B4%A2-baiyunju.cc-240x180.jpg
baiyunju.cc/wp-content/uploads/2021/06/ 12 KB
12 KB 278ms
275ms Image
image/jpeg 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2021/06/%E5%9F%BA%E9%87%91%E6%8A%95%E8%B5%84%E7%90%86%E8%B4%A2-baiyunju.cc-240x180.jpg
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 5bbd86c4c198969de3e9e9c669ceeabc3decdaab4fd5bb802841e42c1872cf22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Tue, 08 Jun 2021 14:57:47 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11800
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E5%AE%89%E8%A3%85Adobe-Photoshop-2022%E7%A0%B4%E8%A7%A3%E7%89%88%E6%95%99%E7%A8%8B1-baiyunju.cc-240x180.jpg
baiyunju.cc/wp-content/uploads/2021/10/ 4 KB
4 KB 279ms
276ms Image
image/jpeg 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2021/10/%E5%AE%89%E8%A3%85Adobe-Photoshop-2022%E7%A0%B4%E8%A7%A3%E7%89%88%E6%95%99%E7%A8%8B1-baiyunju.cc-240x180.jpg
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 5b68a8fd227dabcf16b61696768f96c37d960042d5fd5b7e5d6c8c71cbf21358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Thu, 28 Oct 2021 14:31:24 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4510
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E6%B3%A8%E5%86%8CChatGPT%E8%B4%A6%E5%8F%B7%E6%94%BB%E7%95%A511-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2023/01/ 15 KB
15 KB 279ms
275ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2023/01/%E6%B3%A8%E5%86%8CChatGPT%E8%B4%A6%E5%8F%B7%E6%94%BB%E7%95%A511-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 255c8f919e0770a01437d6f898f7a57872d0e4a5f58fd4ce5e0e05573247b6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Fri, 13 Jan 2023 13:48:34 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15456
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 Google-Play%E6%97%A0%E6%B3%95%E5%AE%89%E8%A3%85%E6%9B%B4%E6%96%B0%E5%BA%94%E7%94%A81-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2022/10/ 24 KB
25 KB 277ms
274ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2022/10/Google-Play%E6%97%A0%E6%B3%95%E5%AE%89%E8%A3%85%E6%9B%B4%E6%96%B0%E5%BA%94%E7%94%A81-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: f17b91a3acd9b8c629f0b7e4a71af5e49c771303348f2a335024cb71df8dff41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Sun, 30 Oct 2022 06:43:07 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25077
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E5%9C%A8%E6%96%B0%E6%A0%87%E7%AD%BE%E9%A1%B5%E6%89%93%E5%BC%80Google-Chrome%E3%80%81Edge%E6%B5%8F%E8%A7%88%E5%99%A8%E6%94%B6%E8%97%8F%E5%A4%B9%E4%B8%AD%E7%9A%84%E7%BD%91%E5%9D%801-baiyunju.cc-240x...
baiyunju.cc/wp-content/uploads/2022/07/ 56 KB
56 KB 288ms
285ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2022/07/%E5%9C%A8%E6%96%B0%E6%A0%87%E7%AD%BE%E9%A1%B5%E6%89%93%E5%BC%80Google-Chrome%E3%80%81Edge%E6%B5%8F%E8%A7%88%E5%99%A8%E6%94%B6%E8%97%8F%E5%A4%B9%E4%B8%AD%E7%9A%84%E7%BD%91%E5%9D%801-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 98badeb40a3fb4d595c52ef93685e5cde80dcdcb55dab0de814e00956d94dabf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Thu, 14 Jul 2022 15:09:03 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 57717
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E7%94%B5%E6%8A%A5Telegram%E6%B3%A8%E5%86%8C%E6%95%99%E7%A8%8B6-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2022/05/ 18 KB
18 KB 282ms
279ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2022/05/%E7%94%B5%E6%8A%A5Telegram%E6%B3%A8%E5%86%8C%E6%95%99%E7%A8%8B6-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 0c53c233c8012aad0cddc4231745ed5c3c74a12dc7825603881644f4ea10da76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Tue, 03 May 2022 15:47:44 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18756
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E5%AE%89%E8%A3%85Adobe-Premiere-Pro-2022%E7%A0%B4%E8%A7%A3%E7%89%881-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2021/12/ 14 KB
14 KB 284ms
281ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2021/12/%E5%AE%89%E8%A3%85Adobe-Premiere-Pro-2022%E7%A0%B4%E8%A7%A3%E7%89%881-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 4a3e90f7e0c2786ab5eb7a9664870771605d82729389eda271827327bc50b5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Wed, 01 Dec 2021 14:22:07 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14663
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E5%9C%A8WPS%E6%88%96Excel%E5%8A%A0%E5%AF%86CSV%E6%96%87%E4%BB%B6-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2023/10/ 16 KB
17 KB 268ms
266ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2023/10/%E5%9C%A8WPS%E6%88%96Excel%E5%8A%A0%E5%AF%86CSV%E6%96%87%E4%BB%B6-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 6aacbec97910be872c41a4e0935f643e79b9066a274a303a52bc6bc8a59a0615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Thu, 05 Oct 2023 12:47:28 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16854
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E5%BF%AB%E9%80%9F%E6%A0%BC%E5%BC%8F%E5%8C%96%E5%92%8C%E6%A0%87%E5%87%86%E6%A0%BC%E5%BC%8F%E5%8C%96%E7%9A%84%E5%8C%BA%E5%88%AB-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2023/09/ 34 KB
34 KB 269ms
267ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2023/09/%E5%BF%AB%E9%80%9F%E6%A0%BC%E5%BC%8F%E5%8C%96%E5%92%8C%E6%A0%87%E5%87%86%E6%A0%BC%E5%BC%8F%E5%8C%96%E7%9A%84%E5%8C%BA%E5%88%AB-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 318fdc7810570346d657fe4d3f6e94d233b0e9cf887617c306e17a2399f1df61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Fri, 29 Sep 2023 05:13:09 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34526
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E5%8D%8E%E4%B8%BA%E7%A7%BB%E5%8A%A8%E8%B7%AF%E7%94%B1-baiyunju.cc-240x180.jpg
baiyunju.cc/wp-content/uploads/2023/09/ 6 KB
6 KB 272ms
269ms Image
image/jpeg 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2023/09/%E5%8D%8E%E4%B8%BA%E7%A7%BB%E5%8A%A8%E8%B7%AF%E7%94%B1-baiyunju.cc-240x180.jpg
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 5a79ea78835e72640066fd66d6e49d6ae584d5cfbc7cf575cf45c6a652f31f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Sat, 23 Sep 2023 14:06:09 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6379
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E6%94%AF%E4%BB%98%E5%AE%9D%E9%A6%96%E9%A1%B5%E9%A1%B6%E9%83%A8%E6%90%9C%E7%B4%A2%E6%A1%86-baiyunju.cc-240x180.jpg
baiyunju.cc/wp-content/uploads/2020/09/ 10 KB
10 KB 288ms
285ms Image
image/jpeg 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2020/09/%E6%94%AF%E4%BB%98%E5%AE%9D%E9%A6%96%E9%A1%B5%E9%A1%B6%E9%83%A8%E6%90%9C%E7%B4%A2%E6%A1%86-baiyunju.cc-240x180.jpg
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: 7b62efd09495904f6013379d997644a46f9db8f9cb1c163fd6e48a7abde1a9a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Sat, 26 Sep 2020 07:25:05 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10535
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H2 200 %E4%B8%80%E5%8F%B0%E7%A9%BA%E8%B0%8324%E5%B0%8F%E6%97%B6%E5%BC%80%E6%9C%BA%E4%B8%80%E4%B8%AA%E5%86%AC%E5%A4%A9%E4%BD%BF%E7%94%A8%E5%A4%9A%E5%B0%91%E7%94%B5-baiyunju.cc-240x180.png
baiyunju.cc/wp-content/uploads/2022/03/ 33 KB
33 KB 289ms
286ms Image
image/png 144.48.143.107
CROSS-AS-AP Cross...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baiyunju.cc/wp-content/uploads/2022/03/%E4%B8%80%E5%8F%B0%E7%A9%BA%E8%B0%8324%E5%B0%8F%E6%97%B6%E5%BC%80%E6%9C%BA%E4%B8%80%E4%B8%AA%E5%86%AC%E5%A4%A9%E4%BD%BF%E7%94%A8%E5%A4%9A%E5%B0%91%E7%94%B5-baiyunju.cc-240x180.png
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.48.143.107 , Hong Kong, ASN135343 (CROSS-AS-AP Cross Geminis Limited, HK),
Reverse DNS: s144-48-143-107.ap-east.sugarhosts.net
Software: LiteSpeed /
Resource Hash: d72d653649e032862cb4e7005a6a3b0b2258a62ede5bc8323155e7612337c406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:07 GMT
last-modified: Tue, 08 Mar 2022 15:30:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33496
expires: Wed, 01 Nov 2023 19:02:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C142 624 B
246 B 85ms
84ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNUqMQyat-6pgx0pEjlzMp23ebNjqnBIliIPtFwEnXpFhpBROit5UwOYeq3w7ZeB2i9iYZBLIMtz_qXINgrcvqi3CfqoK5lzQ2yjwYvVQ2YpvKoCA5ycdyb1Qj73d22VTknH1gn7lwEJ--quFvkeS2RHsM5zqcEMfw98x5etFwQPg25oKoo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&slotname=4389552404&adk=1499268799&adf=1710499955&pi=t.ma~as.4389552404&w=760&lmt=1698253328&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528453&bpp=1&bdt=934&idt=303&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9cTqTOkenu&p=https%3A//baiyunju.cc&dtd=308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&slotname=4389552404&adk=1499268799&adf=1710499955&pi=t.ma~as.4389552404&w=760&lmt=1698253328&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528453&bpp=1&bdt=934&idt=303&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9cTqTOkenu&p=https%3A//baiyunju.cc&dtd=308
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:09 GMT
expires: Wed, 25 Oct 2023 19:02:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1DB0 89 KB
31 KB 144ms
144ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:09 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 1DB0 24 KB
10 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 25 Oct 2023 19:05:26 GMT

GET
H2 200 attn.js Show response
cdn.lamp.avct.cloud/ Frame 1DB0 48 KB
14 KB 94ms
29ms Script
text/javascript 18.239.83.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=839127857176&a=&cp_dspId=dv360&api_frameworks=7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&slotname=4389552404&adk=1499268799&adf=1710499955&pi=t.ma~as.4389552404&w=760&lmt=1698253328&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528453&bpp=1&bdt=934&idt=303&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9cTqTOkenu&p=https%3A//baiyunju.cc&dtd=308
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-125.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 04:48:59 GMT
content-encoding: br
via: 1.1 eb5552d4fb69ca0d0578ffa97b7b08fa.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 16:23:08 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 51191
etag: W/"8a45742518e0e70d41040ddf21529736"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: nZPdibEBa4b9ZlB9hNE1ZMeNAWrRsC1gD2nslMAhjYxiR46eJoXbRg==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1DB0 3 KB
1 KB 77ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1DB0 20 KB
9 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DB0 187 KB
59 KB 108ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB0 42 B
63 B 123ms
123ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhNtXFZbG-ulZJ3aZm04RXEOaEm1DY1K2PsXURf8zvHUfvGXmSYgcG0qbhM8u2A_tMcCDmsX1XwEFRlGK3w6Ifb7VZ0nZ80M45-PbkbKz0PkOMYzc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB0 0
20 B 123ms
123ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13950364194363363406&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C142
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

43 B
773 B

55ms
55ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNUqMQyat-6pgx0pEjlzMp23ebNjqnBIliIPtFwEnXpFhpBROit5UwOYeq3w7ZeB2i9iYZBLIMtz_qXINgrcvqi3CfqoK5lzQ2yjwYvVQ2YpvKoCA5ycdyb1Qj73d22VTknH1gn7lwEJ--quFvkeS2RHsM5zqcEMfw98x5etFwQPg25oKoo
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH8THMFZZ3oFmFnW041OAjJMi%2FKmq70DrU45apGEPfJWUdwmAtBfM%2BZDSFVjBJ%2BTRZVrSDnkKDETVCDHmoGO9NfOyzXyyDm3hC1xqI5avtZSy7QBJf%2BfdTFs7M0jmscK0IC9POm3%2BnOHqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81bcb6580e0d37e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C142
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTlmMRsANWW34YGt4cUCswAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

43 B
738 B

53ms
53ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNUqMQyat-6pgx0pEjlzMp23ebNjqnBIliIPtFwEnXpFhpBROit5UwOYeq3w7ZeB2i9iYZBLIMtz_qXINgrcvqi3CfqoK5lzQ2yjwYvVQ2YpvKoCA5ycdyb1Qj73d22VTknH1gn7lwEJ--quFvkeS2RHsM5zqcEMfw98x5etFwQPg25oKoo
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkahNmk2iP4y8y3mpuVk%2FG0cl1k7XsO3%2B9gQGSxeUJB%2Bmt%2FLp8eLBKJXsMTu%2BooG%2BpzCMVi8zo9p%2FGtYWzpwD1TWZ8sxVD32UB1hMQaK332caEa1CAxnEWfZGEHB%2BQnwNQMDYKVbFc6n3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81bcb6581e2937e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame C142
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEED8Z40oioUIc4HkmGFhkoY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED8Z40oioUIc4HkmGFhkoY%26google_cver%3D1

43 B
888 B

29ms
29ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED8Z40oioUIc4HkmGFhkoY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNUqMQyat-6pgx0pEjlzMp23ebNjqnBIliIPtFwEnXpFhpBROit5UwOYeq3w7ZeB2i9iYZBLIMtz_qXINgrcvqi3CfqoK5lzQ2yjwYvVQ2YpvKoCA5ycdyb1Qj73d22VTknH1gn7lwEJ--quFvkeS2RHsM5zqcEMfw98x5etFwQPg25oKoo

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
an-x-request-uuid: 5092ee00-8c3d-4365-bb32-7720de1a9679
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.27; 217.114.218.27; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
an-x-request-uuid: 40929fae-471d-4e99-b51e-7d63281e8776
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED8Z40oioUIc4HkmGFhkoY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C142
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY3NzQ3MjYyNzcxODM0NTczMQ%3D%3D

170 B
243 B

32ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY3NzQ3MjYyNzcxODM0NTczMQ%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
an-x-request-uuid: 51638c13-f253-413c-81d1-a02bf9b1e168
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY3NzQ3MjYyNzcxODM0NTczMQ%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB0 0
20 B 123ms
123ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7768452709553&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB0 0
20 B 122ms
122ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7768452709553&version=m202309260101&ct=77&x=1&cor=13950364194363363000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1DB0 16 KB
12 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-JXcDq6cWuNqWROClQcA7SFwR25hiHkag_EpQ535dJDqK5FjWh0OEMsJzFSq1B1Xfz3aOVj5zXXPcku5D79WFy7tCTL20eSLQ0aPp9AXc0pG_IT-c8HY9ClPsbEaUwyzWfBLu8cXBPmZf8nM-dMBVxW-j2fJWYHi0xNy3W3Zrmcf6ZUw&cry=1&dbm_d=AKAmf-Cg242yu4_9mXUfzB-aec98qcN_NjFfFZPRVki0OZoCXtx9Db9QSnkHxWYxGKZgjq8euVXxGcSNAmg5V7QKhPPquId9TN8AGftlZ6mvP8_8nxtxx_BtBB-My0rZcRNqc2X67YI0sxvgbHZZjBSKDQKKTDjaftEtS1pftxBtcjk3tWc1n0zLC0PcjxAkEx5VCTEs6hNqIC0Ldni_JA99TKcl42Li1KJk23F7h-tKcjSVbodUCbxkhKdu5caEjmmP6-kfo8X0NmeZkqbk0vBA2RWQVtShKX-ELPmUncg4THwEvi5jVqMwQZz1oPXYtO4ZpjvkRVHp1Z_s2CKpD2k3KM0oo7jtLKYV3ePoLg02kR1lBgiotnpzuzHqbhxvoJ_meieIZX5_5eIpqhU4BjbbclQ2zwvHZbbAjDCV8gm97S4gfd1qc4ERRxednapCz9pTHOhpTZPK87c-vz-wmp76Dh5sDbqr9IpJc3OVZl34BsXZy-iJbkOEv7XeatK0si01w8rcJgA-tifNQ46T_t2A1m0Fwoj0VuG6RyMYYbxgtNxkMTVhMRF2CCuJ0aHYmF8cOJnMz8BuDEG5afppFKpX0yseFe2GvQwCNQ3JHjCF5ckv0gPeRAWdCDfxpOJXbHuDuuw--vWX6fqNskhVPt2ynCogHlhnom2oRImdQgEpTawIT0iCk0pTFK2GuK6QbTu0QSHgmCMGwYC47TzDM9SY_9OOYKJwEVkUdKtMd2_3lnhHw7LPHSc7sZCnATIq9U5lPGD4fYF4_Bp_Oi1KFyXE8R70xPshJVl9pXDsMT4aHIlO5oeg-lWZnL8VbIhpW6ya9J4wC6zcaFbrPK8czrJNLSG4HSOFSF4RCyV_y8x-xLaQ4hXDn9oSZCC-VP-rd7tUJklYfTSiLx6Znf1_OxCXoNbnX7elG3PL_-ZanRc7I4y7su-Lh5SuXi-1wC5HmyT2anLEN9dt916s_3x4PJjDn04nidk_XwZJ5NUKFHK4fCTZeYk7mS7QOBejbu343MoSioT90AGX9XhriTAbTXA2Tlmg7nMTqs4URY-jrBYUBkAiXmF0nJM1uvWlUv4GHU3V6haNMCdWPUZq_pb4IssNRzl5FlyJV37YFBgnPyTK0NcOaM7uzId1KJTz25IJAqRpAAjltsHsM978rXNbDws5CbAwHwDl_nSdu6LzvWgaMqwbxoyui3pU93ZWoIs0hyWd0IMLogShlH6wnTV_AaO8PeaBQccNpy2ifaYLVaA6FXVloJ7vYdyPAzJ5gEr7qbIfMWUeUZuDkDEW11bybqkR48L2_x7eSWS_4eep7_jJgPlc5svVeqnnDIhBrfTKxDN1i6mGiQJXh9Cd7FTlBGfCtr2su90jyeL6kgpy_cSJYtlM7evLdIu3DCjJGmXmlu5LdVqzTdVHqstUHzD65O9fT60GMZSKK94yHz0s49mYZirWjeqZVGW-jXlErM1YwabehGJ_I9327nIRzf9RpytjI8tx4v3iWecUXjcktaBNDm4FMSBxPf_skiAAweRTq_-79qp45LAg8ItHAtND2TXDX8sZ0aPJcUNLZX9lO8AuwXoO1E3fEAqQMbsRNp4OtCXyX3OumMhob0gShHP7WqtUFj6-xbf0npf22YvLiClV-o48IOGTIltQCzxc9g-aAYfFZWlMFekMTXI9pImJCpE1Bbpm_OewxyL3GVppxlrPu5VJ4sDuBs0ByzrItikdIxCAB4ejG-XbnNtgMN7pvzdHsCjTRPN9Xqr4NccJ11SYsT2p_frT7kgMA_oxAAzuuvAaIllS5VrdHTlCXonKjxu54VtzoYiGxseL7_pLi_ytfeRgLpnnKvSHUFRdhY1oUnbaxduEI8Ymf1hqTEo422VygmczSNnlFjyd3-dLxD5iRpTZSD7imMRqpexutocopat3F__1sJpXdAzv8LsO1ujWAnEtPsZ-XmeN1dnyh_sNOkQ-xftsTZvd9PLMW9Aw9MkgRzTEljcRDrOhU7aWf6S56cXJvnr6eJEF__OkKdJ8Q0xIKjRsbscH4Et-kvEgxRdZNT-FTLFLZ7xY1OwRCb9SrjFoQPKy_kz_lZVqm0y-ibsJBOyjFEHnCViykZ7cTN3WIy0GBIZY2XnxOBql2SH4gJp09AIPcZ9-H9HsrVBwZJOUuceWnNeoOLHbL_0MCKK1jJEcDoDrzZsTWTXBkM3bJy4_7VShZhm1WFPmhpV87wGkxBQqqSg3SyjDghbXbRjwAo7rN2w0hLw_62lQ5mRy2w0yG2sY6ob0sUNmcnTUah46Lp2ObS82wXaHSlb9N5gvGqBv1Ydb3DoyoFwxr7gblWCzM3oZVBA1FShxvOAV2FVL18VC7JJdhoB_Ml-tRuT82rB1OH4x2T4en6N435dGPHj41DQwWvn1JC1ZQHFGD5MketT2JTAiUmpXbHnSuBr_s9UI55S1pDHun3T8pqZ15kxRkPHAeEtVHwTcBZ1BxLNpz5_x1mbiOyD405o9CLKYzVruty3sHm6dcgq7ihsIuT0sR1S4C5DgdYjqJ-MZr01FKGiYlCUwrMG843aeShNdfdIBPB_D1Quou0mfcC6PUdu-eVw7bP-n-D8X_1vYDah7v4RtzB2YyPyC8HQNbylCjPgE-UKcJfO9Lz7bUJGl5nHGS20fusglwze-TAg2Np4SXsPdZftZsAEqARrl68u7WzNFUZ33AGuHfWQhDNZqDKgowu3vX1Jz4NSrcKq52kYfIp3Gu2TfQxjIN0pr8m4FDkby5iUqLjQiqRMPcdc6GhfakghDdD-Snj1D6yfW2kBREmkJmjk7q1ExlK7EGFes8lE8wMnGNrV5etAS7YFDPQfd6Cpc3Wj6u3rU4_L9vrsI5x3lC0ScX3F3uvbz1oR2awjZvQvg77GFMfGEjRckLiTuAHsyEu2Juck7zsOygM7t69exzcUz6IGINrIg1WNWpJbsvBLg6T-wprUwlu4X3i6VLz-L9sy-RfrtWC9C7h8woxti0GB2jWni5V1ii0Kd6oimRCHO03gysXaZh2ZYcT9joKYLujsrdJhV08LNJwY75BbLCsHiv4mxy82-lO6RjBMqYDOEkQXyJkqpxDbWulNSLHghCAiwaPYLQLzPFG3rVfJ0OdNYORet9Vk-VFEnYkgQvSAx5weXRvDISQjz3bW2ei4sUKEXDkUE2bwUK7fkd_ux-yvzNoCuH3-t51YDY7nNbv8BdrBDGg1mOZiLyS8d1X2R-WpG0I3GKnu_a92pJASUpMWoyhKOtkYn5O3Man-tIRPXLzsDuR9qP53Dp7P9g8hle9iZ3mPafPR7_iOL8kfVvhtIA2TkwHFszANPs-Vzxjbm69JKkkhh1hLFO4smnSzHcu0wABqeL4-bO3KK7FVvE0VuDpvd9VPv66LFDsw0s0vHDbOWKwJI5DMkrUF15EdHXxyKCiYjJH1rkXs0K0NrKcJ-1guRpH-71T5rr5ElPOw9dKvEhbQj2NJ7x8c-x_LHz9UcDEq05qGmL1ULTBZyukmiQlJ0nM9BVWtoIiaJZZktZ2dN1JG7hWTtIdHUFk4bbgBVJ4xoHVQw0pMJl7i_ljHvhGMiYw7CSAtfqLdO551vPM5MBo8vkFHIH5oh6x-uQvALJ907clAxYbwVXf3lgFAtkdpETci-s0OqfrAZ0mum5w_BVIuSa26vhJWhiKk-5mrNdPn8-xx4ivJ8x-e60GzXU_DhmOeVOQM_yo_fF6npOcOzbTVV-jis9pzc2xakjuNC4VUtt7WZbsIh9SvkFpQ&cid=CAQSSwDICaaNFZEJJI1LyEW92Ny4l7G-JWPySr6W0bUAYEbz5Dk7iLGTHh2q49Za1dlDD1c3wnAEMU3EaHHpVcD1GHYCqKqkbZfDydjouBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=13950364194363363000&adk=2124396030&idt=153&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fcf01d687730d505f5721a2a95ce4bdc5933609011e18d9a8d14baa876d1789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&slotname=4389552404&adk=1499268799&adf=1710499955&pi=t.ma~as.4389552404&w=760&lmt=1698253328&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528453&bpp=1&bdt=934&idt=303&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9cTqTOkenu&p=https%3A//baiyunju.cc&dtd=308
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12200
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DB0 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-JXcDq6cWuNqWROClQcA7SFwR25hiHkag_EpQ535dJDqK5FjWh0OEMsJzFSq1B1Xfz3aOVj5zXXPcku5D79WFy7tCTL20eSLQ0aPp9AXc0pG_IT-c8HY9ClPsbEaUwyzWfBLu8cXBPmZf8nM-dMBVxW-j2fJWYHi0xNy3W3Zrmcf6ZUw&cry=1&dbm_d=AKAmf-Cg242yu4_9mXUfzB-aec98qcN_NjFfFZPRVki0OZoCXtx9Db9QSnkHxWYxGKZgjq8euVXxGcSNAmg5V7QKhPPquId9TN8AGftlZ6mvP8_8nxtxx_BtBB-My0rZcRNqc2X67YI0sxvgbHZZjBSKDQKKTDjaftEtS1pftxBtcjk3tWc1n0zLC0PcjxAkEx5VCTEs6hNqIC0Ldni_JA99TKcl42Li1KJk23F7h-tKcjSVbodUCbxkhKdu5caEjmmP6-kfo8X0NmeZkqbk0vBA2RWQVtShKX-ELPmUncg4THwEvi5jVqMwQZz1oPXYtO4ZpjvkRVHp1Z_s2CKpD2k3KM0oo7jtLKYV3ePoLg02kR1lBgiotnpzuzHqbhxvoJ_meieIZX5_5eIpqhU4BjbbclQ2zwvHZbbAjDCV8gm97S4gfd1qc4ERRxednapCz9pTHOhpTZPK87c-vz-wmp76Dh5sDbqr9IpJc3OVZl34BsXZy-iJbkOEv7XeatK0si01w8rcJgA-tifNQ46T_t2A1m0Fwoj0VuG6RyMYYbxgtNxkMTVhMRF2CCuJ0aHYmF8cOJnMz8BuDEG5afppFKpX0yseFe2GvQwCNQ3JHjCF5ckv0gPeRAWdCDfxpOJXbHuDuuw--vWX6fqNskhVPt2ynCogHlhnom2oRImdQgEpTawIT0iCk0pTFK2GuK6QbTu0QSHgmCMGwYC47TzDM9SY_9OOYKJwEVkUdKtMd2_3lnhHw7LPHSc7sZCnATIq9U5lPGD4fYF4_Bp_Oi1KFyXE8R70xPshJVl9pXDsMT4aHIlO5oeg-lWZnL8VbIhpW6ya9J4wC6zcaFbrPK8czrJNLSG4HSOFSF4RCyV_y8x-xLaQ4hXDn9oSZCC-VP-rd7tUJklYfTSiLx6Znf1_OxCXoNbnX7elG3PL_-ZanRc7I4y7su-Lh5SuXi-1wC5HmyT2anLEN9dt916s_3x4PJjDn04nidk_XwZJ5NUKFHK4fCTZeYk7mS7QOBejbu343MoSioT90AGX9XhriTAbTXA2Tlmg7nMTqs4URY-jrBYUBkAiXmF0nJM1uvWlUv4GHU3V6haNMCdWPUZq_pb4IssNRzl5FlyJV37YFBgnPyTK0NcOaM7uzId1KJTz25IJAqRpAAjltsHsM978rXNbDws5CbAwHwDl_nSdu6LzvWgaMqwbxoyui3pU93ZWoIs0hyWd0IMLogShlH6wnTV_AaO8PeaBQccNpy2ifaYLVaA6FXVloJ7vYdyPAzJ5gEr7qbIfMWUeUZuDkDEW11bybqkR48L2_x7eSWS_4eep7_jJgPlc5svVeqnnDIhBrfTKxDN1i6mGiQJXh9Cd7FTlBGfCtr2su90jyeL6kgpy_cSJYtlM7evLdIu3DCjJGmXmlu5LdVqzTdVHqstUHzD65O9fT60GMZSKK94yHz0s49mYZirWjeqZVGW-jXlErM1YwabehGJ_I9327nIRzf9RpytjI8tx4v3iWecUXjcktaBNDm4FMSBxPf_skiAAweRTq_-79qp45LAg8ItHAtND2TXDX8sZ0aPJcUNLZX9lO8AuwXoO1E3fEAqQMbsRNp4OtCXyX3OumMhob0gShHP7WqtUFj6-xbf0npf22YvLiClV-o48IOGTIltQCzxc9g-aAYfFZWlMFekMTXI9pImJCpE1Bbpm_OewxyL3GVppxlrPu5VJ4sDuBs0ByzrItikdIxCAB4ejG-XbnNtgMN7pvzdHsCjTRPN9Xqr4NccJ11SYsT2p_frT7kgMA_oxAAzuuvAaIllS5VrdHTlCXonKjxu54VtzoYiGxseL7_pLi_ytfeRgLpnnKvSHUFRdhY1oUnbaxduEI8Ymf1hqTEo422VygmczSNnlFjyd3-dLxD5iRpTZSD7imMRqpexutocopat3F__1sJpXdAzv8LsO1ujWAnEtPsZ-XmeN1dnyh_sNOkQ-xftsTZvd9PLMW9Aw9MkgRzTEljcRDrOhU7aWf6S56cXJvnr6eJEF__OkKdJ8Q0xIKjRsbscH4Et-kvEgxRdZNT-FTLFLZ7xY1OwRCb9SrjFoQPKy_kz_lZVqm0y-ibsJBOyjFEHnCViykZ7cTN3WIy0GBIZY2XnxOBql2SH4gJp09AIPcZ9-H9HsrVBwZJOUuceWnNeoOLHbL_0MCKK1jJEcDoDrzZsTWTXBkM3bJy4_7VShZhm1WFPmhpV87wGkxBQqqSg3SyjDghbXbRjwAo7rN2w0hLw_62lQ5mRy2w0yG2sY6ob0sUNmcnTUah46Lp2ObS82wXaHSlb9N5gvGqBv1Ydb3DoyoFwxr7gblWCzM3oZVBA1FShxvOAV2FVL18VC7JJdhoB_Ml-tRuT82rB1OH4x2T4en6N435dGPHj41DQwWvn1JC1ZQHFGD5MketT2JTAiUmpXbHnSuBr_s9UI55S1pDHun3T8pqZ15kxRkPHAeEtVHwTcBZ1BxLNpz5_x1mbiOyD405o9CLKYzVruty3sHm6dcgq7ihsIuT0sR1S4C5DgdYjqJ-MZr01FKGiYlCUwrMG843aeShNdfdIBPB_D1Quou0mfcC6PUdu-eVw7bP-n-D8X_1vYDah7v4RtzB2YyPyC8HQNbylCjPgE-UKcJfO9Lz7bUJGl5nHGS20fusglwze-TAg2Np4SXsPdZftZsAEqARrl68u7WzNFUZ33AGuHfWQhDNZqDKgowu3vX1Jz4NSrcKq52kYfIp3Gu2TfQxjIN0pr8m4FDkby5iUqLjQiqRMPcdc6GhfakghDdD-Snj1D6yfW2kBREmkJmjk7q1ExlK7EGFes8lE8wMnGNrV5etAS7YFDPQfd6Cpc3Wj6u3rU4_L9vrsI5x3lC0ScX3F3uvbz1oR2awjZvQvg77GFMfGEjRckLiTuAHsyEu2Juck7zsOygM7t69exzcUz6IGINrIg1WNWpJbsvBLg6T-wprUwlu4X3i6VLz-L9sy-RfrtWC9C7h8woxti0GB2jWni5V1ii0Kd6oimRCHO03gysXaZh2ZYcT9joKYLujsrdJhV08LNJwY75BbLCsHiv4mxy82-lO6RjBMqYDOEkQXyJkqpxDbWulNSLHghCAiwaPYLQLzPFG3rVfJ0OdNYORet9Vk-VFEnYkgQvSAx5weXRvDISQjz3bW2ei4sUKEXDkUE2bwUK7fkd_ux-yvzNoCuH3-t51YDY7nNbv8BdrBDGg1mOZiLyS8d1X2R-WpG0I3GKnu_a92pJASUpMWoyhKOtkYn5O3Man-tIRPXLzsDuR9qP53Dp7P9g8hle9iZ3mPafPR7_iOL8kfVvhtIA2TkwHFszANPs-Vzxjbm69JKkkhh1hLFO4smnSzHcu0wABqeL4-bO3KK7FVvE0VuDpvd9VPv66LFDsw0s0vHDbOWKwJI5DMkrUF15EdHXxyKCiYjJH1rkXs0K0NrKcJ-1guRpH-71T5rr5ElPOw9dKvEhbQj2NJ7x8c-x_LHz9UcDEq05qGmL1ULTBZyukmiQlJ0nM9BVWtoIiaJZZktZ2dN1JG7hWTtIdHUFk4bbgBVJ4xoHVQw0pMJl7i_ljHvhGMiYw7CSAtfqLdO551vPM5MBo8vkFHIH5oh6x-uQvALJ907clAxYbwVXf3lgFAtkdpETci-s0OqfrAZ0mum5w_BVIuSa26vhJWhiKk-5mrNdPn8-xx4ivJ8x-e60GzXU_DhmOeVOQM_yo_fF6npOcOzbTVV-jis9pzc2xakjuNC4VUtt7WZbsIh9SvkFpQ&cid=CAQSSwDICaaNFZEJJI1LyEW92Ny4l7G-JWPySr6W0bUAYEbz5Dk7iLGTHh2q49Za1dlDD1c3wnAEMU3EaHHpVcD1GHYCqKqkbZfDydjouBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=13950364194363363000&adk=2124396030&idt=153&cac=0&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H2 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 1DB0 57 KB
23 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 18:19:14 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E1B7 38 KB
13 KB 31ms
24ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B30678728.378094554;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=2124396026;ord=9f2971;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmo9TMGY5ZZP-MLaj-cAP_pSz4A39ntCuc_PN7bb3... Show response
ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/ Frame 1DB0 77 KB
32 KB 229ms
154ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=2124396026;ord=9f2971;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmo9TMGY5ZZP-MLaj-cAP_pSz4A39ntCuc_PN7bb3Eb_Kor3AARABIKq_tSFglYKAgKAHoAHf6MuwAsgBCakCBmGgCJTKsT6oAwHIA5sEqgSDAk_QMXLaxeOjS2V6mu_-sztjWptHKxPaPX1T1QexR6l9R2u-u7niKV9T-tcqmVsLTQNQ_9CasqOG_S3opjnyrM92SgqHSFOJD-UFxySPQsUmpEKag6j-KNZOQCqTqX5ANunWpDiPaXiRNSBmjMbmc91ex7PJz3w_wEoz6lUr-4bAoTQpOdc1MhfY6vcSWHbEv4K2aVhLg4MahRx4YHdUTeQIeoO2OsF_z_Ygpgu6QFIER-QSrvmFpocoKok9eBZ0wJA6mzk1jvYLP7R46ecDLnAX0YlzCW4Pym277BpLBeYrbe_i-ooY8WGLQp4sHWPO8uO0olCzZj7-d2O5WoBfO9YD-vPABNu_jY69BOAEA4gFv5XJ50yQBgGgBk2AB4mXtM8BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERbAT89GDFcgTp8_X4wPQEwDYEwrYFAHQFQH4FgGAFwHoFwU%26num%3D1%26cid%3DCAQSSwDICaaNFZEJJI1LyEW92Ny4l7G-JWPySr6W0bUAYEbz5Dk7iLGTHh2q49Za1dlDD1c3wnAEMU3EaHHpVcD1GHYCqKqkbZfDydjouBgB%26sig%3DAOD64_3qhHc3-R1tEQ4K0R0QJPwB0N1TKg%26client%3Dca-pub-9529152553031266%26dbm_c%3DAKAmf-AAxaV0xM6kJdo19cLcTj8owzyXRIBS18IGmsWbd2vkFmora_9aBqrbQmNbDPLtNeF35UH-jyyQMkgMovCubLgRhRYCY_XTv7sP5zsVHk7ns3O3AL4CkCSbuo2STB1v3JWNlcI4wbrFHcuqMjui6mvLxA-A-IA5cEnO6iRrUCKYdnTgc0A%26cry%3D1%26dbm_d%3DAKAmf-ACQoP8s9lvLOLE0owFVT15fdsv9yTlxEGtP1Zkedaw2kKQGwMTaAtrDXRA7pdf6wijb6d3-2jYoCg6Fb9o1xwKv1CTkE2yqW7xCIYKTZklSE9rBLLwTxtH1ZMYlJUYRpIYBnAvca_d2Mi2aupnHeTag_wdYf_ZwjwQ-8HEHgEjwUya8KaXK4npXqMsC0HMfJpUNKKhbMA6FxKNlwZ1RNupt4LfXSKY-MVLDNavatRD0L8aUToFLWa-Lt3JxQGliskqNJFV024Iq9lrSF-JVLe9z1K-dGYvILQyaBm61UTwKxmNPCZynVaclvAhGhJJtMsdE0KdX-C8TMKfFT6KnYYUrvRqwJrRuhpuRRSaKfJCz-4tWyZioaLJLWAPVTMQpR4qh1UJKz3EySrNjnS6TRIlfjZc0G29SZv1LxeVjXIZdjuoNmJbUSTu8MenIH6fzY-ELfnVBsJUWtdh8WCryIs2d2UVA8P0fIj4vUOgOjPBAFMyLr2LkMN549kySEd9f4P_0fNI11tCg9KGGTZjJn5RKw7mgs2kP-LRyFPdmeupqs4QD2U%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fbaiyunju.cc%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=FTK1.UG.7T;stc=1;chaa=1;sttr=49;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

7fde918e6fe89a653cb87021f5e8799273ee1edcd0ff6c0f52e4d11f429dc157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32497
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame E1B7 38 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A19 42 B
63 B 122ms
122ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcSG2U2oiRhzEv6MKtgluN__becZBRGOC3FsAbU_RJHxJBOfJpneWg5C4wWhmE8oqJgo_jN35yPPWFoSkFONa8KT3xJKXybmdZBbtItXsCsk_v0Ac

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=600&slotname=6930711991&adk=119653711&adf=2344892108&pi=t.ma~as.6930711991&w=300&fwrn=4&fwrnh=100&lmt=1698253328&rafmt=1&format=300x600&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528454&bpp=1&bdt=935&idt=309&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x90&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=Xh4iNOZQFt&p=https%3A//baiyunju.cc&dtd=313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F6AD 624 B
245 B 86ms
85ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCr9p65Axi147f3ATAB&v=APEucNUHvfNQweg74EEJUspbz14cppeeT31nFPh7kuWvFjb4M777ntqC9JCB1T9Uud65X0rW-EklDsN_8pfSZxeGzAKxxB3TBKFMh4kBwcC-yn0j-kWIfpcGkeNKSoKM0m99m-j7D1fBUTT-RQ8NRPelWs8HF-0qLuqHLuXuq2WRiQMKQFWDTM0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=600&slotname=6930711991&adk=119653711&adf=2344892108&pi=t.ma~as.6930711991&w=300&fwrn=4&fwrnh=100&lmt=1698253328&rafmt=1&format=300x600&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260528454&bpp=1&bdt=935&idt=309&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C760x90&nras=1&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=Xh4iNOZQFt&p=https%3A//baiyunju.cc&dtd=313
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:10 GMT
expires: Wed, 25 Oct 2023 19:02:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7A19 111 KB
39 KB 121ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 7A19 7 KB
3 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:51:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 7A19 23 KB
9 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:51:48 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A19 41 KB
14 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7A19 3 KB
1 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1B7 0
20 B 159ms
159ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiCh2MWY5ZdqcM4qQjuwPz-mW4AQAAAAAOAHgBAI&bg=!Z2SlZCvNAAao7_3LiO87ADQBe5WfOMXSEcxWEFCUv3Xr_uER_vNUqgAjjgA6XLeBZoQXX2bl2WbR7Tv-UJVWtKKaAnC_AgAAAFJSAAAAAmgBB5kDC1QFd6sRuFVl--qu6L8Prsy-l7q6Nq9PpUjkxXUldHm0B4oqSC82n4vBAQnn1cCUKiBiHu9TzaRecYC_zWDqn7uHpbW7i0wAwg4HXpkg33fctD9py6ydH-u7pZ7rRhCf3zjoQN-gQgcl7VctCbcg-32WpdkshgQE_oQK1M83vlLpnlscgJebr08a6QQx4-5ozLD2F-AnNsnOfGJrLv9o96HJkCpQdQN2EZSomymwANXeuQ2sd4oBstienLE_BjhYvKSWarj3R6M-nnCk9-9upckSSsK51iMYfysHPtbte2XFinKR3LD0pIKIlmDvN1lgmDCHb-y5IZOATeGimV1HGaYQ60N3dC0x5kj7ljbPDRBy9Q5_GhS2dHaBu9zv-xXPmZBP0rOjhB-yUh2MhM64ftcfBaZ5B7twcQCleMucCOMwMwYqje8A6Qvuzvu9xF0yVECRn150GXNERu4qOSvz74cPBCuMfGBkQAEOUhd2vjaF0iRCaPdASjgjCHflu01DIMG8spQqhqvuquqe1wcI8vK6cA7qBxGLjHwXQn9KsLyeCQpgPMqOHviHRIbd5xlcgUZkL16FPC3tb9JTVQMh2p18Wr2iSBhE8sgj_k5ExLDS7uCZ6FhWPRyZmVqA2i3t6pRUdr3Dot-QlK6axrUJph2mfzeZdlj5B2XgUL8kewFnaauAY5bGsiUAalHOnx_y3NG0zmfDmjb-NuQhWAI8SOsMATNgcp_MMU4n2NNELENSHdZFi8YknnQUqmeJL9WRc6Kk8OnWtRYiY-8XyANcZI_AlXbPJlPW4GCujI9AaCd6mvHaPxRav6qXUF5gG5pPBZJ31RmYm4YKp0r5M9cok1ar0Hdr9cF7eheH8K47Cp7uDLL9uQNH2LSRLF0XDWmoKV2fEbt5VjU10Iyr7Te3kKiGZygNpp23Sc1m7LF9_uuvK263zGU-B3eas9BabfpZqn-BKRPBnRDPFQwF_ulBb_Wk6hDOHUgVlHEBrLsznDxtMmoUi7Wpk0XOP0H0JATjrrU5WGjQFhgO_U2n

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7A19 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A19 187 KB
59 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:10 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F6AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

43 B
731 B

47ms
46ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCr9p65Axi147f3ATAB&v=APEucNUHvfNQweg74EEJUspbz14cppeeT31nFPh7kuWvFjb4M777ntqC9JCB1T9Uud65X0rW-EklDsN_8pfSZxeGzAKxxB3TBKFMh4kBwcC-yn0j-kWIfpcGkeNKSoKM0m99m-j7D1fBUTT-RQ8NRPelWs8HF-0qLuqHLuXuq2WRiQMKQFWDTM0
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aquhzMZ1O8swzmEsLXNcnt4hOHdDL%2BIbVPKgNH9GntKLtuh0xaziBqtBtMs6%2BrwqEtbsOjvH0BWOL1WaLPPWdtqFA978iGkTGCxE8D1WcLJ0B6eI6ktvmZaG%2F2lSvJHs28FfeZgJyYtGcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81bcb65a3a8337e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F6AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTlmMRsANWW34YGt4cUCswAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1

43 B
732 B

43ms
43ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCr9p65Axi147f3ATAB&v=APEucNUHvfNQweg74EEJUspbz14cppeeT31nFPh7kuWvFjb4M777ntqC9JCB1T9Uud65X0rW-EklDsN_8pfSZxeGzAKxxB3TBKFMh4kBwcC-yn0j-kWIfpcGkeNKSoKM0m99m-j7D1fBUTT-RQ8NRPelWs8HF-0qLuqHLuXuq2WRiQMKQFWDTM0
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMAFxzy11DyfsecZ0HFDgpRGj24m%2BmIAcGEWGF0cLVSQAOnPNP72HSanzImUswZpIxvnfCMcVJIAB5IPNxvkCDaGYfyibVuBPXd%2FdhYesqgzGdXJZ2R1FoQue0BUS3CsNPR7Jg36C%2F19Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81bcb65a8b1b37e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUjHFvHdrOp20qpQZo4Slo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F6AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEED8Z40oioUIc4HkmGFhkoY&google_cver=1

43 B
842 B

36ms
35ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEED8Z40oioUIc4HkmGFhkoY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCr9p65Axi147f3ATAB&v=APEucNUHvfNQweg74EEJUspbz14cppeeT31nFPh7kuWvFjb4M777ntqC9JCB1T9Uud65X0rW-EklDsN_8pfSZxeGzAKxxB3TBKFMh4kBwcC-yn0j-kWIfpcGkeNKSoKM0m99m-j7D1fBUTT-RQ8NRPelWs8HF-0qLuqHLuXuq2WRiQMKQFWDTM0

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
an-x-request-uuid: 02533d5d-c0a8-42d2-92e8-d39f2e604cf0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEED8Z40oioUIc4HkmGFhkoY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F6AD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NzY4MTA1NDY5NTUwNTA4NQ%3D%3D

170 B
188 B

36ms
35ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NzY4MTA1NDY5NTUwNTA4NQ%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
an-x-request-uuid: 0fa0a4fb-0044-417e-b69b-b852e410e541
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1NzY4MTA1NDY5NTUwNTA4NQ%3D%3D
x-proxy-origin: 217.114.218.27; 217.114.218.27; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A7EA 38 KB
13 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1DB0 111 KB
39 KB 58ms
45ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 1DB0 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=2124396026;ord=9f2971;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmo9TMGY5ZZP-MLaj-cAP_pSz4A39ntCuc_PN7bb3Eb_Kor3AARABIKq_tSFglYKAgKAHoAHf6MuwAsgBCakCBmGgCJTKsT6oAwHIA5sEqgSDAk_QMXLaxeOjS2V6mu_-sztjWptHKxPaPX1T1QexR6l9R2u-u7niKV9T-tcqmVsLTQNQ_9CasqOG_S3opjnyrM92SgqHSFOJD-UFxySPQsUmpEKag6j-KNZOQCqTqX5ANunWpDiPaXiRNSBmjMbmc91ex7PJz3w_wEoz6lUr-4bAoTQpOdc1MhfY6vcSWHbEv4K2aVhLg4MahRx4YHdUTeQIeoO2OsF_z_Ygpgu6QFIER-QSrvmFpocoKok9eBZ0wJA6mzk1jvYLP7R46ecDLnAX0YlzCW4Pym277BpLBeYrbe_i-ooY8WGLQp4sHWPO8uO0olCzZj7-d2O5WoBfO9YD-vPABNu_jY69BOAEA4gFv5XJ50yQBgGgBk2AB4mXtM8BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERbAT89GDFcgTp8_X4wPQEwDYEwrYFAHQFQH4FgGAFwHoFwU%26num%3D1%26cid%3DCAQSSwDICaaNFZEJJI1LyEW92Ny4l7G-JWPySr6W0bUAYEbz5Dk7iLGTHh2q49Za1dlDD1c3wnAEMU3EaHHpVcD1GHYCqKqkbZfDydjouBgB%26sig%3DAOD64_3qhHc3-R1tEQ4K0R0QJPwB0N1TKg%26client%3Dca-pub-9529152553031266%26dbm_c%3DAKAmf-AAxaV0xM6kJdo19cLcTj8owzyXRIBS18IGmsWbd2vkFmora_9aBqrbQmNbDPLtNeF35UH-jyyQMkgMovCubLgRhRYCY_XTv7sP5zsVHk7ns3O3AL4CkCSbuo2STB1v3JWNlcI4wbrFHcuqMjui6mvLxA-A-IA5cEnO6iRrUCKYdnTgc0A%26cry%3D1%26dbm_d%3DAKAmf-ACQoP8s9lvLOLE0owFVT15fdsv9yTlxEGtP1Zkedaw2kKQGwMTaAtrDXRA7pdf6wijb6d3-2jYoCg6Fb9o1xwKv1CTkE2yqW7xCIYKTZklSE9rBLLwTxtH1ZMYlJUYRpIYBnAvca_d2Mi2aupnHeTag_wdYf_ZwjwQ-8HEHgEjwUya8KaXK4npXqMsC0HMfJpUNKKhbMA6FxKNlwZ1RNupt4LfXSKY-MVLDNavatRD0L8aUToFLWa-Lt3JxQGliskqNJFV024Iq9lrSF-JVLe9z1K-dGYvILQyaBm61UTwKxmNPCZynVaclvAhGhJJtMsdE0KdX-C8TMKfFT6KnYYUrvRqwJrRuhpuRRSaKfJCz-4tWyZioaLJLWAPVTMQpR4qh1UJKz3EySrNjnS6TRIlfjZc0G29SZv1LxeVjXIZdjuoNmJbUSTu8MenIH6fzY-ELfnVBsJUWtdh8WCryIs2d2UVA8P0fIj4vUOgOjPBAFMyLr2LkMN549kySEd9f4P_0fNI11tCg9KGGTZjJn5RKw7mgs2kP-LRyFPdmeupqs4QD2U%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fbaiyunju.cc%2F$0;xdt=1;dc_omid_p=Google2;dc_sdk_apis=7;crlt=FTK1.UG.7T;stc=1;chaa=1;sttr=49;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:50:53 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DB0 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H2 200 63c51e1aeaeb06ed73452eca
measure.lamp.avct.cloud/measure/ Frame 1DB0 0
0 162ms
48ms Fetch 34.240.213.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://measure.lamp.avct.cloud/measure/63c51e1aeaeb06ed73452eca?mid=651e6b2507e337ed959d3bc2&mt=1&d=baiyunju.cc&c=0&r=0&evid=af664a87-5211-4cec-8b38-9f4e2703bccc&vmet=IntersectionObserver&seq=0&sev=start&sst=2023-10-25T19:02:10.222Z&h=90&w=728&sh=1200&sw=1600&sah=1200&saw=1600&vsum=0,0,0,0,0,0,0,0,0,0,0&vmax=0,0,0,0,0,0,0,0,0,0,0&trk=false&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=839127857176&cp_dspId=dv360&vts=
Requested by: Host: cdn.lamp.avct.cloud
URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=839127857176&a=&cp_dspId=dv360&api_frameworks=7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.240.213.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-213-30.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
content-length: 0

GET
DATA 200
OK truncated
/ Frame 1DB0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4efd444cfadc0fa73be14c7118b0d2309ff87de575e16af032cc5fcf4bfe4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7A19 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faa1e1e9558c409f2cadecca7ee6446dfba3415dd14f4adeec648842cd58822d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame A7EA 38 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F660 38 KB
13 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 128 KB
35 KB 70ms
23ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8551007820252eebdec56c40904ed0302702999d706f473dee28d6ea5cb45f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 111425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 35688
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 12:05:05 GMT
expires: Wed, 23 Oct 2024 12:05:05 GMT
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A19 0
0 129ms
68ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLvElgR9xDZXBGEXWIBcP69KPV-sqB0Z0KdE4pXFQLzklRkK7lVtROMvkAXxAN6hgqpUdklJTI__vnHhouaHh_L4napHDtamJVAHxT8Xcf49hMTndSmpGPMtYyyM2VQy59CmHtAjNmBLiFa5rFl7EAPOsXKLYSbwQ3HctWPOn7mYgpTZVxTIUXviVXV7_QwxnQUoDktzslVC-11N0gX8bvP9iXYLMh2gBUvT-jZTR9eIu_Ta_hecaK1a-NHWS9LzGlXUfaYJpRVMXKjyntWm0hTNxnH32jADIqrxsmMu8hS8_XgD2XAjx43meIyDrkUk3uRcJyJ5MyNwczkUXx99GNO2CCcwpqZXxV5slvX_AzRbm6iPFJQFiwDN7tX7qnAKRlP3qjZEPQP6c1iTxi5_jsrxtVpZf9sJajtXziFOSoX31tpiTarF3Ldew3o2YRrsKPc-LTOnukOIavFWjYmypfWgqu-xREzUWDWLH7AyjyHjrGR_8RFpmKXJUGdFxg2v6NAv3MUEskoe51iapDFr0Zm8tpNXJDdRlxBANDbdYSvFQeZqmCQ_KcTPGDszDuWFjVvoXNyF0yT88oDQTMdHFcvfrmf9IZVrfMiE8eav81kK1Dq5gsRT2TBAignf3GpCgYeBU7CchJVOh9SpTHSQa5l-vG8JXlvsTmj-uvY15V5mR32i42bZ2VltBvb__Q7sTJm1T3eEnLYOovNmpe6Yxc_b3p1hrrll5mOo27WI9jhw8_J3F_xvXR9LERh0I7tm-VtHKWB7Zhmchfnzem5V6PbVS7zSkz6e7U9NmGyvz23vXUkT6aWXMRyMsbrL0fVhCdCYNWRSXabuXYKPawkczAGgTE_0Fd98y3OgbFMOOQpO6wxTNNn9qfIEsRXObZe5T_idGGAD01vJjbdSlbQT716MgsANoBt9wmNHwWEHtO8v8t5euG3u651m6R7vvmUfvunPXUDTfpEa7GljIcMENqfv7QvDtWUTWjpEZj6RxE9xtsuUshO4bJ0OwRJA7PEBXyo09CCobliGshTxp7MQUToJjLYrz7bziCuJ4ynE0T_HyRFagdjzCgHohs_IMK_IMrarhI-0agBCfc7S8TcQYxEizZ9_sokV0y9m7F9hn4BwG-_NqGkUoFHkfS5lzIVra8MLB7VWouBkO0f7nF1tW1DynUdVV1YEEUeGqcesVPfYU4dDp5HhqdVkKZ4757x0KabCQSdZ5-n-0BpivLLyzRPfwuvsSwJ-RFEz1t22Y1ldy8txfln2t-li4&sai=AMfl-YRTUJicGTC12Wh7bPcbp2DqpBk2L4vJaE270HhaqRAmpIegpKrTDxhg9bTrSYjiwGgQje9AzJ-CB2JHsn2xUwO1EFreKOP5pS_tLUIZr452yI0bNhCYmYSnDw-sW1fUyWLrlewttyMcpt4V3VybVAMSo0382Rje1But8NAkRy-BD0bLduDEp5JxZriWs-xXYcarIkDGXWLjlsEiDkUK1Off92vYs6xUwxL_PBzAyuE72mZ-bTTIwXd40szuvaiXjwz3aAFChSjYMX_l9WXFxJYJY0LDLnzypXOevi9brI1soYMk3Kd-dcvkqjlrqZnrEloL7DYMAyiw-bYgil-4shSuG6j50uDwjcVl_1H8pGoZ_5Ezdx0AT3MyWkgyENYqtm0vyJ-48ACWij8Gyt6dbJ2y0qX8R3e9PjZQsc9tETQmp_pIpzTtnUWoZk1gRvc8Uec7rQ-2s1P2WMOOQo4OExeJU3Tu-nyGhh6_AXCV-c37yjU&sig=Cg0ArKJSzEt0Mdf1POZnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=202&cbvp=1&cstd=196&cisv=r20231023.71447&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DB0 84 KB
31 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34919c057f7b9564b2788b1996fdc16587e4ec7c0bea30d460be08f30390ce5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31502
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060843674074"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:10 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 6 KB
2 KB 62ms
22ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abdeff3f6b80e43233abe7678ac77ae09b4e04abbc10ad9cae8f472b8c12d151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 248253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2089
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 22:04:37 GMT
expires: Mon, 21 Oct 2024 22:04:37 GMT
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DB0 0
0 114ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUBNt3wWp9su3gjYZ95Tt-n8kPtyF5UXdigHHj2pq4gHG1VgsETto9wGfC4lk1AbT6q7hX0vNd7iGJ3kZ90W6kBJstcHqcFkHTdCItzG8PmUv1gPzRZqIWkB3xERZOOBcTjvRk2t99PqLj0Ge1ZvFUlqugG79xVSZB&sai=AMfl-YTZKBwCJJJRWaxB_xPRDoX9BtBcZY5ZpWtTqYrC2EzHxDxIJHP9miKSvPb7KFfuZd1-yteprnu1YXlFAyPQyzyZSzi3fmV6VXDQNw&sig=Cg0ArKJSzHEyjgPtYo6bEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=117&cisv=r20231023.86199&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 1572ms
443ms Image
text/plain 104.193.88.77
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://baiyunju.cc/
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.193.88.77 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 19:02:11 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H3 200 qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js Show response
pagead2.googlesyndication.com/bg/ Frame F660 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15077
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:52:44 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7ED0 236 KB
63 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:02:10 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 9 KB
2 KB 24ms
23ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a14d925b35bb3035cc21f39d7f34f8d83e5b1b2ad0bdc965d9d5e2ff7922fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2264
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:37 GMT

GET
H3 200 _preloader.gif
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 673 B
700 B 23ms
22ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_preloader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:38 GMT
x-content-type-options: nosniff
age: 248252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FF71 172 KB
5 KB 83ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Source+Sans+Pro:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,900,900italic|Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto+Condensed:300,300italic,regular,italic,700,700italic

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc66eb654c8c9619b73b5de4f6b61bb531466d0c12aca0ab699db11a4fc03ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 19:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 18:58:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 19:02:10 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame FF71 32 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 17:05:58 GMT

GET
H3 200 _728x90_bg1.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 15 KB
15 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d921015568f0a3b71ce30f6efad2fe3cfcdeaa9c17a683946e13d0924748da94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:38 GMT
x-content-type-options: nosniff
age: 248252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15762
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:38 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DB0 0
0 59ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUBNt3wWp9su3gjYZ95Tt-n8kPtyF5UXdigHHj2pq4gHG1VgsETto9wGfC4lk1AbT6q7hX0vNd7iGJ3kZ90W6kBJstcHqcFkHTdCItzG8PmUv1gPzRZqIWkB3xERZOOBcTjvRk2t99PqLj0Ge1ZvFUlqugG79xVSZB&sai=AMfl-YTZKBwCJJJRWaxB_xPRDoX9BtBcZY5ZpWtTqYrC2EzHxDxIJHP9miKSvPb7KFfuZd1-yteprnu1YXlFAyPQyzyZSzi3fmV6VXDQNw&sig=Cg0ArKJSzHEyjgPtYo6bEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=286&vt=11&dtpt=167&dett=3&cstd=117&cisv=r20231023.86199&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A7EA 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bl3U0MGY5ZaWrMeO-iQapgp7YAgAAAAA4AeAEAg&bg=!zc6lzoHNAAao7_3LiO87ADQBe5WfOGaJ67AlzPFrbOvn5ubhYwdMOqDSQ056bdzTpCYbeqvVJwqAT2ERmtPS37zEoIZpAgAAAIZSAAAABGgBBwoAtIBrr5w5GWEXz9jK7EMtPdL472RUWFPCN8XFlnNwJxRaGoPUqB4FrIW_KpL1gztFCzPxI0XOfKOACvCGC7Aw1pLEfPNl3egTCuJCi-ZlJJrIakCLqrnBzfKpZ77ZAmWlgXCxIpFZV2ONNDLCwc-WxiFQ0zybFqJm4ZBlPISJLr8qbwWXVBbTYRk3tHxKSO0LuoiDY_kILt3tPKhchqotLCL0Q99pv0wqhPJLqm2xhk7rd-MSupkC01tx6GHUx8jHNJkzKIjWQAo0Rw7GkUxF1cPHbQb90RdaiHtyWvp5k2R7NEtQHjdMDpMYMguSK6-B35cdYrBP0X85RkLKyJeDu5k10tVCK6nQuwkRyYwE2dQGoPGGCU6Quc7XdOqn4WasSUn-FA2zziZoUVfsrgb9PsxWqOmfS2d8D6FU8ToXjfk4_c9GRz9YiRKGzGraN9JRzQs0YSz4BMdCnRudOeWWQ5HvsWwtVjtHsD7OtvZ4bHAptjTuBQCW7n932gDiRHglpGz_oB_do2FahZabnT6qHVJYLk5RkSU7QZVMHTUs4EIdx_M-EC4n148G-32Oc1BsRbTYIpylDR6EPj6AeBVI8rZAmLT5oYyt-73i1s3Zsw14aqXZVgraDzVOvQEZpBYbuZ5trb7MXgF7Ox29SjPTqhyHwKDEG0zAPXXQTFGO7w6shbfOE0r-9LcHZ2wLib7WYMKpFpaw_vLAN3EQxGIX_94sC7VmWi1oqqBv_bvDsGPdqM84Xb347oJRZ8yZtg68N2Ktls3lAxKi_cySBvTcg7W8iA_uKUaBtD_fXVO-sq9Yu843KkCMZFzB7-ETOrDd4T4fFgFz040B226YvluRnZleJrhKkkWWDl7rKy-L43RKvmK9uIdId4WdnmuKu1FvRXf5p6x0oKzpTmGXbML8JNMnyu95U5_h9p1ARNIFDho4sPx3fJNPPrktP4Hunp_OA9hRLM5wWisbGzgQ-csZYXS8Tn1ZpyJua687fozJdBmLJCOATBOCYzetM5MkjCruO657KrSbpSsgZmDgddg1lfQHwKC5DnZIPqD1g4792pe5yuz2xd0eZ-oBj0V1vS0FnTOUgD3AFFWOmF1LjB-ISQhaG0Gwal7d70AGdsYo5r_OPvZPuyviy-wLQfAk4fRIbRjQOn4dibjtRBNnCbRP6iN0eBl_eyXBqTlDXy2lMOsNFrl8QA7Gbwqj_w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame FF71 50 KB
50 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Source+Sans+Pro:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,900,900italic|Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto+Condensed:300,300italic,regular,italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:07:48 GMT
x-content-type-options: nosniff
age: 3262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 18:07:48 GMT

GET
H3 200 _728x90_bg2.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 16 KB
16 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg2.jpg

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d288569d31c44c2b5bf3971e7c4acab9d27401efb7212afa97b10e3e3ccbffab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:38 GMT
x-content-type-options: nosniff
age: 248252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:38 GMT

GET
DATA 200
OK truncated
/ Frame FF71 477 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f6b3ec28a1d7b69953e2eeda4ddc2a0739434199bf59b06a1d13a77a3230219

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF71 15 KB
16 KB 46ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 158403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Oct 2024 23:02:07 GMT

GET
H2

200

src=12067520;dc_pre=CL6_pr3xkYIDFTNGHgIdLz8Pfg;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=970014569...
adservice.google.com/ddm/fls/z/ Frame FF71
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12067520;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=970...
https://ad.doubleclick.net/ddm/activity/src=12067520;dc_pre=CL6_pr3xkYIDFTNGHgIdLz8Pfg;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_conse...
https://adservice.google.com/ddm/fls/z/src=12067520;dc_pre=CL6_pr3xkYIDFTNGHgIdLz8Pfg;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consen...

42 B
401 B

146ms
94ms

Image
image/gif

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12067520;dc_pre=CL6_pr3xkYIDFTNGHgIdLz8Pfg;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9700145698183472

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=12067520;dc_pre=CL6_pr3xkYIDFTNGHgIdLz8Pfg;type=vp;cat=pf2_srim;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=9700145698183472
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Element_8.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 225 B
252 B 24ms
24ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a31237962212315139c1838629c844bf56bae219180288cdbac5606cbdb7a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 Element_9.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 204 B
231 B 31ms
30ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_9.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ae98d93b1c48b9e5bddf293cbde5b07c4fdb3aca41a4cdc940aacc3ab982a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 Element_7.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 119 B
146 B 32ms
31ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb821cddab32db0243ba7756678d7409a7fe410f599c6ee8da2f8384e5253ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 Element_6.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 265 B
292 B 30ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64752f3602b7d74fa7d2a2472e125b734100935adf636333ef30dd2f875294d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 Element_5.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 220 B
247 B 28ms
27ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e03854a496645e86e806d686ae5cc80518f2ddeb0d77fd428b55f5336a31cdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 Element_4.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 265 B
292 B 29ms
28ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57fcce9549822891d1202d4cc0e63f08df7d4c62fa9c4f772e6138e8f8c7c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 Element_3.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 280 B
307 B 27ms
26ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2cb2da864e04c4c9cc587de58db21d63a1a0d37f90fe47890df710f553e40d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 Element_2.png
s0.2mdn.net/sadbundle/3714866724188330284/ Frame FF71 329 B
356 B 26ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3714866724188330284/Element_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23396d19473b96e969de2f3a631c0f6c6624bbb3b63030f19edcd13a6976ce06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3714866724188330284/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 12:05:05 GMT
x-content-type-options: nosniff
age: 111425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 08:56:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Oct 2024 12:05:05 GMT

GET
H3 200 _728x90_btn.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 1 KB
1 KB 31ms
31ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_btn.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e5af8a33b9e65da9de11179875c91d6f4db5cfc79e2e444d8a7d98b353400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 21:05:35 GMT
x-content-type-options: nosniff
age: 165395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 21:05:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F660 0
20 B 128ms
127ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFAQOMmY5ZdHPBqe79u8P7NixwAgAAAAAOAHgBAI&bg=!hoWlhcrNAAao7_3LiO87ADQBe5WfOH3UwJvjswe9DSbId3InnLj5kfPaKWFcjm69NnPVS8lm-C4hKea4PKebrE9LdC8uAgAAAJJSAAAAA2gBB5kC9ThHZL1ZBto_rFmXPJhYriwv68Nl5DP9tlHCFEgozJeN9VIBk6XNnOhfdoOt1bhy1EMm5HpruU4WZeWJ_7rTvcpRinEK1DMGtZFV0X8PlIr5Q4yy-9asK6JxoxoSh_gPB9QiM0a4PQUdRX2MUcZjxvw2IW2tixS1Ep7rdTWYxzzfn-002wOTvBHNLFjvt_Mf9nQKsbUbeU8nZtQhL0Veg408Vfe31iic0_Iwk6ZgMn2Flvl8rSjUX7PYuutTJiaAv0kqiCMxc6sZKzSM-ymw-zI4MUTQbU5-om3Y4h_CJOCyQZ2D1CNuZAFnyBKXChm0ARjf12hnsYOdLGproJhuEECVXxYriaS8H6Pu5eiLdjWYVu6CWCo9XJ-MW_lADmdT8bGbc9gs8WJGIB446sjcJB_zktmBf5lHizOyvcpVrEItlawVv_3ma9BwiRS0Q7YJ31HaF8QfDjDi_SvEG144yrs6shttlsyTu4Zry2utexhi7JBTRaGbn8Tb0bqyMw4xPf8nshbPpJUDHWs9_NbcBQoEoXBnyt3UCqJI6KACH-YPw6KkHi4zuwNeupxLc8z1wpKU2sq179AZsWr9OEfnQ0Qvp8-_FstRv0VSCNXo5yt1wAD4begSzliQRRgII3oo1s5QxMcD7MSMPZ_1cz-L-HYGN9dfPWrnqWezmxHS8LQvxEMMGqGB9zj_j9_3P8kErp1oLyOvdyZ3-wrqv2wWWm42X99IZN8GlonjMe1rVKe7bSbX2nUiLzUj3HVE6LXeCSx6T1vV03BCO9k2RMwf636CGOC0GVX7FcLACAWJgYkEM2-9u2dBLdPIvL4uxPNJt_2ApGpr9w_Nv8kqpkTkApx34NwvvMydrja34fmcuxYg14WZDBM11_vnbgHkDgoNKKJha4ISoPpBnCHg2PsEOIMCkw7fT2B9BTeMNqqNoFcrGiIr0IDJrp19F1tbMHXHnOoYw1xTmfHQr3a_i7hC2Ng3J3BaifiAPm9qHG97FL314J25UWo

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _728x90_logo.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 693 B
720 B 22ms
22ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_logo.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be0aca44bad073453d3f107123dc563fa9f6d92889d2ef3b2b2d27a6a643457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 693
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H3 200 _728x90_t1.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 1 KB
1 KB 22ms
21ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t1.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff39cab0ad3ca8bc174726bcf9c7ef2e1de32ce43d0f786dcc94062a747e3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1082
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H3 200 _728x90_t2.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 1 KB
1 KB 23ms
21ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t2.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ea63c90cacf953e3eba54a5083eeae0a4ee8e1b67fedbd594e7f3128eaaa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1055
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H3 200 splash.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame 7ED0 5 KB
5 KB 22ms
21ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/splash.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180102/ 159 KB
54 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180102/reactive_library_fy2021.js?bust=31079124

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f6acc2165ab6515717921549164b6f84b29173a2dc6ce652540dd6cc2c8ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55343
x-xss-protection: 0
server: cafe
etag: 14064674189602658401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:10 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E910 28 KB
12 KB 529ms
522ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a27ee116a04f56a5f02da73cf73a656df4c1a59558623d4adf1dd71a39faf4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12189
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF29 28 KB
12 KB 539ms
532ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7247368541eea4748e8815760d39fdb0d9a5624f307951d5616d18f089831dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12141
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5765 28 KB
12 KB 532ms
526ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dbb55a11bd19a4b851a7c6a3dbe489c156b9565a3c085cee610be6eefa7d8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6FA 27 KB
12 KB 553ms
547ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

295ccdc3df31e9d6e900d9f625393b930914b5b0e1fe306f2cc8a90da0671e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11802
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9212 28 KB
12 KB 470ms
465ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95351a3702d61501eb4dd5304e500ea3212c9220309e54a4e3e63a8d540d7861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11855
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A19 0
0 65ms
64ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLvElgR9xDZXBGEXWIBcP69KPV-sqB0Z0KdE4pXFQLzklRkK7lVtROMvkAXxAN6hgqpUdklJTI__vnHhouaHh_L4napHDtamJVAHxT8Xcf49hMTndSmpGPMtYyyM2VQy59CmHtAjNmBLiFa5rFl7EAPOsXKLYSbwQ3HctWPOn7mYgpTZVxTIUXviVXV7_QwxnQUoDktzslVC-11N0gX8bvP9iXYLMh2gBUvT-jZTR9eIu_Ta_hecaK1a-NHWS9LzGlXUfaYJpRVMXKjyntWm0hTNxnH32jADIqrxsmMu8hS8_XgD2XAjx43meIyDrkUk3uRcJyJ5MyNwczkUXx99GNO2CCcwpqZXxV5slvX_AzRbm6iPFJQFiwDN7tX7qnAKRlP3qjZEPQP6c1iTxi5_jsrxtVpZf9sJajtXziFOSoX31tpiTarF3Ldew3o2YRrsKPc-LTOnukOIavFWjYmypfWgqu-xREzUWDWLH7AyjyHjrGR_8RFpmKXJUGdFxg2v6NAv3MUEskoe51iapDFr0Zm8tpNXJDdRlxBANDbdYSvFQeZqmCQ_KcTPGDszDuWFjVvoXNyF0yT88oDQTMdHFcvfrmf9IZVrfMiE8eav81kK1Dq5gsRT2TBAignf3GpCgYeBU7CchJVOh9SpTHSQa5l-vG8JXlvsTmj-uvY15V5mR32i42bZ2VltBvb__Q7sTJm1T3eEnLYOovNmpe6Yxc_b3p1hrrll5mOo27WI9jhw8_J3F_xvXR9LERh0I7tm-VtHKWB7Zhmchfnzem5V6PbVS7zSkz6e7U9NmGyvz23vXUkT6aWXMRyMsbrL0fVhCdCYNWRSXabuXYKPawkczAGgTE_0Fd98y3OgbFMOOQpO6wxTNNn9qfIEsRXObZe5T_idGGAD01vJjbdSlbQT716MgsANoBt9wmNHwWEHtO8v8t5euG3u651m6R7vvmUfvunPXUDTfpEa7GljIcMENqfv7QvDtWUTWjpEZj6RxE9xtsuUshO4bJ0OwRJA7PEBXyo09CCobliGshTxp7MQUToJjLYrz7bziCuJ4ynE0T_HyRFagdjzCgHohs_IMK_IMrarhI-0agBCfc7S8TcQYxEizZ9_sokV0y9m7F9hn4BwG-_NqGkUoFHkfS5lzIVra8MLB7VWouBkO0f7nF1tW1DynUdVV1YEEUeGqcesVPfYU4dDp5HhqdVkKZ4757x0KabCQSdZ5-n-0BpivLLyzRPfwuvsSwJ-RFEz1t22Y1ldy8txfln2t-li4&sai=AMfl-YRTUJicGTC12Wh7bPcbp2DqpBk2L4vJaE270HhaqRAmpIegpKrTDxhg9bTrSYjiwGgQje9AzJ-CB2JHsn2xUwO1EFreKOP5pS_tLUIZr452yI0bNhCYmYSnDw-sW1fUyWLrlewttyMcpt4V3VybVAMSo0382Rje1But8NAkRy-BD0bLduDEp5JxZriWs-xXYcarIkDGXWLjlsEiDkUK1Off92vYs6xUwxL_PBzAyuE72mZ-bTTIwXd40szuvaiXjwz3aAFChSjYMX_l9WXFxJYJY0LDLnzypXOevi9brI1soYMk3Kd-dcvkqjlrqZnrEloL7DYMAyiw-bYgil-4shSuG6j50uDwjcVl_1H8pGoZ_5Ezdx0AT3MyWkgyENYqtm0vyJ-48ACWij8Gyt6dbJ2y0qX8R3e9PjZQsc9tETQmp_pIpzTtnUWoZk1gRvc8Uec7rQ-2s1P2WMOOQo4OExeJU3Tu-nyGhh6_AXCV-c37yjU&sig=Cg0ArKJSzEt0Mdf1POZnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=763&vt=11&dtpt=561&dett=3&cstd=196&cisv=r20231023.71447&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1DB0 42 B
174 B 131ms
130ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvojmCMQrQqAEBfHy377sDoSANdM6DCTlG_Pm5lcaiq6QeJEIQoXzLl5dcKSzu7kSAakpuvjiOC9DAN1MXnwT-zgxuILg1N70pOA9O2xh7PtrxnKGwAVTaS8uFQQkbEuJVZG5ZhOPQCXO8v&sai=AMfl-YSRnDxdx9W6WWsGECDXB21r6BDJsH4OnGLfFWV4HeAjxVRKItkuAq_C_BvmQt13p5_K-hvRrPJr0QShzoxQ9c3BBh4dHVH3MExZv_jNr05bP3PMNd2gnzbCigWeiyoQwpH3jN2mvp9942p7&sig=Cg0ArKJSzLBIOqTRPi3UEAE&cid=CAQSSwDICaaNFZEJJI1LyEW92Ny4l7G-JWPySr6W0bUAYEbz5Dk7iLGTHh2q49Za1dlDD1c3wnAEMU3EaHHpVcD1GHYCqKqkbZfDydjouBgB&id=lidar2&mcvt=1000&p=0,0,126,728&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=20&adk=1499268799&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698260529601&rpt=653&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A19 42 B
64 B 129ms
128ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxHPCyBHKWq6JCqgFrgViA4unL5Q2WrdQUqnkYtKrQuVLykW3Gz0WBwzvMFw_WPwSu43M8vkYCy9NnimQCFi1nxJ9oyAEPKZXb05a5xn7wffudptuhui271f73WmXEj9zwNL7ky1Yibzd6&sai=AMfl-YTmPQS1uEQEeI9p3akYBpxs5zbO-MRlDsl0Y5OdGASKuZQjxyigU3ABl2UlYn2HuAMaWK_O9j5bZidlHgjgk8hg82ciekaW8S6VRGa1EpltFYPxTTWnzA_Tkiwhf619_6tzpKQ7dDxkbExyHw&sig=Cg0ArKJSzMSL1za9zljXEAE&cid=CAQSTADICaaNMtkn0u1-W7UzUiSOGe2sj0D33KjRiyOAT3bXKAuSs1AbfYaSXNStMjsjlLWI6vRNCrq_Dbv0xL5oaVvYXIBBeR1QBf07eJoYAQ&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=119653711&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698260528767&rpt=1595&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1DB0 42 B
64 B 135ms
134ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxKATYyjSe8DaRcbyNwsiF9LUqJhNAxSLuaXKP0sL9kwWxCsQ1WqdI8s7o1BWuOlWkwKElusVu8nKvGngCGw4EdaGNjjyZvPEbQFqyAxhB&sig=Cg0ArKJSzPFt7ftDYRElEAE&id=lidar2&mcvt=1003&p=18,0,108,728&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=34&adk=2124396026&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698260529601&rpt=821&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame 7C43 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 20:13:09 GMT
etag: 4569948109300706969
expires: Tue, 07 Nov 2023 20:13:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame A6EA 10 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 20:13:09 GMT
etag: 4569948109300706969
expires: Tue, 07 Nov 2023 20:13:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame B2F2 10 KB
4 KB 26ms
25ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 20:13:09 GMT
etag: 4569948109300706969
expires: Tue, 07 Nov 2023 20:13:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/ Frame 2435 10 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 20:13:09 GMT
etag: 4569948109300706969
expires: Tue, 07 Nov 2023 20:13:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB0 0
20 B 187ms
187ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7768452709553&version=m202309260101&ct=77&x=1&cor=13950364194363363000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7C43 4 KB
767 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 18:58:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7C43 205 B
296 B 129ms
64ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:33:28 GMT
x-content-type-options: nosniff
age: 358123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 20 Oct 2024 15:33:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7C43 604 B
920 B 128ms
63ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 09:35:28 GMT
x-content-type-options: nosniff
age: 293203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 21 Oct 2024 09:35:28 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 7C43 15 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cc933a2cffa5971635779412d5ea0fcd6d3d7950271c6784c5e44c0a76c8beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6584
x-xss-protection: 0
server: cafe
etag: 17761768058797188040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:47:23 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 7C43 20 KB
8 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:47:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame A6EA 2 KB
825 B 50ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame A6EA 23 KB
9 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame A6EA 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame A6EA 20 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6EA 187 KB
59 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H2 200 b043ffb3bb2c6d533211f24c7a1dfd38.js Show response
www.gstatic.com/mysidia/ Frame A6EA 35 KB
15 KB 111ms
62ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15030
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 00:39:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 14:24:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B2F2 2 KB
825 B 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame B2F2 23 KB
9 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B2F2 3 KB
1 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B2F2 20 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B2F2 187 KB
59 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H2 200 b043ffb3bb2c6d533211f24c7a1dfd38.js Show response
www.gstatic.com/mysidia/ Frame B2F2 35 KB
15 KB 68ms
31ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15030
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 00:39:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 14:24:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B1A7 640 B
265 B 71ms
68ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNV8yID1njIwKcmuaZRfTtkz-Fazs5cuYoWDzTrbwMbP_iTnjJTdWfj7GJTK0JWyQDJ8lhKvdDLHvQTNFjxuQWBM5eZehe-wreXdxDgLPOQTx8SrqzRfR3KG5noQ3z2Rq0rzGAxZyODzrLzoSk9KR03Fi7hcNZsFIOX7q-tk1WctxroAkwQ

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
expires: Wed, 25 Oct 2023 19:02:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8A5D 89 KB
31 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8A5D 24 KB
10 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 25 Oct 2023 19:05:26 GMT

GET
H2 200 attn.js Show response
cdn.lamp.avct.cloud/ Frame 8A5D 48 KB
14 KB 37ms
34ms Script
text/javascript 18.239.83.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=839127857176&a=&cp_dspId=dv360&api_frameworks=[APIFRAMEWORKS]
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-125.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 04:48:59 GMT
content-encoding: br
via: 1.1 eb5552d4fb69ca0d0578ffa97b7b08fa.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 16:23:08 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 51193
etag: W/"8a45742518e0e70d41040ddf21529736"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: NxOwAUJNhppyjHHbkr-EKFxB8JG2nJr761ruDFfhrp8fmdJEGzlpng==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 8A5D 3 KB
1 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 8A5D 20 KB
8 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A5D 187 KB
59 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A5D 42 B
63 B 126ms
124ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D03M185KbjfNd75YZIJFwozPL9Tuf9f2nA2LmpsrHFfCXsnw_pw-GflUK-a1PONc_FZnaTPuPGAFOjZpAI6Ty1UlYSRYJ1y8267v5xcrSwtMy67SU

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A5D 0
20 B 127ms
125ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6316967483219638889&x=1&ct=77

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B1A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIbD24tJDokugw5hWEep-U8&google_cver=1

43 B
273 B

51ms
37ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIbD24tJDokugw5hWEep-U8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNV8yID1njIwKcmuaZRfTtkz-Fazs5cuYoWDzTrbwMbP_iTnjJTdWfj7GJTK0JWyQDJ8lhKvdDLHvQTNFjxuQWBM5eZehe-wreXdxDgLPOQTx8SrqzRfR3KG5noQ3z2Rq0rzGAxZyODzrLzoSk9KR03Fi7hcNZsFIOX7q-tk1WctxroAkwQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIbD24tJDokugw5hWEep-U8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B1A7 43 B
136 B 95ms
37ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNV8yID1njIwKcmuaZRfTtkz-Fazs5cuYoWDzTrbwMbP_iTnjJTdWfj7GJTK0JWyQDJ8lhKvdDLHvQTNFjxuQWBM5eZehe-wreXdxDgLPOQTx8SrqzRfR3KG5noQ3z2Rq0rzGAxZyODzrLzoSk9KR03Fi7hcNZsFIOX7q-tk1WctxroAkwQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame B1A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEDUwgWlaED7DVAOLnzh1MeU&google_cver=1

23 B
163 B

129ms
65ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEDUwgWlaED7DVAOLnzh1MeU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNV8yID1njIwKcmuaZRfTtkz-Fazs5cuYoWDzTrbwMbP_iTnjJTdWfj7GJTK0JWyQDJ8lhKvdDLHvQTNFjxuQWBM5eZehe-wreXdxDgLPOQTx8SrqzRfR3KG5noQ3z2Rq0rzGAxZyODzrLzoSk9KR03Fi7hcNZsFIOX7q-tk1WctxroAkwQ
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 25 Oct 2023 19:02:11 GMT
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEDUwgWlaED7DVAOLnzh1MeU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B1A7 23 B
163 B 163ms
59ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyC3AIQ4-_U7QEYmpvW-QEwAQ&v=APEucNV8yID1njIwKcmuaZRfTtkz-Fazs5cuYoWDzTrbwMbP_iTnjJTdWfj7GJTK0JWyQDJ8lhKvdDLHvQTNFjxuQWBM5eZehe-wreXdxDgLPOQTx8SrqzRfR3KG5noQ3z2Rq0rzGAxZyODzrLzoSk9KR03Fi7hcNZsFIOX7q-tk1WctxroAkwQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 25 Oct 2023 19:02:11 GMT
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame D9B2 38 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1CD3 14 KB
1 KB 32ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 18:56:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1CD3 2 KB
825 B 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 1CD3 23 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C87A 143 B
166 B 28ms
26ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 18:08:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1CD3 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1CD3 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CD3 187 KB
59 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H2 200 b043ffb3bb2c6d533211f24c7a1dfd38.js Show response
www.gstatic.com/mysidia/ Frame 1CD3 35 KB
15 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15030
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 00:39:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 14:24:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A5D 0
20 B 123ms
122ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1141842672304&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A5D 0
20 B 123ms
123ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1141842672304&version=m202309260101&ct=77&x=1&cor=6316967483219639000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8A5D 16 KB
12 KB 98ms
94ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Azd8IERw3IobaOWTQHsAxzqFPcqxNrZe6iUzm1qi9Esi2jQ81E3J_3pSgnM0VzqVPJAAJkO0WV97dGj0nXF4DVa5hFGmq-7SomWW8A9uP0BMd8hfhjsao18ISZ6cfhb2raxs5le05Q-DEd0AxIfqlS8nDmC63QgrDvjDD2_I7meP_vv2A&cry=1&dbm_d=AKAmf-By7by-uHjSQFIXnpKmQJy2lEo5DcRo4vFQr-6nh5mgAtPlka2B6u8E4-4Tg2njnNBrz5IUcmurlYebJ4nS2fUoKcMAaOxuclaVQg3FwI8W9FppS9ZDvMpHhJeRNPe4zqhposEVTRw7XFfR5pFaoYUUVdQJEsFq2p4PJ0dxTI-WbbXGh1WaRl8iwUuWOvB_7EiO9osd6wKfVpuuyPEnQ0ygrVG079_sQiBnLNI4FHuHSJLMe9XsloVj0XoqK24Sa4ttvQxLdy_CQVBtvxF2_AFfd7Mz6dGKfkRDD40t7DbRpnnXkx1Nq9Gp9Ln59aYbCvD0yivhbfUOInLBkgluqs5NKkVL7d1Pc6tpGojzVIHlvCE4VUFT_3sGMhDeeaoORXXng2COCrQ5iugwJvYjHwiL8gsgs8pu3dEvoYkYyivhTNvJFHUuCpBiRVO6xJj-Y7ZfKKUVUhatz5Mi_l8skM4IlkjBApVAxFuc9BBxV9klUHMZ09tRxHt0bZYnIu7E71r3Ff4M2QXag2WiGPJ4lQVFBufwkhPu_z_9cnHpsC-Jei2FYjlypW0dLgALRt2i5kMEAQPiSbPqnCZ0cRNfcJ4dhg1c6HHmfkfwwqTJ3v_vtALODvxVHe07jGaXklDV4RQ_Xshm9xrH3vcbWTxorIdVgMIcD-anihy-3o7e3G-s6DlFZ7YnNaM3DpNRZ68b0nrbp5kc4Y6lj00xQIoyK6Sai1jURN4iBwE-yfLUVIk0Ty68abz4ik7heUSs_Sr2MB_Tx_KfXLRhqyIHJQdOm3ullhKEB9iIe1SfJviqsYeBVk3q5-XvjPcb_-kvN0ImJQVOziitQ_243yK56tFsiBQmUkXAd4PwGUJsUwwN1hWIKkxpO6b4b7lCoFo_EkzhZECfVLazrjA4zXQwWJz62LhneYU7nS0CMxFKtq04oD4GNJ8Xfl-VtTxaKdNcBoEZhoP8J3R-Y7lYin7Ur2U33h8vdCU17QY37jEzIxNYYrqVsLCZGMzCe9QgWtVX6QnnnTFs-pirCxn27xrsYMmIsoXTBO0yCOZhJlBcSoPHeJwtId6ShFXic_2zslTbeo9ZACUfrLmavug2AY5_RKBa1WEwCsDy0bTub9OiUwmPaEbzeMzFLltN2uDAW7BgPiO9lSM56HZgkk16up6Rp6-Y97zYGo9c-jLmCP1xvRDqLWhdWxzh-tjcLHsD9UpTz8QPOSld8SvhOWXjPOESe-6877rmwz85XUNHLLTYj0yhyMjS6pf1y3hjULhVU5NWaO089ZmefCxpNh4Wd1OnSh8oZSdth_82t3MMbeaFH0n5bVEYMaVxaYR3NiYpRzyk2-xtdW5nVPHOTg_OPxALVZit6s-X-sUTlFWBHD6uaUdySvVsVcvwzJ9Atz83653Yl7ZED9Z-HCYDJuC8SdlkH_qD3d090k8tZXHI42cspvlEHFGTRuKhOu2OjgvkUj_1YhryUjOXA8-gE_YW4SJVcYqaWFdiWmKW7efGnUwqiFdsQZ6d2-8IpEUYDKyRKkyMpt7eyQcodFv4GHoJS2UGlrzd0yKHPN-aevNB8FWDE3zpNde695mJA-srb1ILteTaT8dHnJT0fjhhlsDqiWEPOUU0FDk-B6OALq4ce3uEqhjyXnFvhBio4oz5whPMkklz6EfVrLKaozoAXGeOkA3K33g0NhLfpORhjSCDry5mwavC2IwnrQiKivoYqIVWvuRg_S-lIC1_T8XSn5U--Q9-rsOEujUaFZ94PTIyfQc_ugiH8N8rDqa7sZPaEN29OnmqFAfKbGdfGEc_ygndVtJnyCSxmYFF2wD3ddUb0nHYC9vleoHWsrKjfFw1j7Y1zMJBUrpTWggNaXE6mRuZwcNKVyk4s9kH6R7k2lgJOB9DNzRCdUjzgQDUEgdwiTsQy88ypsZEbKCWhHGvyN-SmLqRQJXHUQOPTHy9WyvTpzU5oUebW4KAzQI8pH3rU5DnH-QBPujQypiCBhIjUVUySvijvueoyJjMCAF1LJs6jiZagobp_ykUJE-lgMvW3v1SSWE6XNwB94xwDVY2LYt19t5yZsimqvpFNFeFVZuBMKof_qaCv5Tjr10-kHXxQBf_aPAaac6fFcHsyhl0ooGNtZTv82aG-XIRLTaRD4GUFYX5arBNnlEC8vXLyldDOYBnAqyzk2GSZGF4fXvjjUpV4w5OFnHLdlvFX4udTEBBVcACiNPC-mzrCMeHQwkO3n-AA1Wx3Wy3GjwgnOYxmSOUk8CnKNYaqSVSEyOl7fTBRIMuCvrc1se1manI_UsIGqa6onomAaC7EtBgGCmVggIHUQOtnUg7nxgyqD21f2JAgqFqcKrsKFBl0xl5iaHb3nIC5H3OO6bwt_UidHcOgpkDFmvQK4arUtTK9Y8-XaQS4teYK3Mkd4KlAptr3UwHnJNQA_LxpaGFgb-LzCvNt-fA-nhBOzgrcVl18IXiNUDssHsP-NmRNLDFZF3UwUQvf58gAxKIvvSjkVxMGEgm8pVuVaSPS5FbHp3GWfkBzxNGgxTvaLN0Jzru9QWt6INJHp2DTfTT7XHcX4QRliXV0-PpJQ0yOngJR3-S96y-W9ZJFA5vdFyX4tUlZpd-sX-4P8Xcxv9yC61zSKDUotPMXfXmL_iq2vagnlZWEJkFQfS7Kl-FbuJ1vx9kDzUksW5ez0H0W1KuBwbGOcgMkiNblPJT3lmWyeap5Rd3TgaDXw_-JcLkB0rVRteD8BdeLrlPkWLBaq4cOpYRiwbmLW1REDg4sMm_lhF47CfFnLZj23OCT4Vx3TIXUUixGKktiXqjvQZUyvHXL1Oamh-Umqkwf2DQnhbHutrgceC_BU5TI-edNAj-bh9tXbh7HHZhR-F3HfxCJ8t_a1rRDsDjL8Wf6WhUoK5upjahZ4Tu-xgawWW-8vyMC3w94FrGuvLxYEvORVR9ki0tH1sovjf4HWtJf1AicAu0exKb0v68b4EWrNtpfhRiLDf55IvIhTUfbuqpCC3UPqLaw7JinBylLBlsh_MrZsHWGvrDUWHNLi5FVlBFw-_gtZVkgpSMyuH0qSHCXGU0-NIy_m-C3ZH3Sm9uCKBn4G1gN4dki-YzhomlA-LjZ828CHjuSW1cuCWhDD8FX6fDsMMbooOeA4GUJe4TtIIp24vmSw5TJiSX1Z7gQcq_v7aopMbi6aJ3bsxZ3iUwO7e7kdjga_fFV-yzSQyKiG9Gr-3eW9JMixsyjnSfy9Ff6m2kiUuBCqaBBuxJ6MZ_SQyh80d9iBt_CaWTN5iLHiqGr1wlI661g2d-binP3kGlkEdK8AQMqjf1PQnr_mcA2DPLg9_fssLe5_fnOljhnAGZXan9djxjILRRB3a3c1bmz2KE9c2mnvoT97oU-Q1lBg38HSfIFOGWrUudYE7sIutuakhAJ0Dj5d2uDGs2vuMxp5GQ1JOyfSckM6J0A-SdkKDT4lm5a9UxWLrW5LQc8EjnqOFRwUrTTkg4vFMGcMOm4iyx6o2uaiUPotzn51wBIGJYdQqCB1F7YI1UiNDTqZzydO1stfrrF0B_Zes5lm92yrjHWMNVxv1QXTsDFSlTqnbKwUh_pY6iYxWaXPc1u4Ppggnjbc27L1xJzwhFgOhs6KxB-wFpcR7j5ZXwxaHIAPdGj-QTaNTAwRLZgrMrLZv1EqVW8vml6Z-pWXv1n7f3QjUwgoK2UvzFzePEhmiRZjz6ZCHDuesHEvj40cPOnGyc2BMzfH6qYZBTpsZr8ZL9v-KdYUvgB5uHe9OzaKY4eEepi-w0q7clP4ZW6Oa5Frz_gUv6VbK7CAXBJXwfhleoueCFnn2Qbe82KSgNLWfB2w-sLtfe3WJud-Ens321&cid=CAQSSwDICaaNCHkXQDw6Ortc35aAQ3HY4sQ594fTpo7ME2CM6Btw4JWFwh8VGbu52qWKYUbFC93pc_2sg1VaZ9Y74sSimJpls0GcV-3FjRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=6316967483219639000&adk=3062569608&idt=117&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50469c96bfe72c277794cef185a6fc45a3afc490b612300034a3a3065e411fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame 693E 38 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C87A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
31ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
expires: Wed, 25 Oct 2023 19:02:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A5D 41 KB
14 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Azd8IERw3IobaOWTQHsAxzqFPcqxNrZe6iUzm1qi9Esi2jQ81E3J_3pSgnM0VzqVPJAAJkO0WV97dGj0nXF4DVa5hFGmq-7SomWW8A9uP0BMd8hfhjsao18ISZ6cfhb2raxs5le05Q-DEd0AxIfqlS8nDmC63QgrDvjDD2_I7meP_vv2A&cry=1&dbm_d=AKAmf-By7by-uHjSQFIXnpKmQJy2lEo5DcRo4vFQr-6nh5mgAtPlka2B6u8E4-4Tg2njnNBrz5IUcmurlYebJ4nS2fUoKcMAaOxuclaVQg3FwI8W9FppS9ZDvMpHhJeRNPe4zqhposEVTRw7XFfR5pFaoYUUVdQJEsFq2p4PJ0dxTI-WbbXGh1WaRl8iwUuWOvB_7EiO9osd6wKfVpuuyPEnQ0ygrVG079_sQiBnLNI4FHuHSJLMe9XsloVj0XoqK24Sa4ttvQxLdy_CQVBtvxF2_AFfd7Mz6dGKfkRDD40t7DbRpnnXkx1Nq9Gp9Ln59aYbCvD0yivhbfUOInLBkgluqs5NKkVL7d1Pc6tpGojzVIHlvCE4VUFT_3sGMhDeeaoORXXng2COCrQ5iugwJvYjHwiL8gsgs8pu3dEvoYkYyivhTNvJFHUuCpBiRVO6xJj-Y7ZfKKUVUhatz5Mi_l8skM4IlkjBApVAxFuc9BBxV9klUHMZ09tRxHt0bZYnIu7E71r3Ff4M2QXag2WiGPJ4lQVFBufwkhPu_z_9cnHpsC-Jei2FYjlypW0dLgALRt2i5kMEAQPiSbPqnCZ0cRNfcJ4dhg1c6HHmfkfwwqTJ3v_vtALODvxVHe07jGaXklDV4RQ_Xshm9xrH3vcbWTxorIdVgMIcD-anihy-3o7e3G-s6DlFZ7YnNaM3DpNRZ68b0nrbp5kc4Y6lj00xQIoyK6Sai1jURN4iBwE-yfLUVIk0Ty68abz4ik7heUSs_Sr2MB_Tx_KfXLRhqyIHJQdOm3ullhKEB9iIe1SfJviqsYeBVk3q5-XvjPcb_-kvN0ImJQVOziitQ_243yK56tFsiBQmUkXAd4PwGUJsUwwN1hWIKkxpO6b4b7lCoFo_EkzhZECfVLazrjA4zXQwWJz62LhneYU7nS0CMxFKtq04oD4GNJ8Xfl-VtTxaKdNcBoEZhoP8J3R-Y7lYin7Ur2U33h8vdCU17QY37jEzIxNYYrqVsLCZGMzCe9QgWtVX6QnnnTFs-pirCxn27xrsYMmIsoXTBO0yCOZhJlBcSoPHeJwtId6ShFXic_2zslTbeo9ZACUfrLmavug2AY5_RKBa1WEwCsDy0bTub9OiUwmPaEbzeMzFLltN2uDAW7BgPiO9lSM56HZgkk16up6Rp6-Y97zYGo9c-jLmCP1xvRDqLWhdWxzh-tjcLHsD9UpTz8QPOSld8SvhOWXjPOESe-6877rmwz85XUNHLLTYj0yhyMjS6pf1y3hjULhVU5NWaO089ZmefCxpNh4Wd1OnSh8oZSdth_82t3MMbeaFH0n5bVEYMaVxaYR3NiYpRzyk2-xtdW5nVPHOTg_OPxALVZit6s-X-sUTlFWBHD6uaUdySvVsVcvwzJ9Atz83653Yl7ZED9Z-HCYDJuC8SdlkH_qD3d090k8tZXHI42cspvlEHFGTRuKhOu2OjgvkUj_1YhryUjOXA8-gE_YW4SJVcYqaWFdiWmKW7efGnUwqiFdsQZ6d2-8IpEUYDKyRKkyMpt7eyQcodFv4GHoJS2UGlrzd0yKHPN-aevNB8FWDE3zpNde695mJA-srb1ILteTaT8dHnJT0fjhhlsDqiWEPOUU0FDk-B6OALq4ce3uEqhjyXnFvhBio4oz5whPMkklz6EfVrLKaozoAXGeOkA3K33g0NhLfpORhjSCDry5mwavC2IwnrQiKivoYqIVWvuRg_S-lIC1_T8XSn5U--Q9-rsOEujUaFZ94PTIyfQc_ugiH8N8rDqa7sZPaEN29OnmqFAfKbGdfGEc_ygndVtJnyCSxmYFF2wD3ddUb0nHYC9vleoHWsrKjfFw1j7Y1zMJBUrpTWggNaXE6mRuZwcNKVyk4s9kH6R7k2lgJOB9DNzRCdUjzgQDUEgdwiTsQy88ypsZEbKCWhHGvyN-SmLqRQJXHUQOPTHy9WyvTpzU5oUebW4KAzQI8pH3rU5DnH-QBPujQypiCBhIjUVUySvijvueoyJjMCAF1LJs6jiZagobp_ykUJE-lgMvW3v1SSWE6XNwB94xwDVY2LYt19t5yZsimqvpFNFeFVZuBMKof_qaCv5Tjr10-kHXxQBf_aPAaac6fFcHsyhl0ooGNtZTv82aG-XIRLTaRD4GUFYX5arBNnlEC8vXLyldDOYBnAqyzk2GSZGF4fXvjjUpV4w5OFnHLdlvFX4udTEBBVcACiNPC-mzrCMeHQwkO3n-AA1Wx3Wy3GjwgnOYxmSOUk8CnKNYaqSVSEyOl7fTBRIMuCvrc1se1manI_UsIGqa6onomAaC7EtBgGCmVggIHUQOtnUg7nxgyqD21f2JAgqFqcKrsKFBl0xl5iaHb3nIC5H3OO6bwt_UidHcOgpkDFmvQK4arUtTK9Y8-XaQS4teYK3Mkd4KlAptr3UwHnJNQA_LxpaGFgb-LzCvNt-fA-nhBOzgrcVl18IXiNUDssHsP-NmRNLDFZF3UwUQvf58gAxKIvvSjkVxMGEgm8pVuVaSPS5FbHp3GWfkBzxNGgxTvaLN0Jzru9QWt6INJHp2DTfTT7XHcX4QRliXV0-PpJQ0yOngJR3-S96y-W9ZJFA5vdFyX4tUlZpd-sX-4P8Xcxv9yC61zSKDUotPMXfXmL_iq2vagnlZWEJkFQfS7Kl-FbuJ1vx9kDzUksW5ez0H0W1KuBwbGOcgMkiNblPJT3lmWyeap5Rd3TgaDXw_-JcLkB0rVRteD8BdeLrlPkWLBaq4cOpYRiwbmLW1REDg4sMm_lhF47CfFnLZj23OCT4Vx3TIXUUixGKktiXqjvQZUyvHXL1Oamh-Umqkwf2DQnhbHutrgceC_BU5TI-edNAj-bh9tXbh7HHZhR-F3HfxCJ8t_a1rRDsDjL8Wf6WhUoK5upjahZ4Tu-xgawWW-8vyMC3w94FrGuvLxYEvORVR9ki0tH1sovjf4HWtJf1AicAu0exKb0v68b4EWrNtpfhRiLDf55IvIhTUfbuqpCC3UPqLaw7JinBylLBlsh_MrZsHWGvrDUWHNLi5FVlBFw-_gtZVkgpSMyuH0qSHCXGU0-NIy_m-C3ZH3Sm9uCKBn4G1gN4dki-YzhomlA-LjZ828CHjuSW1cuCWhDD8FX6fDsMMbooOeA4GUJe4TtIIp24vmSw5TJiSX1Z7gQcq_v7aopMbi6aJ3bsxZ3iUwO7e7kdjga_fFV-yzSQyKiG9Gr-3eW9JMixsyjnSfy9Ff6m2kiUuBCqaBBuxJ6MZ_SQyh80d9iBt_CaWTN5iLHiqGr1wlI661g2d-binP3kGlkEdK8AQMqjf1PQnr_mcA2DPLg9_fssLe5_fnOljhnAGZXan9djxjILRRB3a3c1bmz2KE9c2mnvoT97oU-Q1lBg38HSfIFOGWrUudYE7sIutuakhAJ0Dj5d2uDGs2vuMxp5GQ1JOyfSckM6J0A-SdkKDT4lm5a9UxWLrW5LQc8EjnqOFRwUrTTkg4vFMGcMOm4iyx6o2uaiUPotzn51wBIGJYdQqCB1F7YI1UiNDTqZzydO1stfrrF0B_Zes5lm92yrjHWMNVxv1QXTsDFSlTqnbKwUh_pY6iYxWaXPc1u4Ppggnjbc27L1xJzwhFgOhs6KxB-wFpcR7j5ZXwxaHIAPdGj-QTaNTAwRLZgrMrLZv1EqVW8vml6Z-pWXv1n7f3QjUwgoK2UvzFzePEhmiRZjz6ZCHDuesHEvj40cPOnGyc2BMzfH6qYZBTpsZr8ZL9v-KdYUvgB5uHe9OzaKY4eEepi-w0q7clP4ZW6Oa5Frz_gUv6VbK7CAXBJXwfhleoueCFnn2Qbe82KSgNLWfB2w-sLtfe3WJud-Ens321&cid=CAQSSwDICaaNCHkXQDw6Ortc35aAQ3HY4sQ594fTpo7ME2CM6Btw4JWFwh8VGbu52qWKYUbFC93pc_2sg1VaZ9Y74sSimJpls0GcV-3FjRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=6316967483219639000&adk=3062569608&idt=117&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 8A5D 57 KB
23 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 18:19:14 GMT

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame FC27 38 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C8E2 466 B
235 B 67ms
64ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXWAfrwIRktbqv5KP835S0tiAqqe7soFPiYflPuTLlS-OubvtpV0b_4hkqZf382dYQbGX6SARqXSDPN9F8Yx2kYKEImIpvVGv3FBdEuf-3p6WuUIoiacDaM6BUd8Z74QP_MhjMbJLlUCn0rA7_hsCmZD4gaoxad9CsT9QiSWxz0Coku8F4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0EA7 89 KB
31 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 0EA7 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 0EA7 20 KB
8 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0EA7 0
0 31ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjVNPrRpFXFzfIdNNUGT-Z63aV7jQtzsogAM1S9xSzcj85SHUJdx9x-TnEG-q6kuusxryDTRkQY2Htv0uwSMdZj8qakg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EA7 187 KB
59 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EA7 42 B
63 B 126ms
125ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COOEiVj8oLyt6C68pq2YeqjK45-9u45TW4iExwYaWs7AHQ7TmS2L4lqnJjREPodw3BMJPZD9ZFV6-jEMlfrZ-bFySjCIOQdJz-vOZSG0PPrruwbHo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EA7 0
20 B 126ms
124ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15994711115606240423&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 B30678728.378094554;dc_ver=97.287;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=3062569612;ord=6vqyhf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-HE_MGY5ZcrZMJKUZ-O4qqAF... Show response
ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/ Frame 8A5D 78 KB
32 KB 73ms
73ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=97.287;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=3062569612;ord=6vqyhf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-HE_MGY5ZcrZMJKUZ-O4qqAF_Z7QrnPzze229xG_yqK9wAEQASCqv7UhYJWCgICgB6AB3-jLsALIAQmpAvl-iXSfwrE-qAMByAObBKoEhQJP0JMbv0jahijo8cX5n4mPhBCoKO2ugar4ydw8BkVBkSrr-I4MFncm1nsnXQPx1F_Qt4Wy6y3DJ9YNp1fQxUTJoVECPunoMMX9PcwWE69G6GnBxPR3sHNx2_3IAKyrsiwetDRIQRBzbAY7cEcRy617j_IOPSkNCAHyk61GAc1EdChyDika7rR-OLyS9QQVrw2z0QQeAOtKCTz0VX1pSBkeMGPedXkxf-5kBm5rZAHxOqi90EAmt4MXYvTKtD2rqIqsLL-6Nt2AdrhYvzNsyTm7lDLxs_s2q2ge8tS9Mr_4FTGZs9oGimJOZOVAdWd-GQ7eELinApDll26kSsJAppfmDhZU_MzABNu_jY69BOAEA4gFv5XJ50yQBgGgBk2AB4mXtM8BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbAT89GDFcgTp8_X4wPQEwDYEwrYFAHQFQH4FgGAFwHoFwU%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaNCHkXQDw6Ortc35aAQ3HY4sQ594fTpo7ME2CM6Btw4JWFwh8VGbu52qWKYUbFC93pc_2sg1VaZ9Y74sSimJpls0GcV-3FjRgB%26sig%3DAOD64_1cuNFs7-9HViFKyielEMbrXONMdw%26client%3Dca-pub-9529152553031266%26dbm_c%3DAKAmf-DVST3RZuWM23pAalRTktgXPtrZpIKbKHlTQ68oISedQ8-WcvAPeCQVVIl0CD6FqAvLNvg4JthZiGe0YRDVgyvSiAcYbJE8ZLqpOBZ-4CnecniaOonLG7rv9wOjJXif5oCV3bTBYCaAxrlh86cVTvoT5e30ev4eLFv_EmWI_S3CAmmWneE%26cry%3D1%26dbm_d%3DAKAmf-Aix1BVmPsef1cnRPSdXtcQkovHXFsDyYa-LPa2_ZLtWan-GvAawFxYWAI08ZjDqUzRW_aEdB5Wox10TJ961eZ0G8OafgiQGhr_f8yi9ziPerssSxLA7ArCcxDFDpMRYJU7wdEzqGczD_4Vcn5pZAHLUeDark43k982EshEulEZkHxpZQoTn-X0qBEyMM7eVZw6CfCKzp_Evpq0CWcEc75Y22hj62duTBQYt3uR6wzv8wcIf91om5DjxDtinvqlhXQUtZMJMIpvEGgh_CIaE1UcBKf0ygNCANLtewKy1jX8shTDbDKDuodaUW_r98DlB_UuYfm3CIsz8A1HGAPC0E4jJ8AzTqFhvymmgG6VhFcyPd6MtmGM63y7HG5AfSzAbFoxuyQbULTlWTaRbI78t40p79fe5MU0AObbFsTsmbajbvcp9ioU5B4IgbKdTEJh4fk3WW2gxFy7ZJvVhqK5iXC3SQS-tApH1_fk2GOI353FySrys7YBzKAc58V4ULd0tDjg-KRQqo1hlO5hawMoxXAyH1BpEOANlDGA0FeDftlu73qAV4c%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fbaiyunju.cc%2F$0;xdt=1;crlt=FTK1.UG.7T;stc=1;chaa=1;sttr=51;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

074555b112c4b15138bb22be7a563f262075a91cf55542030312d92132251d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32809
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6DD1 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

partner
sync.search.spotxchange.com/ Frame C8E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame C8E2 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame C8E2 0
125 B 106ms
26ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXWAfrwIRktbqv5KP835S0tiAqqe7soFPiYflPuTLlS-OubvtpV0b_4hkqZf382dYQbGX6SARqXSDPN9F8Yx2kYKEImIpvVGv3FBdEuf-3p6WuUIoiacDaM6BUd8Z74QP_MhjMbJLlUCn0rA7_hsCmZD4gaoxad9CsT9QiSWxz0Coku8F4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7286 466 B
235 B 106ms
104ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV2sZnwisj9NYQRVUCr2xfmNCifF5J1Bmnft-7lhXbjm7YSCQjqHC03KKtE6TXatg3QFccMMgYvv-lTJjoXNf73bN_L6_cFODupqSSIojiiCN-TgPu3sro_zt2bCM_rbbVf4paHergttQWstk4IecXwl0k0eoNgsC7dWcP5WYFTmMYjX_A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B21F 89 KB
31 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B21F 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame B21F 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B21F 0
0 32ms
31ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPM_qIF_TnkptPiyvfFQ-c8Au0ZxDAczI-HLuf0KM_BhOdCqwdD3d5jchq7n61RmzFL3ZZuuKz8W1xvTUoU55ehWkX3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B21F 187 KB
59 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B21F 42 B
63 B 127ms
127ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOiY2OE-KKK5yDwxwIFTolijMTBz2ramVIZqYSwDRdI7QeYh-XkM4SFCvvsFtUYJtZzMjVV_T9tC7Hhig2Evj51SF_iENzl4MfKjLJ_1qIC5yPXCA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B21F 0
20 B 127ms
127ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12877324123873342620&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A1B8 466 B
235 B 68ms
67ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXYb1heJp5Vw2LH-0IfLBQquI9_KMt79C3ksvIJxT9pWdaRUL5UnwUy3XyaFgbRGHzGnaCvx0Roa8UUrZIXl-aWeyr2hRNPd3KCWub9TxV-RTZgPtSZGo5y8mJ0ThTDR6i79-pfWEPPOjcmxFFjAqJlRV9G-z9zgoQESqhWxMD4wWQxJBU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D2BA 89 KB
31 KB 178ms
177ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame D2BA 3 KB
1 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame D2BA 20 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2BA 187 KB
59 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BA 42 B
63 B 127ms
126ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGDUCqbi3b7utWk7Yb2b67xGUva5WZoWMMIdftpswf5D3KM02sEaeimZ-bpnOhObQ12E7ECAQ0ezrcLhadhKJmTzyYbU5BzGDHzjWwEVUNaxs99k0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BA 0
20 B 127ms
127ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13091205379883761334&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1587 398 B
222 B 75ms
72ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWWLw0FvRgzGeRJtyTk79jQ9fpM3Ge7ulZwQOt1j6-TvZjlJZg_By6UKxp5UgcIDBJoO7tL611YW6W_QKWch8cb9R5GYzw2JxfkCG43_OqzZbIeLrCDbLOapel_4Ay9MZbZDji071ldH--DG7tGe-LM8jWR1UMac9AXMx229jGwUEZclTQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7E79 89 KB
31 KB 152ms
150ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7E79 3 KB
1 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 7E79 20 KB
8 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7E79 0
0 36ms
34ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGw8MzQvW5-9FSLjh5DqPKa5qmHwn-o6VAgbnFbvd3EP7rDtCRmq7ZIjmyKj1-DLZjC7Ldzb0a_kkbZwuqay9IMT1Z1A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E79 187 KB
59 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E79 42 B
63 B 126ms
124ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjElLamUvRVIVDJyTP8X0H7llwlexSoxfURhdmBes1hXMo8VTz1cDFOLSz4uSSd9WsPH4uARhjM-0_SgSz6jioIynxVOqynpmAbXXlC-bABSkVIhE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E79 0
20 B 125ms
124ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7943715016734382353&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 979B 0
16 B 76ms
74ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXw-mj3So0rNYKTWjNhOs7gFHIj1Ier9GMn6Q3UErvj_Q0GYRNjeJjaZ6JlCd722hId-uLCfdspf06G41mAOQv7sexJNF3wS8vwTqIqhwAXm3-z-ldF-e1Txl0Jmdyu2bUbmEp15-WC2iDAj3j-qhSs7TaRXwDIgg7yYJ94rqQuQ2hloYQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CC07 89 KB
31 KB 139ms
139ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame CC07 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame CC07 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC07 187 KB
59 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC07 42 B
63 B 131ms
130ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8Wjuh6MmPMxJqUh-5PYtI3xPbL0XCRvr3-TgYa9U7dYT6oLVzkEgaY_WQ7qYL-tuU2RBtlhwtxtjNEsHEvUMcDVcUR8FEEuo1duGkxKgLniOdaCg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC07 0
20 B 198ms
197ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17817924601101839781&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8A5D 111 KB
39 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 8A5D 11 KB
4 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1138786.279382INVITEMEDIAINC.D4/B30678728.378094554;dc_ver=97.287;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=3062569612;ord=6vqyhf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-HE_MGY5ZcrZMJKUZ-O4qqAF_Z7QrnPzze229xG_yqK9wAEQASCqv7UhYJWCgICgB6AB3-jLsALIAQmpAvl-iXSfwrE-qAMByAObBKoEhQJP0JMbv0jahijo8cX5n4mPhBCoKO2ugar4ydw8BkVBkSrr-I4MFncm1nsnXQPx1F_Qt4Wy6y3DJ9YNp1fQxUTJoVECPunoMMX9PcwWE69G6GnBxPR3sHNx2_3IAKyrsiwetDRIQRBzbAY7cEcRy617j_IOPSkNCAHyk61GAc1EdChyDika7rR-OLyS9QQVrw2z0QQeAOtKCTz0VX1pSBkeMGPedXkxf-5kBm5rZAHxOqi90EAmt4MXYvTKtD2rqIqsLL-6Nt2AdrhYvzNsyTm7lDLxs_s2q2ge8tS9Mr_4FTGZs9oGimJOZOVAdWd-GQ7eELinApDll26kSsJAppfmDhZU_MzABNu_jY69BOAEA4gFv5XJ50yQBgGgBk2AB4mXtM8BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbAT89GDFcgTp8_X4wPQEwDYEwrYFAHQFQH4FgGAFwHoFwU%26ae%3D1%26num%3D1%26cid%3DCAQSSwDICaaNCHkXQDw6Ortc35aAQ3HY4sQ594fTpo7ME2CM6Btw4JWFwh8VGbu52qWKYUbFC93pc_2sg1VaZ9Y74sSimJpls0GcV-3FjRgB%26sig%3DAOD64_1cuNFs7-9HViFKyielEMbrXONMdw%26client%3Dca-pub-9529152553031266%26dbm_c%3DAKAmf-DVST3RZuWM23pAalRTktgXPtrZpIKbKHlTQ68oISedQ8-WcvAPeCQVVIl0CD6FqAvLNvg4JthZiGe0YRDVgyvSiAcYbJE8ZLqpOBZ-4CnecniaOonLG7rv9wOjJXif5oCV3bTBYCaAxrlh86cVTvoT5e30ev4eLFv_EmWI_S3CAmmWneE%26cry%3D1%26dbm_d%3DAKAmf-Aix1BVmPsef1cnRPSdXtcQkovHXFsDyYa-LPa2_ZLtWan-GvAawFxYWAI08ZjDqUzRW_aEdB5Wox10TJ961eZ0G8OafgiQGhr_f8yi9ziPerssSxLA7ArCcxDFDpMRYJU7wdEzqGczD_4Vcn5pZAHLUeDark43k982EshEulEZkHxpZQoTn-X0qBEyMM7eVZw6CfCKzp_Evpq0CWcEc75Y22hj62duTBQYt3uR6wzv8wcIf91om5DjxDtinvqlhXQUtZMJMIpvEGgh_CIaE1UcBKf0ygNCANLtewKy1jX8shTDbDKDuodaUW_r98DlB_UuYfm3CIsz8A1HGAPC0E4jJ8AzTqFhvymmgG6VhFcyPd6MtmGM63y7HG5AfSzAbFoxuyQbULTlWTaRbI78t40p79fe5MU0AObbFsTsmbajbvcp9ioU5B4IgbKdTEJh4fk3WW2gxFy7ZJvVhqK5iXC3SQS-tApH1_fk2GOI353FySrys7YBzKAc58V4ULd0tDjg-KRQqo1hlO5hawMoxXAyH1BpEOANlDGA0FeDftlu73qAV4c%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fbaiyunju.cc%2F$0;xdt=1;crlt=FTK1.UG.7T;stc=1;chaa=1;sttr=51;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:50:53 GMT

GET
H2 200 63c51e1aeaeb06ed73452eca
measure.lamp.avct.cloud/measure/ Frame 8A5D 0
0 55ms
55ms Fetch 34.240.213.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://measure.lamp.avct.cloud/measure/63c51e1aeaeb06ed73452eca?mid=651e6b2507e337ed959d3bc2&mt=1&d=baiyunju.cc&c=0&r=0&evid=7d651fb5-6ad5-41dd-8776-6b135ba896ac&vmet=IntersectionObserver&seq=0&sev=start&sst=2023-10-25T19:02:12.140Z&h=90&w=728&sh=1200&sw=1600&sah=1200&saw=1600&vsum=0,0,0,0,0,0,0,0,0,0,0&vmax=0,0,0,0,0,0,0,0,0,0,0&trk=false&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=839127857176&cp_dspId=dv360&vts=
Requested by: Host: cdn.lamp.avct.cloud
URL: https://cdn.lamp.avct.cloud/attn.js?mt=displayBanner&aid=63c51e1aeaeb06ed73452eca&mid=651e6b2507e337ed959d3bc2&tid=651e782707e337ed959d3bc4-1-19&cp_lineItemId=20618300095&cp_creativeId=523603354&cp_extSellerId=1&cp_extPublisherId=1&cp_extSiteId=839127857176&a=&cp_dspId=dv360&api_frameworks=[APIFRAMEWORKS]
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.240.213.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-213-30.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-length: 0

GET
DATA 200
OK truncated
/ Frame 8A5D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 928c79d026c80f6cd0a594be9d5c02004f451b4fa41a64a917ef33003baa3f28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DD1 38 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EA7 0
20 B 155ms
155ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2382459181674&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EA7 0
20 B 155ms
155ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2382459181674&version=m202309260101&ct=76&x=1&cor=15994711115606241000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0EA7 104 KB
40 KB 95ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApJKKJ1plotFm5ozqYTxHwS2KYTWBQFf07xj0AWeEoQk0rv6comhXAPayfvWxvtjbNNe6k6EHJypQQVe3Dda2Bt41Zm_JG2TPhXQKfsVlk3GFuqyW6zzWayekmRWQiecue0nKRKqs2jU6m3aBkU9rkKaHUJHDMO4MOdfeMIKkMSVmK6Wk&dbm_d=AKAmf-B8wllOl1k76uJNronV5cNf5dAigFxhTQUbY0fTZe4fkP1DgEVJiabIJCKUZ9sZE1XTm6M3ifk4WP1zV_6pVmcZMokt8ayVQIPp_neMcoB7My_Ra2GjlJ0GocYwEylVtFAf_4SL7KJVemenxmBoyVf3tioU8_wms6dPU9sDQGUSN_BeR0eKK0z8KhRnLVNg8FLb_Eb5JORKRYlRIE-E_pS6XHhTuQIKsurK7ilG0CbambprQVkjU1kXF8PMturvKmqJDFlxLmZSmdQwMENO1z5xu8THP1T7NqZRCqbJsPKfuId9WCjd126VqMEXDMvu7b0wBEKmjL3QKddY_N7wKWs8tn87ADBwqxfwr21cjY1QGRruOTTuPxw4bgbfF0YuvIPujHkP2ZmnZY-AtPwlmYkmiTTj9CGJbs3-awF9Rq0p5crA2GvNZu7IjbBL8MSd2HmrGm8bJOq8pI-pCMyIjajZ-U3abY75ZcJEagjiukM_hA8KZ0OILtY4J2ppfinsStvn4RRRgOJ9F1wePplMsAgSeT3tD8Iy9cxgU92JOWIIvL97TW1lwsVbp2vucsYfRofBBfcBEY9ubbAoA_Hxf3Secx9Vs6I2d6VW7Q9rNgUGQ64nHj5b4lIgcUbbo1CHm8gXZffU7ZI1qc6uDDtUNrV-29CpprGQGEzxSBbvH67ahp8RBktRkQVE914T-Y1PDx0Q-0_VFzgGf64RpYRuZ1LIebAFFDJn2pZgn9MFt2ieurnxsyo2JptJk6Js8_FWvuCqAPv35r4TNQ-5lBHH7GWL7oYiy1urSOZspgnhbkCKRp1ljeUNEvtA6DSNAtkun7Fj2W9KcTTu6rNQGpnIp0FZAShWA8D929Egs8K_GWRy8HWIndUUDdCHwWhY3RGCuhmvdTIUKIyq7nkrALpeAvnO4Nh-vUPYgx1PYcX3ud2y5HEQY0uFjzKRqhrv_NVUBgS57Qwn5-4EuWsaGSFcxNc2odBVr3xsKPez3iMLsP2E9b5y4ZpJ2PK3UgFNtFVAMMNobm27ISDKuiTPqqy7uESs9pHvLg_Vly91r0GisnkDDIJNrUv7x1DM4BA5TvPC8kRWC8dWm-64bov8NMiKA2Hb5e96mxYKLZrPuDENP4XwJw4W0Ri5L_MaolxVuIXOLBheMSZuJ-qVUNcaApbbqIIjyH-h7Dx7EygHC9S4NKZsKUJcH5sQvGAsFtl0_ZNGdPm2BhREJCS2oEYgR1xAI1lfDrS82UctETS1OsCqXuq9tmGf4uLH5NEseb7MvuA5pqAbBJ2FUa09a-QuhqqA7qS0DghP7zL7enwZmcVV-JZdxAvRDE9eHj4kdfHvztYP9kNzS5Lc8imAV4elsKkrsdlT2UxMIxGouIMnIujhTGfeUGPWjfppX1-QQmJMlmUf3y5h9utZ1bpPW1O7IJe-kcD57jqK83zMp0jRjJLY1vUK4NLFk4IaAc0D0RSgqqsNXmXd1Ojam_c83Mx8Ozb8jbd6bYdy9e4g7Q6luiDGR52xckrcm5QBjPkytJL1h3xT0wq2dGvaxZ2DHCKicTCYzyG4R0e3VRQ36iSnQbEg5naRox8rUEdHhFd_Bhz8IJqKm7ivtmhHdDFFDkIWnjOO5LPh0BChCwlHUAFAF44qTqAAAwQ8v-yLPLzu326M1iRZLL9880KSQBAAMeEHqEEgUKMe8KFsRtaZgFIdqzR8W3e1WEd1FhjA0XRVOQ5gz2OpxVziQx2jJDhz4VAEAdGe5H1j50919zjJrpdmj5M_Zav1QRwQ3tlKeltAbwS1Zf2JW2sjye5BKWNTcJf0Eth0n1mRMNPNEKAKKenbaMMzWnHpGQIZg9HCLZACjDxujoagOrZhJTnOCx36RFpNbnV155MJZdtno08fI_xWpSFBOj92VSC40F0B9dYpx4n8d98RQf2XP6A2GK5PhHqEu1Y4CPtBSx0DkG-cTIV6QWInxv11Ow3t4GldfRZGp3p6y_0Ob4KYR2b0ynkBbUdDjoAIOGSf_xuLD9inrv9TPvtJENDxpJ9_-CWHBSpg7pv5KWriJ1PTBPS7bh972CXcMnlrNdWejKxnoLw2GVQQZd1mIyXHDY0kfebf0cjlLScYmy2OVDh6tzPP6ITxWVx0H-tBV84JRmEaLZ5pEgBetRRdP8-YdVD0wk-5_Jcv984xHILX2Lde_kMV_XcOBANrA1wTqxLarCkg7g9JbsKTZIHsSVEkw8izk4Sx0EPlXmuEB-EntyoJlFw9PrESgpG6jPPQX8CqzNn1toACfsR2sRzkjXwHIst3NW8Z_Xt75TWmuYNkfpeOzjrlCczRjTDiP5BD6CfGHSgOkZyNk5JyEMdHrx3s7dDvfZp0YRG8vki65dvktxOrUTjaL27NLM53cSR0XPVrdR_3xfgpsKa4IuSW3dtQ0xtDwwlP6-bV4W-bEexEdRQ3u5iCkpMvw8wPMZhyK7c-XNfwfdXB1c7ZhgdDhoeQM_gZPtCIh-aX_7KMOLcnMKTBemzHRDPpAALDgtcIAlOL0jEyYe0TNKGdcWMe5GO-CT0NFSRZx0g-o7PYDq-KU0jkZ8NWMqFqeUlkOzsL4qs_eG1L5xLg2Y6I8hk-FcTRRYC8ua8ejF4ieJpAeJJ1Abxd4KGXWnPX-M_o4UBy-8t-mEX9D7ZxODTLldpFKdt4lEQlB6jw-QbQkzo9v086DZEE6L_CPqHt-WKx9Wajov0WIo4ttCus4W0aSSunn-Phq-v_9dtF7G8YXW5YQtimAFC7pcy-Kv_yW5lvjC1eEpcyCPPU9OX07tb3Yislksaq2QgDWRmgZvJFDF46PBuvCZWPQ6ZDQqGhmZ4VvD908gG8iuFWySTLvkOUrxjpFVR2Nea_YmNCHNOs2_Ut_YnHHPXp1eniAuJvacr21D-cVmec8yZb661QuZ-oZybtY_GXYoy5FAqI_vrmnPSDrAWu3ORvTU6GSOXwOSAxOafDZwrSrkSnCyH0FXQHi5GYBlEhzMDI9ZVwoh-xQK8SaIBhvPuKcMshsbM5mAXnG0WfIXHbYcC4baTDHKygxiXN4idB5n8Rmj94BSrdfs2XIh2hbLbIrdrsnaBsTApUi-NPgfBMeG2C3PjNVwobEvI00TwbsHkiW6TecKALYWFkE5vC4xJyPm3FOfJ73inMDShSCSXjzlYidz-iS2iIN8gkvu-nHp57RhBM-79GrJCDYtW1wbnXZNmVtsJTEabsTH-J8aCsoFxRzbg4wvKBuPZJKSM3AxwOhzlWZLatWb49hvcWuF4Cj7xe0DRgImedvU96VeY6J6cW5zE1-CB0wnzHJ3V93dwG8nkQ9Bg1jeKF8HX-85juinQegvm9-wIRXMazhwTgZs03wRzAz2oR3nwjuIZzd0j2OJ2FsAoTOpKsrqC_dfq0Pml5Mg5kObBgTXGtVPHnlo46R5VAeOZuC4YvjRFIwxGP0Gv4YUQqPHz4cJhgbjWNTvpNWoZ7NAXe5bOVgCB_2eAPMPSu8VyRvV1-hO_SeDKAUlSn2PoE0GCthVa4Mvyc_9gFWIJUIwG0-6_-ph_gaowxAUIllbvsYQcS-Rwwl8eqLk99xRNUKwzRnndJtMc9D2VMH14mCe1c60m8jzPQLY_KdXYYY54bZWmySVl_yvkF1-JmWGTvOsDG-TroRwuOWLKqFE-FuzrspGICNBYulgYMUd1_zJKljIHUzMTVf1HQWsE&cid=CAQSOwDICaaN5BEzaDA7vPpzjdiRe3dhXQrgcjXKgMN772J-_QnVvlevIBxAHLwG25t9z9RPzOoU66n0IOtcGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=15994711115606241000&adk=929882891&idt=110&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0a680c6c0b26a196cf4e141679fad382f34272ada617392a295c5e0d5ec5b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B532 38 KB
13 KB 29ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

partner
sync.search.spotxchange.com/ Frame A1B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame A1B8 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame A1B8 0
15 B 26ms
25ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNXYb1heJp5Vw2LH-0IfLBQquI9_KMt79C3ksvIJxT9pWdaRUL5UnwUy3XyaFgbRGHzGnaCvx0Roa8UUrZIXl-aWeyr2hRNPd3KCWub9TxV-RTZgPtSZGo5y8mJ0ThTDR6i79-pfWEPPOjcmxFFjAqJlRV9G-z9zgoQESqhWxMD4wWQxJBU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 1587
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP0KloBRHJPd5dHMICBHVGE&google_cver=1

43 B
113 B

397ms
176ms

Image
image/gif

185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP0KloBRHJPd5dHMICBHVGE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWWLw0FvRgzGeRJtyTk79jQ9fpM3Ge7ulZwQOt1j6-TvZjlJZg_By6UKxp5UgcIDBJoO7tL611YW6W_QKWch8cb9R5GYzw2JxfkCG43_OqzZbIeLrCDbLOapel_4Ay9MZbZDji071ldH--DG7tGe-LM8jWR1UMac9AXMx229jGwUEZclTQ
Protocol: H2
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP0KloBRHJPd5dHMICBHVGE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 1587 43 B
114 B 297ms
41ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNWWLw0FvRgzGeRJtyTk79jQ9fpM3Ge7ulZwQOt1j6-TvZjlJZg_By6UKxp5UgcIDBJoO7tL611YW6W_QKWch8cb9R5GYzw2JxfkCG43_OqzZbIeLrCDbLOapel_4Ay9MZbZDji071ldH--DG7tGe-LM8jWR1UMac9AXMx229jGwUEZclTQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-type: image/gif

GET

partner
sync.search.spotxchange.com/ Frame 7286
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 7286 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 7286 0
15 B 30ms
26ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV2sZnwisj9NYQRVUCr2xfmNCifF5J1Bmnft-7lhXbjm7YSCQjqHC03KKtE6TXatg3QFccMMgYvv-lTJjoXNf73bN_L6_cFODupqSSIojiiCN-TgPu3sro_zt2bCM_rbbVf4paHergttQWstk4IecXwl0k0eoNgsC7dWcP5WYFTmMYjX_A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B21F 0
20 B 129ms
129ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=935037262203&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B21F 0
20 B 128ms
128ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=935037262203&version=m202309260101&ct=76&x=1&cor=12877324123873343000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B21F 105 KB
40 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Alz1vJw1GWQNoobh9Yh2vbi9YdUbhxctlyWtM0Lq6vQAV9lx1avt4q34tiCSqTq7SwiUU51qosgSf6woThbMB9c_URLk36ANJfdUSkrSb_Sn0h8e_812E6QTLzTPpa2PbwK-oNxulGaIETp6YmQNWGFgvV6FGKwAGnUMcbTgqTGWsKFXk&dbm_d=AKAmf-AV2P1DdPnpQnqO3SyVpGKJUe29RoLALvLiAwNyy9fuh6Wnb6_4cROCL8_HxEF4NTlQeaOQMkxllBxMTLt-5QWilWMY2vnpFPWV7toZLTlWQEUQ3dIkhVmgyxsyQnDJMwVTL4qNWdwkBCY5pQ0-hzpwMzkAH9-ohpvtoIdNUFVPfl0ww1VINnseq5VEmUX96UciKUEY-iMPYOftXKjHt7LZyuFASPdOBz3fgmJbDn1q1Rz-ukgveCBrRXqeJXDE13awxdlLpDEGUUo55T6GUdBPSXEmBh8dr42_rmQrHwPNMwHBCd7ngF8rRN_CDH-wBDZrOMGWKibUqqGBFLBwjWl3A7xof3rFr0InpK9Cm2m3UuHJha1c6n9OC-b1gulZui3KjfVtMNYNYbjf-CwknKER1AFIGt9k4fY_WF8LWu7o0V0PBHx_-DFB-TBdOngsxTwRENJacb4yHunNFVVLFvNAcR3svGX33LpbmVhU3EVgOlMSKkBpyawaiVgZ-FJ4Y6ZKcAzjexTUSx4XmnbGzLhnMHLF8se58C0NKEf5YqfMFc0Dctq2uvAC05N6hfC04mtxtuprx0decbJargOYMYQBNfg8jQGOtgulRY7POSUq-pk7i-wUiw87FO63EYPNgC9uNMN45Y_nhJGUhJVYqhiN6rmiE18t2I2hm82YPgb83h1yfWj0rPXqgB8BYJUSbdeHCyjZ_5GXmbpcysojkt_ksbIDg3Vrk_f_neynEahlAbgGujwMLUUHfNPv7NwpxiTWbLsppflN4tFWE4-7CcYGxX2Vpr1LisaWnH792XFdrY0zW147G-Fg-LCpkRZXtew3gaoIlI5tBxirw17woMm2uxbXFH_yTXPVdZkOGcW07sot9KgBTb_nuyzRzHC8464wBUGTpF-01lwhtKGdDKeakA5yrOg4J9ttQ_ehG3FFywFl-HGjAMsoYOfZJ0Mws_Hm8pM_lNrtgSija_gWzq-Rt2jFQvQFH2j21OtMsBmiMJHAqipPlOpPk1l1ez5L16zph7ABpxA3alIzSq_nhewk-weZ-kzq46KzNXsOmQAdvhJoYft2D0pX0QZNhs6BP9z6n59ANFQAfAvkNugpQ9p1M89pcdOGss2JfWXHlALfcP8moOLZSlkr_kkvXhsQh95kC-2AkXbzJrmFjKGAaLyKklKJbV8HIDFybXjmts3xl4WHTgXp5yVqsp4SjkqOhJHF8dZhthDCmF2GolB8ixrQDp-AlVCn1BWDFQpl9d82PY-UYEG_FhT1eYeEAdiqnAz49DnwY_mdt06_VFndrVWEG9CXl8QyhN0OgSEP5dy64GAeUTEqrDlf6KD-mG8v-ox9GKeIgWBKvSv5XD_M1SDCrgXfXceV-3sx43pul2L77_BwM6ocJanik2hRd6_FEmLTYv6z5ApYiF5vi23A5r3sGTnLVCIfWo-SORQvy7-aUGYt-VhJS3ahwk1PeNKctK2tj3ITnz9i4DHfGn0t374F3fj94vKlZWZs60DHeRA9cmtvW7CEcxN7RsuYKTST6zG9b3AsSR67IIXhYT1HGY_ujxaMxnUpZVJxUo2aEzeNSa0h4c7G7OeohyT68jUrl-BMLbru-1mKLjIhfT52lWSU-qB5obbLHbxCQgwlxYQAZdMvxiWT7jCGpk8Yz19tST4hY-RwR-p8IAy4jg3O9oHqPGW_kaiAVuBQsaVfRe7JdBO7CI3JaRXRVL8hx7ski9eoqv8s0KUVK6n9phVcbWwxN7bKZgj-WGQzSSokHNCk-lHler1k7UwMBJljbrUfaZzBJgoFRMDPTszKN7HFmQ_XtyqnyjWLLR2pHBBCC-n3JKH5GC0lVys0kficp9UpTwPlb5hWHbUnqVlcHtkTp1h8bD9VVUMWcaYAgSg63y23Yx-5WtGbvyIFf9TJaF-CaFH4zPDQmd73biXfZI2Pyp_Q7nsJ9LPkOZ0sAn5ZzZ9O4rDBw3nnFv_10RkI57KB-gu6qJ6pmhNGZy459H0LB4Ha1qtbYtW5zx1mYDeaMgdGat0AyImXMVO-SX_VCnYL2MfhYOyDZ08gWs5sbU76TvTgmS3z87uzW2dtWXz51cF4dLtD7uhS1zQR49miqnlv7JGGa-Y90TAGP_PqpdjZ-rjEjlOm7-v8GLZtbCoKPvqgusia_KdkAkt--pwZGnVd7E9J1wwATbZ4ypSpY6sun8wo1g7VKc20RIWOJIji85o-Y48uq9FQia60A1MhD3xA-xpuWlg8IgxOQCYo9n91dgChWRZxdvqYNNbQGb9wrQr3b6pQ-HDmRe5O2hwsrIOXbZdRcnm8vejZghAV_G-A-jp0kLp0jegR2dBvL2x1h5meC21z0qjSjSv7UMFFMOc5xmMFFH12G_9xIeYQmwSqU-NDvpzv2jEP4HLQPD3-QayPkxVskgz5AochryTspacjyRATvyS5QXuLT_If4HaYSTirVZiG3qLLr--zvsNrFwubCngHFXIsMnNVjUNQIB13jROIW6QJj11JmV7DFJ_UIK0NqohdfN-HZ9n7D4ia4-utYjq9RQ73OWFNIpyCBgY9-Ai3tzwq-LUvaqZqwI9vzkT0rhMDx738bP9tkh61oIh8j9BQafuzX3tEhkGZnOuIjN_a-wzp3YA-FdReEiqBPRiUXrk0IEjzsMB0QxKbnilnpKDwj9ZPPKtbJw2DR7ySAxI7sBOrLvYaBNFGgWC5TEE3sWrOgywGZFdaPwrxV3q0fZAjW0zS7XKg0bZygccSdRxsew76BEUnRGTti3w_w9QJ3ds9Liy6xYZqKbuXhU7NAQIA8ttkPTS44pgAFBqxaogUgYf1ljVzeKMUOWg28-x0N_lQgsPZpd1cj3pECnYC7lhNh4zdSWa8RzqB5ozRaRre0HGKY-vpL6qnQS1upAlPanndcasDGwCXXIJVICj3tHP1Thi4_PN2kzmwQ-Ga9I7UuqyKf5tJLxU2OFvgS5Az4HU8LAMnLc1m_i7Hy1Cotx-5vWPTOj42nE2kyiegHSJzFuxXDn1mCWIj5CvHifZ3i_rxK4AiwhD9YZboQZke-nCNdchqkZdrLYNgWaVhVBNn6AIAcEmKsG_iwyWDrUzgbczMGl2TNANn5SvYzGJsujexnR8t1FAPuv60_xNpI-kiLjwsOahU0-PFLcnUV2Dra7NoaNxBfqgp5OaVJewL9bjtHSHvWZM3Vvmd_G1tzUKjfkVj2V7KTmsMCQHGWFeLJc8sBsQ8CEcyBWvdyIhhTenMoqQpRdx-j22LczGxHim1GSEJDCtNP3h9TpogtgP1PcP-8knd-1VwH8QrFcUyqzYwEAnWqUq2bFGrGrNCty1rkkqHBJOg_RdvY-ySrCw_DbT4oMu3btlCs0panBJ96ltZJkXTctW17EmUX_Na8QEkluORvVSsKGym45LWHGFadE0Lbcc6C3V_VxXgAYN0UD2dsibkyj7CzKoAmj_XPGAv1q37dA3bVo5lhAENA1DVArUOA22FtAnuq_gEOC1IzRagZxQalsP1SpxZDEI3P705Og4Lse3tyzrSwcdjwB9gknOA_W-Ituh5xGhm3McBOyjwgKH-vWAbdMBoGtf-E2Y9H_z_JVsuKBdD8qN2fEbXi5-HC3FCruBky57p-CDhPs49flFJNnUjiaQb6tmF9UI2ICfnzoEGvcsRzm-EhfYN3bc1_QGyUch8CP02lFF9FgVTjFcQyTMeu9Kc5JeG6QrC_ZxYqtu7rH7JWyE_n6mYNMUeonOEv2H6LRTRuwrsNHaiDi8&cid=CAQSOwDICaaNAfW415vJd6fCTEq62yrD5EijPfr7gVxIfKhORPyJiGPc3t_n0JtsU9480dI0WBlWiwqYdUriGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=12877324123873343000&adk=1761367587&idt=109&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaaf4ac3f8176054e934c315fc88af01511f5e54ceb42349564ccea18501509f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 6 KB
2 KB 23ms
22ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abdeff3f6b80e43233abe7678ac77ae09b4e04abbc10ad9cae8f472b8c12d151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 248255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2089
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 22:04:37 GMT
expires: Mon, 21 Oct 2024 22:04:37 GMT
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A5D 0
0 68ms
67ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssj0Y0xTl-GZbkcLH-D24D2igguTZ6OlA-vTejkB7akEgF6EGc11KmFXE4OM8FSosJS6GTROiImE-Pyy21Wmn1tSElKTamPtxCfmoFy4_zykEwt-gz0lSP6U-3g9INKccH6KQwU4M5Lz-hWeltoV7vS8LfWJLYfpSpn&sai=AMfl-YT5CjpgMehpXN8eFVs6wlW_jghG9Byp8IZSedFJyiPvov_NzuCVZI1uITlN3rxLZj7-iKRZTh9C4W2u9MX4JkvodBSQUjpvXUeIwA&sig=Cg0ArKJSzBFnjYdUlYvIEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=99&cisv=r20231023.30788&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame 0EA7 251 KB
75 KB 192ms
57ms Script
application/javascript 54.78.81.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hheG-_HTfPMpcHHTkn1txD
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.81.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-81-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a7deb99604da9561a884cc9674f9fbc4267a605dfad129e5768f1b3e2d0723a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0EA7 111 KB
39 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 0EA7 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApJKKJ1plotFm5ozqYTxHwS2KYTWBQFf07xj0AWeEoQk0rv6comhXAPayfvWxvtjbNNe6k6EHJypQQVe3Dda2Bt41Zm_JG2TPhXQKfsVlk3GFuqyW6zzWayekmRWQiecue0nKRKqs2jU6m3aBkU9rkKaHUJHDMO4MOdfeMIKkMSVmK6Wk&dbm_d=AKAmf-B8wllOl1k76uJNronV5cNf5dAigFxhTQUbY0fTZe4fkP1DgEVJiabIJCKUZ9sZE1XTm6M3ifk4WP1zV_6pVmcZMokt8ayVQIPp_neMcoB7My_Ra2GjlJ0GocYwEylVtFAf_4SL7KJVemenxmBoyVf3tioU8_wms6dPU9sDQGUSN_BeR0eKK0z8KhRnLVNg8FLb_Eb5JORKRYlRIE-E_pS6XHhTuQIKsurK7ilG0CbambprQVkjU1kXF8PMturvKmqJDFlxLmZSmdQwMENO1z5xu8THP1T7NqZRCqbJsPKfuId9WCjd126VqMEXDMvu7b0wBEKmjL3QKddY_N7wKWs8tn87ADBwqxfwr21cjY1QGRruOTTuPxw4bgbfF0YuvIPujHkP2ZmnZY-AtPwlmYkmiTTj9CGJbs3-awF9Rq0p5crA2GvNZu7IjbBL8MSd2HmrGm8bJOq8pI-pCMyIjajZ-U3abY75ZcJEagjiukM_hA8KZ0OILtY4J2ppfinsStvn4RRRgOJ9F1wePplMsAgSeT3tD8Iy9cxgU92JOWIIvL97TW1lwsVbp2vucsYfRofBBfcBEY9ubbAoA_Hxf3Secx9Vs6I2d6VW7Q9rNgUGQ64nHj5b4lIgcUbbo1CHm8gXZffU7ZI1qc6uDDtUNrV-29CpprGQGEzxSBbvH67ahp8RBktRkQVE914T-Y1PDx0Q-0_VFzgGf64RpYRuZ1LIebAFFDJn2pZgn9MFt2ieurnxsyo2JptJk6Js8_FWvuCqAPv35r4TNQ-5lBHH7GWL7oYiy1urSOZspgnhbkCKRp1ljeUNEvtA6DSNAtkun7Fj2W9KcTTu6rNQGpnIp0FZAShWA8D929Egs8K_GWRy8HWIndUUDdCHwWhY3RGCuhmvdTIUKIyq7nkrALpeAvnO4Nh-vUPYgx1PYcX3ud2y5HEQY0uFjzKRqhrv_NVUBgS57Qwn5-4EuWsaGSFcxNc2odBVr3xsKPez3iMLsP2E9b5y4ZpJ2PK3UgFNtFVAMMNobm27ISDKuiTPqqy7uESs9pHvLg_Vly91r0GisnkDDIJNrUv7x1DM4BA5TvPC8kRWC8dWm-64bov8NMiKA2Hb5e96mxYKLZrPuDENP4XwJw4W0Ri5L_MaolxVuIXOLBheMSZuJ-qVUNcaApbbqIIjyH-h7Dx7EygHC9S4NKZsKUJcH5sQvGAsFtl0_ZNGdPm2BhREJCS2oEYgR1xAI1lfDrS82UctETS1OsCqXuq9tmGf4uLH5NEseb7MvuA5pqAbBJ2FUa09a-QuhqqA7qS0DghP7zL7enwZmcVV-JZdxAvRDE9eHj4kdfHvztYP9kNzS5Lc8imAV4elsKkrsdlT2UxMIxGouIMnIujhTGfeUGPWjfppX1-QQmJMlmUf3y5h9utZ1bpPW1O7IJe-kcD57jqK83zMp0jRjJLY1vUK4NLFk4IaAc0D0RSgqqsNXmXd1Ojam_c83Mx8Ozb8jbd6bYdy9e4g7Q6luiDGR52xckrcm5QBjPkytJL1h3xT0wq2dGvaxZ2DHCKicTCYzyG4R0e3VRQ36iSnQbEg5naRox8rUEdHhFd_Bhz8IJqKm7ivtmhHdDFFDkIWnjOO5LPh0BChCwlHUAFAF44qTqAAAwQ8v-yLPLzu326M1iRZLL9880KSQBAAMeEHqEEgUKMe8KFsRtaZgFIdqzR8W3e1WEd1FhjA0XRVOQ5gz2OpxVziQx2jJDhz4VAEAdGe5H1j50919zjJrpdmj5M_Zav1QRwQ3tlKeltAbwS1Zf2JW2sjye5BKWNTcJf0Eth0n1mRMNPNEKAKKenbaMMzWnHpGQIZg9HCLZACjDxujoagOrZhJTnOCx36RFpNbnV155MJZdtno08fI_xWpSFBOj92VSC40F0B9dYpx4n8d98RQf2XP6A2GK5PhHqEu1Y4CPtBSx0DkG-cTIV6QWInxv11Ow3t4GldfRZGp3p6y_0Ob4KYR2b0ynkBbUdDjoAIOGSf_xuLD9inrv9TPvtJENDxpJ9_-CWHBSpg7pv5KWriJ1PTBPS7bh972CXcMnlrNdWejKxnoLw2GVQQZd1mIyXHDY0kfebf0cjlLScYmy2OVDh6tzPP6ITxWVx0H-tBV84JRmEaLZ5pEgBetRRdP8-YdVD0wk-5_Jcv984xHILX2Lde_kMV_XcOBANrA1wTqxLarCkg7g9JbsKTZIHsSVEkw8izk4Sx0EPlXmuEB-EntyoJlFw9PrESgpG6jPPQX8CqzNn1toACfsR2sRzkjXwHIst3NW8Z_Xt75TWmuYNkfpeOzjrlCczRjTDiP5BD6CfGHSgOkZyNk5JyEMdHrx3s7dDvfZp0YRG8vki65dvktxOrUTjaL27NLM53cSR0XPVrdR_3xfgpsKa4IuSW3dtQ0xtDwwlP6-bV4W-bEexEdRQ3u5iCkpMvw8wPMZhyK7c-XNfwfdXB1c7ZhgdDhoeQM_gZPtCIh-aX_7KMOLcnMKTBemzHRDPpAALDgtcIAlOL0jEyYe0TNKGdcWMe5GO-CT0NFSRZx0g-o7PYDq-KU0jkZ8NWMqFqeUlkOzsL4qs_eG1L5xLg2Y6I8hk-FcTRRYC8ua8ejF4ieJpAeJJ1Abxd4KGXWnPX-M_o4UBy-8t-mEX9D7ZxODTLldpFKdt4lEQlB6jw-QbQkzo9v086DZEE6L_CPqHt-WKx9Wajov0WIo4ttCus4W0aSSunn-Phq-v_9dtF7G8YXW5YQtimAFC7pcy-Kv_yW5lvjC1eEpcyCPPU9OX07tb3Yislksaq2QgDWRmgZvJFDF46PBuvCZWPQ6ZDQqGhmZ4VvD908gG8iuFWySTLvkOUrxjpFVR2Nea_YmNCHNOs2_Ut_YnHHPXp1eniAuJvacr21D-cVmec8yZb661QuZ-oZybtY_GXYoy5FAqI_vrmnPSDrAWu3ORvTU6GSOXwOSAxOafDZwrSrkSnCyH0FXQHi5GYBlEhzMDI9ZVwoh-xQK8SaIBhvPuKcMshsbM5mAXnG0WfIXHbYcC4baTDHKygxiXN4idB5n8Rmj94BSrdfs2XIh2hbLbIrdrsnaBsTApUi-NPgfBMeG2C3PjNVwobEvI00TwbsHkiW6TecKALYWFkE5vC4xJyPm3FOfJ73inMDShSCSXjzlYidz-iS2iIN8gkvu-nHp57RhBM-79GrJCDYtW1wbnXZNmVtsJTEabsTH-J8aCsoFxRzbg4wvKBuPZJKSM3AxwOhzlWZLatWb49hvcWuF4Cj7xe0DRgImedvU96VeY6J6cW5zE1-CB0wnzHJ3V93dwG8nkQ9Bg1jeKF8HX-85juinQegvm9-wIRXMazhwTgZs03wRzAz2oR3nwjuIZzd0j2OJ2FsAoTOpKsrqC_dfq0Pml5Mg5kObBgTXGtVPHnlo46R5VAeOZuC4YvjRFIwxGP0Gv4YUQqPHz4cJhgbjWNTvpNWoZ7NAXe5bOVgCB_2eAPMPSu8VyRvV1-hO_SeDKAUlSn2PoE0GCthVa4Mvyc_9gFWIJUIwG0-6_-ph_gaowxAUIllbvsYQcS-Rwwl8eqLk99xRNUKwzRnndJtMc9D2VMH14mCe1c60m8jzPQLY_KdXYYY54bZWmySVl_yvkF1-JmWGTvOsDG-TroRwuOWLKqFE-FuzrspGICNBYulgYMUd1_zJKljIHUzMTVf1HQWsE&cid=CAQSOwDICaaN5BEzaDA7vPpzjdiRe3dhXQrgcjXKgMN772J-_QnVvlevIBxAHLwG25t9z9RPzOoU66n0IOtcGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=15994711115606241000&adk=929882891&idt=110&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:50:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 0EA7 30 KB
11 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:34:07 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0EA7 41 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64DD 1 KB
647 B 25ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 26 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0EA7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f62375013033f4c25d5df1275a676f365e75a7f2b04cb0672ce858896a77ce33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E79 0
20 B 126ms
125ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2104305975827&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E79 0
20 B 126ms
125ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2104305975827&version=m202309260101&ct=76&x=1&cor=7943715016734382000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7E79 104 KB
40 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKwdDBpfy0NjvPPIrpzarncELMwtpmXAFEBTKvXKPuTUUJFHdjHh8VhxbX4yDWG_wL-0u1Il24RcbfB_gpotw6H12UXV9o58rSQN-ZGcNvKlxQuDP_De0cja1PSs_fPqeRsdqoAV_zvQzPyXYHCBHs7-IaVvSe9NRvvc6ZE18--vbugas&dbm_d=AKAmf-BW84OQ5PUEL1Z1ZaWqJbnmkK8-Vz9YaOfZxIQTBrOtyZrspcCtirAZOPsWfCvpgWav6K7yEs50o6lWs0-f9Ud-xglAUYrrVx3IEqMXnEi8RKo8SRBVaV4NymANZQrJW26rGWnT-G3B3BbTMo2HFA3a5cogo3Ubaqb8PllMkVTM9rbQwUAqupak87Vorvz78FYTC5Cb2LH1et-yM7hwP0c0dUfsjveUahW7KffJAaJUh8vzKhq4FEphsv206Osv-MgCXILrI97lILbdPnvBHU_njAY5CWDqMS720pd44Q4NiMGYilJmqs5yi0NIAZmXcujqY_eQReUqQU-SeJP2ZP-u3OfqHeR97nVUx02tS2Px193W5ZDtn1MQztnCAaakvjl4oe-MynV-OOEiMxUIUakuyFuFZ5nxVT7uB5w_hSe9A_L7VjUbed2eRillGiAMEQ4kgxvwjH01MoiD0uc9a_Ft72xlZXe5iDDFAxTcWJZbBk7WgGOk2FWw76C70uAZS9Hy6MOP0xdf2wHCdfgwTY1OHcQIwD8E4us6erhgK-Hk8F129R8Yzvbc-wlEKAdYPHTmF2QRCOt08kHDsyqjxh-7YJVVcTM61zOC4bBs3sxTmsn30C1ihKzc84nvakHfTkWcP8rRgNCkB3R98HWjjFGDwQckkDJStAsJ8sIQE1uEBOuryNdkOZSvXqojDuUCDURz7zyk9nhKeaxA63G7wpvg-eng1WfbaoFzMQHDJ3JdC-mPVWhaGROIfr40FweE2A-hgPx0ti2yz1rapGP4hJI-kIIc7FlcsOeTCs5FuuxI63f4Tes8LuMUUUbfVo835GxIUEJETT9zXWvW6DNpcIrQ6BD5Lb2wrEURoWl0L2s5pU1cicb5A2aX5grK-behjQQBmvnsZLiWncuHHMCUFgPYxZU9jrD9_dNADCc8KZDi4JOyt4uYWisoLtGhuo8r0usAGfnorUgUdAHAnj3ON70w-FzTID4AqBy1OdFV81q7LPVgHL4OxqB6kumA0AVFEYqE7ucHQcgYOJYA_BS8f9Q2gEqm-RnnFdUKkgAUNsk3m7rkOc_6AzJ6c0ZLEiLyLGCsptpoZC40CXnPABLewim1UUDjyTVirCUc3JNOKnlL_NwHSafSczMe38cViID70isfc7hF7ELjQxlobEDvkqLgXJn96ll1CHTUMpwSKHsGEqCeQf1DqQu91JgD09xzb7dPaUCvCBkA-H2kmbYA2IzujV7GAFQje7ttpG3nVAJ5ZrDnEvLFHFU3lWD1ni7itbI3l78-PQBk1U4zgiSaDXOZSbFj94qKh395GOvtsepsuUysup1jwhxjK1TLzjtVBjjMk7xuMDNnxwzVVnSrUyULnfxUy-pFRHVj4mfcYbufH9vn_5Jqi-HDazSmcCkRnL7QZ-ENeq8OyQ0MULV8IgsfWCzihXufIXZJfBOLLzExvx2ip5zO03KPoZLmotkGKVOpa7o0h0OqnuevFHYq4LqZoZjo9QKQECtZopH6E3qEEYcNpKvBtzsiLExfpIABN4_jrM6K8iFblOaU__pMP1ndauNQoO8RDKrEpPw4gQudjR86P1GfH4EuK_LIHxxNNKsSm7UhFlZu_Lu8lMuJwUiGjXOp2fVh6jQCoghFPk24-HujPQViT0UdEApTJvjTOxtblt2hklstd4qMUyqzU4tGQ2t5J72RoV44UXtcOzbCZHKp_U5HISmg3OLrtQkTJVHQ2Er7FzkOMrcMkXgrWQljVQNxQIHC88fvEvNm8NHuekS_fukIreMyugkjX3WugFL4vQ7HP5B0_2h8VbaaZVvg0sEc69biAxdhq7kTv21eGpdExq1-l6a7LrbZh8QS2GaPf163f8JlSQCI8Pw0I4j5aTiPYy14eCn-6LUIw4bcNyyBQeLLGyossSUT9UtMhMSl2UDyqyj3B751_noNL3uT2MOjOXHFryH_znc38aBWUpCghABYApG-CW3atCNUA7jYtJZp02wruGaj7PmwnRRotz7U8sVjuwyVGZLE1KSIVKWz5ja67ciscIbnD2r1ggv8KW7AckbIOVq7hYTYFL7U6pRmfeG1PLtZBFP15mb6EDksfnMUu7fwQ3VjtfPieeUU8lFV6Fb7Aw35O9DkxYYflUfcI-st2Nl67uoEJU_mNxtMCAtWrkoFBkw3kbi-bDMVnXR6G3EFC9wDc1YdaMpccr-JdcD3YhC6dg8F33FuLo1bVrDq0wmlnLHZYvaXOrbJrZFGqqxM3bBkpJwDyMMtJRJdTTfG4qX9CgxDUokz8YHknfwlulKme14dvwHjgCZqJYzXo2o_cpdap-BFtOR2L4mbe_-_QEghuYO-MKvAUj5B_sj9Hb-Q-aYSzdJIrq-jAzKV8ywmAVnpaberUuu8S0OrC2sE5eRMI6UmYsVFOHYIgHIHSTNDnwPRJ898kxw5DatpSFTzMLtLFdA1rYcia6lFyegSwaXI-uY1UMCRaPwG9KRqysueWv_QRBbDLuD4L-VHuncPt0YGVqBkpP-eFmeiCCYw7ZgmEe_pZ5ozDAqqIsSVsJPuvNDeVgg5Uh2rdrkerh7M0k8YyBp0u0lLH8AqBHVvB_V46VnH0KjxGTco2AQ2kOmt5izxgYQL8GKDPDyf_kwfdutgZmbUN5f4Uc3BrgnTcDESDxpZYDH4vxzwWmAJgAdF3ADv9Bu7SztJtZz2ar2pRM6eUFl8PJWK8thGB6uNo3NK5E7ssz7BEzKgxKCHg2mGYQlbmJFvUUu_DNCJtJ8oBHaysqiukuKXzpcy_JwVKNJnaOCm2ICzncrqPN6TipqiLvRtRl77AZm3BUz2TJK95B6ZxKhrD0out-ssB_oIk5k4HulWp_4g0pnqPBdMumaD7j-xcomA4lAzrD-RwnJ99nBGoehnacRzaG0PmENdscr-K8Pfe91klceXvECJkc1aR3ZuqXCtwDI3r5aXNTZHDLyrw0eaNRi0N5Ru6nApVWzahz3-BesMHsUPaqfS606YIEd0cbMxiLYnA3m-XSDs2iSyqPoj_v0i4Hh5XOPyDHsElAoL1GY35dl9BfNFTbaHQJkgO5ZnfDEAi06jVqXr34mIq9UzlOj9wepLXifZhwJlN25kq8XdDnYYXwFy7lfbCYqf399aMUk4hoLc0e9FduS7G9ZPj--opIVxoUmQQgMmdrWh6HmlK7RtqqHycQq4nKvSVEwD6_nJ_5Rcz9_ZRTdU_yohYgD6eZ44b2BTXmhbZa7VR-Oc6MVYH2khNhNs2CYH6oAlQD7xteXkeoywT83MxAD_iKxpAHY4BtZACJ9aEyDruOQ1DUUZRooCov4Xi6VE0IeSSTVBTZy5ELfiNc8X00WdqF4XY8_Sj1cME2LE0LBS1MljEgFw-bvky561A2F1PbaOZWMLufRR_-huOb5D3rL6IOVwRCWsBYmeLK8nz4RP3R58SF2_nvvaWGUaWvfmj8ZA7SVB-WSWLbNX3ZjC-9YvPJs0FU3y3dvQHt_Wyi-Zbn9T5QK_hKInQzQS8lVYyq9ISs-OuYGJcZhdhfGpXt-dCb8s1YiQez9y14tj6iaA5czv6fK2Wd3qW-nmdG_Ticz0IMCBteuPQtoA6R7cBsvsf5MELt9PwKUoDdnyey_rh95ThBM-HiO-WoaAselDCxW6iheOW3EKhXYmL8R2AT_dnfsGV4I4za1b62HIK2TKZTw30X1CKvk&cid=CAQSOwDICaaNvyQe24K9vklaz55U5sRq0UqZyCidDDRLJVYXn6YvznnKuyzYKkAIQNRgaIgO3dfGO0ZXNEI4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=7943715016734382000&adk=1726166460&idt=165&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ad29961470ba23b57dafc9c1626b5c751d8055517af3b13b1f395f6068f0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BA 0
20 B 125ms
125ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2852971511082&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BA 0
20 B 125ms
125ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2852971511082&version=m202309260101&ct=76&x=1&cor=13091205379883762000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D2BA 105 KB
40 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBZWdmaWMzDJ91Mi6vwFMbrg9O6qWfyD8fLC95n8bXNAjyKzFj9rKFmRrEYNq0uh6LNQoS97_aT9rPqoRLPhYmjpGuTUhRzZt6esxvuKeoUkqaUkMXHZttxtIaznvys2dR2Lh4deAckSq6UmVKUP9LQXV7jhRzGK1ryndYRNvizFzej9I&dbm_d=AKAmf-Ceo1NENTPDw2hN2FFZcRtr9kqfjwETSFCrWT-V-x6hrOBgePXr5WkKiTBbJJB7pgKFVMUeJXrrBLj21MQrKvPqN5w51OJ9lLlK7_5sCYWSx---PR19wEyFovNI1oFc0YhNOg2Q_X45qzcQGU8YeT7IIK-KNTFnwU5poHAZ-NDExkqgZH8FG_zTgRex0DnLUMAqgGbCqO_LrIQ__Uqx31QLYCZ6EFAcl-U6tJgNGOS7KHQD9OfmlA89FtNaEEX-q2O051zlSD0jZkJJW-tTWPEFRe7To-aiCohTuTzySWDEucYfPwfegjag7YYk5PJ9YbnzOOPmGJth51IPte8ZFYgt2wtwx9V5mQCJmTsfSqw9S0LUgbxp2ByMWJ_utSpQYzOzbFoyE71pf8QWkSTAXAkFKCAQtJFjXH9qWARDLpyVJJb47n3TrlJj5addIAZdlccbufFcKztRI7Mj_1BMMQ6TQnifcMd5w7WMqqVuGN5oUl9nODiBfSazKOQDslyTmX9v8_1-wWzVbBgnx-TBGVzudg1vTOnbD_H1ViMrdlAVF7DLEwIxlaquOmeHl-BwZK5OnejPD3vC2Q_NkUCiUT-NfNFm2CncSGzvOGDddKw7Kgv_6S2DtHgDR54iVxiqLgyFr9TObpiujZ7nEOZVnAmOlmFHm_6jhSTaMxD0YpIw1f-Vrc-4wnb9bDuTBHbpodjHgRLK9naFEKgeFsjO0Tp5i1vg99DA7bxgo08uD1mGgu_BC37i0FJM6kfAC1KebD42Nb7dJYMeQp6dIDOhLEbO4A72kABZGhATGMZi_PJsH4LpcHKO7NMUoGjLtanIqgXkSw5aprTkJ6pf-mMmLq4bjVh5ckpwLTdQfHRgS3LdbSUWbBTp2U5q8xsh7VO4XWQGlHjXbqErRM6LXlkvZVPNn70C9QuwHbQ2MdyASxWwqZIlR6F2ya_lNXGWphr1JSdA8C_OFkrouWHGZ_40XyzwOFym1iJGlQzrhrMKrpyC0-hPjBqJkfr7JEohkUDD1S85DhSxbWAweRwzijoRSCQMm2kIHgWCVTRpfij492XphK3B7pJS1KoZqkU9RsRuPP5YqF6fpFl7y25oRUMRjQOosh9ZPKgTSacX04CFrn-34ukcx0UPKt8CcmNM4lzzn-R2MfykJhpwc6WJ60olG-7Lva7OB7tNtzcbmYHTRaXlQXa-GfTmYnDanDdyKH7LUfkuOaZ8RFp1pAqYWPfbaCRyqiy4jTibvSa8HD5NuYx4-X5SdDa5zpZ70xcikTkk_eNtv8vNw91l8KCM5K9fUdoU8hNefn7Sy3hqX5pScsR6J5551XpMdfHe_Jrta9XK5ms6i_tcRAPVVO2Xk3EfN0-Ial5HpMCc5kD6jlatCVp4MaQxJTJaPzmht0B-x2Cpp1jbpF9tpWovZlPw8szZxIvNBS_acaJQ_0ZhYJVp-vXeOAKMr-akn4oB_yuddzMnSQocOQ55WqQy5ifjaEo0jd0Mmmeq_3yDpb-_Cdi3FBQbCrr74Q6-7WMaiKRgPqxkKEK_vZyTLG0__FwypPtiYq5dX6iheVDTD19A3257n6a_FCh08FAmcEvRGLvu0Q_rNHx-J-XfMcqjq7pVPf3VJjH8pLUwErHAF0bw1GTzByFKDk4wxOVOvS_ZPmu0nWBHHZubVnfexBiMds5aK_gBsICXHpcEw_fCbRxUK7AxYDWVANCqeH5jVj-D1v12wH5UG25opaztBGLaaJLN-f5NbpvKXMx9UwftIYAz3udsDGdU-J3FrcCSVOiuP0vcelddQQ7Kk8mf6CRMsBsKQs_HVZlJubpN8aO-w8sfdOr3Wn1sxyMU-sPk6VAaceMCGPOLTHGuXCCRDUHJ7d1IXQat1xqbTMeGNfcYuJIr5LN1nI7RVT5sgTdm_klrDtW-H3XZ5Xd_dbmK-KWVESJ2j06jERsnZMxmzvZs-9TRLDnEox8rIN82syD5WDY2UGdgC3QTCOPuOD4ao33hjN9pG5q1E4lyWkXdE11xQk0vBIXScPBV2EoQ3vYc0SR4-KcBXqgW_qZv2qavyOstMssRtj0jFYLEuroANivzq01Y62P17-7kS6ohQxsIyMSSfm2UN6mOJR-EEP83cCEOEELQXrOYwiT2J45wsecPqP19WlYsuko5LgrZpimQihpJR81xBRTplBtCzkVuqlY2a0aKgcuYc4-2RoJTph27Xj_u0U8hmZhGoBzphcOpd94dzu8jO-C_x9BiCLKWGx3_47WZ_kIHMZTAjnu5iBp8TY7ccVHzcTJIW7TXhrz4fhKVTsrUmM1qXgSwoibK6zsAyYaode9fgnoRcMamNUlH1uKe8Y32De1aQAl_-Zv9lzyFG5CbH4_RM5NqFwLRO6dwarhSBhDS7hKKnPCiE2WCk-XDepYiguguhSusM0d9_udTpUBRsDLawJGVohmVOTpiTq-5qO5Z__URkMZVN3Uv883Qh76KiChL_aeea34th0XTTIF0bK53D2R8H9_3HHjFXtumFR_aotj3FMEFi5aKzIQhshpdyHjeU8QjtitNg4KmnqbwLuGEn0qXSjWucAMwidjODTEilhLtxGFbH8b2PhBlO3TL-2VJ9p94XjK007gSmTfPq-GM8lohKuyLVxlxVgDl-Df3PfQbfQKxf5dblwtKNd2LGeJL8SDFjxiz1Et5H0JNcqn11TJBwk-FGdpS6Oq2afQ9Y8JfP7blbrD5H-C3wUirXbK18BeLCM2JwjOwxSs7LtFG54ahloFg7z9_OmR5-xQIvkuFs2Y83QngV4DDAIvCoBRXLRpbXeOTavCy4QNhXDyDudVnF5tTSOjhbij9nPhJfxh8i1LWl9WTd_kQTpjn7IrhtVNa3pjpXaKwzbG_rXZg2I-1942_Bh6ifDq_mYrx0pARqhFg7XY0QOT3pyRC90Je5zaEf1VVh5xbHNNJX3GfxoyZgG3l8JNJUzVVH4eYY6sn8ekw9flN7BSx0m7tnEVG8N7LLrGUidbW_g5WUhILH46Sb0wtIG9YyabplsopCH9i5TsfU5CGG2Nk2WYakbAPOc666VMZSv6lctUczq9pIFjSz9sxeIL6fjvBLk9ExJ7Cd-HCCyvd24uZMRcTHj4H5hkjDurb6ml-nl4-vQM4lE4RjrPAjyTlo3t3Rq_RzEheIaSxLd9Wg3VSXJgZwCnsMCY2Azj_lQ0iY4h_jQFrpmjppme8mtF7ekXeEchnfbo7J1C0sCZiz5SfUOsUlxDku2CA75hSvtRVeEwwdlctRTuYejY2Z_UGDGMnpTQYM5xf6gMMOxFESRwGvN5K6NWw9MWnpRzzl-Y5S0oY-VRWZYxZk2Oo6dCLclGHXNnB-dubXocCIOvuqPqg7JPpoz2ImoHHPTc8VY8Oj1Ee7vv_xdY1EZV8UpFobxUN9OIbiFP89bJLZIDT1ocuXIo_WSt9X1e8OqxQv0pFQyP1PdmrIuREH0u0kLzogspoihc0RTGBB00s2uS3XtFoiDXxzw-Q04cFpB_mb543SrreCdMfFWywzFZ7AuP3TnhWT7SFyTqQj0oz8thQ_vCBFgO6Gp6B_0_uHp9Z6MJoQI_Kzv19xfjvFh9m1t6DOImY7nlguSBaE2LSG8Q3X93351hrQKgePSxWZiR7iijDEJnSKt9vCC5eOGzU4hSRTm19fPOl0tmk24TxbKyyWUNKxHpjvQCE1T2FLA_LiBTdfJ0-zHTF0UTRrnLaHSOy3zWg1r9W8dKwEukvMrjmJIuBnWzBdF3JTQMs5K4&cid=CAQSOwDICaaNDRQrMwkgLyhrHyNkKQVUN03OMP8CnagV3DfcUFzeO5wnAPmD839fX8lq_8ltUfC3mIRbrQk7GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=13091205379883762000&adk=521587874&idt=191&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b82d5a23d47decdc121f4288a7ea40dc50b855bc85b4c711266ad4d707b92eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC07 0
20 B 126ms
125ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9399309532894&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC07 0
20 B 125ms
125ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9399309532894&version=m202309260101&ct=76&x=1&cor=17817924601101840000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CC07 104 KB
40 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuVxwQD6Hw45o0x9Z_7bYY_sjG7hyJHnq7AC790j9kVdFEg-YUE6V2Cx72jtmjqIi7tgKa5noPLmAZsz-wTqdK5Nqh_NTzdHl1YaTghq5IlWk1o8vUgNu_Q9n7y7otIfNsb39Oj4umSdls-RtnwimC03R4VRpS6k_tExh1o39KoivQ-8s&dbm_d=AKAmf-AAkxLDDskpYBZTRR-Bf34NoZB1wFZpoBZcv7AIpolE_-zDCYkUCLXFYJHAj1D5rqt7oGwbFXzlUgyzzqgOyDqEHkS8U3J_S0BKIHFDSsfYpgd8kpSYMLcIyrri15rr00SKDTwiqDFNgailFr6TKzIUHs4NSDQkBHcpDbFEbmOFj4zb0J0U4hdmKuKwnkJk5CuneV5dbXjhZgt9hldaw-MFQFOyM3H8bTUn1nJ7mNdRgMlhH4ga7fwdxfiEf-Gw3z03Em3jbyhUuX62QUhzP_MFaNJcI9IKX8CQXwiQdxbxHeG28QaNcg3QcIgfp8gxq_gXbgUs5Zn3-EIltrm0jq_0oqoi8AqJKAVk4b8d9xxRx0lchiWfQbFtG_9djDuDa5eZYyi80TW1R0R0eWv3VZBi1SLPe7Ci7b4zuwyVrjvPzuSEpUL7bVE_5QDaP2969Sw88y-o2dSgNutd4XfRu2qQjlEaTEb6QFdgdZneuaRigHNsS6x4rxkE28pjsSe_T8n21reqe7VE7IuJmlmR-kESfNACH_97XdvwfRer79GWpPu07GjrvbIc_Wwf1vwFUYEnb__wzasCDebqfImu8ULM_6FW0SjuTAt6x4pONNZmo4qT8v0JaWm5DLQzFGPHsyFVquNs_Hahz3uMp-s-Igh98U9YCHzdv6xWQC0qYpsdG71KVfkKcmcBVHOdm22fKbDmhp2-amQDBY8DtWuPalip9nvJnC0WSspAz1jbuAUat9rWSjpQ7dfIoMUdHaQtLqiXBOXvWOmGxGSzjzYb4IZFeVQshwj6wB0qjy7H8RGN-rv4zQJcw5jS-Iqwjg0ZF7gaBOlWXqCF2nsRDVPQZbcvx4pGboHeSetit-TwZ2rpiuhLWNQLxNe41LTlv4Qvmcc_ZnXf5J-45HvZ7oyp1xZFRizdEFY288Y-Ob7uN8_lKkDUSnCzCIAnpXNW7YZy7DTv3b63DROcC_d6af9JO10AFs_jPmK_vCQRw8Hg85Q1AKVqIqRZY1lzp4n8Pyol5tdo5pOoC81HX9_aNWPJMaYKwGeMc7-2FI9TpEQsv0AjSpniLV_S_94sFTgbCKeOTNt1XuFrLt1qu2_jc8YR5nouho7wdh3aJSa3LCETSXGnz36Z8K3ZV8jQ1NG1mUYWd62Li_h0xEtusu6MFD80_lx9rt2-_3s_hB9rSJd0euOC95POImMhSM5rSY19LkfUQ_LZKz91v5EuLQB-7-mT62giUSdyNtOZ1o5BS_NQTsPbIf2kk25aEqRcW8LOJDEJnEhGMDZvOjpD_uc5RRJa5FUPhl0j7NmlthW_6HFPs6A_lJKO4brqNZE2Hd6AfLWnJku_t5Hy6jT9p8msmVShAvOYrhTHQKn3f6j5DwCdhhGFsx897-C_DvxixeBgyKGf-iL5KooGWhRj3e9ZTcDsjKX1JTfKdf1R72EXnz4PZW9P2j7g2kQ_Dw4jRoIi6Ks3dHMfbh55UuuIwB3ry2Zw7yKjne69o5L1DbC4BjKk8We8AXYt9hHNG7rlY7rFY7PvNr9DVD9LqOnAXwitvtGRhtIQCRJjLp0VPQvqs9ev41EGX5OgeZ-W2dh3tk3jnMUEnuJIdbs2UXB0hzPIltosobzR1hv2MZ3f2ddqbXeUPpCLnR5cCmGBBW3bPIINtaU4BSbfva8-Tta0DyOipiO14YCBUU0gzXtlvlcsWB7yTeeK0q39XxfEwqVmld4omciM7D0jgvL2eTKgFG00Mx-QAk8qhAYyldB9dPWY0hBXph1daGRtren0tTLtTo0zm2LEWu32_SsgaZRnjBLQVr9pUJcr94VXvQv0wVlKrpbrEM64Ri7koW7UGIhXomWd0aWLgNjQRsf774eB3O_Y-NQ_FdnUA2g9L6rSVjAMTQEjTc07EJpJOaZDg2AnPHkXFiE0Z42JiNzB6eL6qsd2rYnsc6a8z-NDMKDSypkOk4L41fJqje528DNsb38WRI-_bqZojm410C5bUnjBUgy6xZqq0obrpPjZ64ldlKN2qXnhH63L5QtgLbtUnX_Jf4zXFoSTQyvgi3SXwLzIcJKF6vJWdS1-8OuQZODbcXdNiqC4-tW-8DVQWJKrO48riY-0LC8lI1guQlvkXFRl4cXxmw_CBZxEv9Gf_vLggwG6z3ZyuDMHnYNW48ptfhF-PjaDt6FkJseUJqhBf3sUpmeIiASh6VcfCnoDLiYPjbFDn4b-kWIUgazfLv1jK_OjPhwoePz4XDO-h1_OFZ031sWGsfbUdx1vpw7_QgO_3rJDOpUNseOBE_LMgCdK-f93_lgLNx3W32_Dmxlnhhvwt1qwiDHsGicVk_BZIT7490Rz3VCenEhEwpeRQVBcsaI89g4UYXKrXO6dqJABM8XMPQeFxefyn-bx26O4DJk4XlSzUtTVZxPi_YJatkTDCYlmY2BV5TRnui-blPiNxcKOIdCyJm8n9X7JCIOfpXdbvJPNTjvra80ioCRVQwWOC3ksgcwHEUAvSs-k9ZHTC_0dDlXdZ8RkGmqYO1IBEHNkSTwTAwQcf5AY4kISi8OxHk5_QNwjEbsI9-V8iYSEG4KtUuLvSEz3n4q5robpc-khr6gCiKYgi0xiVKBYO89bRMZbAUPLsYclXFvxX3GguJU6aL862YY72wqfSvjvhOUANW563xVlCfDS5CfPYeXnh2Cdp3WFbNI7u7-2nJhraJuimmTlkHYHLR6DpsNSor_wED8ZMVuHU-KRQ3fJyrpPppY-_wSTEOar1M1LDFILdg5wCO06pLp9an36DgrXBQuwdmr9npIddZozr06qjvzO_txaXNn3y7LbnhaFQCEbq0p-lx6_cA32NnkZaOLgvmhOp_F0pWd--cGSiuTP0rHfqA6Um5NOLLy3BqEI5jgi5V8Ud2zOdZTHk2Wmml3sJPeRqoY1cSVk1dvSzzMqDfrzkqhfqzIPG6kuOIJNlKg5bmzIPCfFU5sZTjuVxsRG4QCgOnKVJ-FUOAKiIvkSEq9kbr8ImFexRr2gAiSAU6zXk8bIlxWCW385AX8Nr2ik2X3coOV9zve4AVJGQJu0DZOlyMfxihik2shzF8jt_FYSBd3_9TfoIcRxh5JLvke1u8Xmxi6pCxDppiHmcqOhs5XwIyrisXLJeGx-K6YzxX6HSdVyZ03KmaNy47NAfK35mg1NQSosVIKnywaB7RQRaPsf4qRYndU6Gb2Fa-OKQAZI5dBT-qsrhJ0Dm7hfWfTTDat3fYVtx4wDSs2gokYd5QUHx5xl6ZO_u509REaTtNTa4agpG74_RDg3aTQFDmu0SimZxrIperH_RtDP3mvNnvzUhoshD0bZKAEAOct15bHp-0gfcktby_sfAcLYKyi8Re004dHK42slqql2xHfADYv9PgRYssnFTWlTgHHmqqDm5KR5OIzk4C_vwLf_XDJjPkpXtCpizcKu_zWCJjZ8-4hxS4rGpUyfjsb9XuU6zYTOtcllHKLH6YpjEYIMxBDfa0nVaYt7PwfqQIlEmWJLFfzg_LBjvvhA5g9To23msWVumKSH8JwwjzfeiJPl_AMCHTCAbTxsA8iRNlQHWITtf24_XU8ZNJ6VegFLGTuIG3QTCONe4cLVqC5decBBgeCy0vHLnyPMhlwoKawqaTye6k8xmRnYrRtM_yPMAo5CsE4LWbh6S9t8kR9wxGVx6xdlK-gKajZuuSuh8mkVseXIMUg&cid=CAQSOwDICaaNCcTlWVvmyqvSavDXriFBCFGclGtqmLDRjY27IcOKBRz-PXCIkks9-WxYAS4lzzsvcXKkAM4CGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=17817924601101840000&adk=1877897943&idt=155&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f36b8f709471a74ebfd50893129f95ce2b99e238abb61678596ae62dce22e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js Show response
pagead2.googlesyndication.com/bg/ Frame B532 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15077
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:52:44 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame B21F 251 KB
76 KB 140ms
61ms Script
application/javascript 54.78.81.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJ-TbKjI7b2szfqEAEwJR5
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.81.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-81-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 40c6cba32bbf3544acfd384bdd8759282c593ad74a57e0f213f34ecc301d9f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B21F 111 KB
39 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame B21F 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Alz1vJw1GWQNoobh9Yh2vbi9YdUbhxctlyWtM0Lq6vQAV9lx1avt4q34tiCSqTq7SwiUU51qosgSf6woThbMB9c_URLk36ANJfdUSkrSb_Sn0h8e_812E6QTLzTPpa2PbwK-oNxulGaIETp6YmQNWGFgvV6FGKwAGnUMcbTgqTGWsKFXk&dbm_d=AKAmf-AV2P1DdPnpQnqO3SyVpGKJUe29RoLALvLiAwNyy9fuh6Wnb6_4cROCL8_HxEF4NTlQeaOQMkxllBxMTLt-5QWilWMY2vnpFPWV7toZLTlWQEUQ3dIkhVmgyxsyQnDJMwVTL4qNWdwkBCY5pQ0-hzpwMzkAH9-ohpvtoIdNUFVPfl0ww1VINnseq5VEmUX96UciKUEY-iMPYOftXKjHt7LZyuFASPdOBz3fgmJbDn1q1Rz-ukgveCBrRXqeJXDE13awxdlLpDEGUUo55T6GUdBPSXEmBh8dr42_rmQrHwPNMwHBCd7ngF8rRN_CDH-wBDZrOMGWKibUqqGBFLBwjWl3A7xof3rFr0InpK9Cm2m3UuHJha1c6n9OC-b1gulZui3KjfVtMNYNYbjf-CwknKER1AFIGt9k4fY_WF8LWu7o0V0PBHx_-DFB-TBdOngsxTwRENJacb4yHunNFVVLFvNAcR3svGX33LpbmVhU3EVgOlMSKkBpyawaiVgZ-FJ4Y6ZKcAzjexTUSx4XmnbGzLhnMHLF8se58C0NKEf5YqfMFc0Dctq2uvAC05N6hfC04mtxtuprx0decbJargOYMYQBNfg8jQGOtgulRY7POSUq-pk7i-wUiw87FO63EYPNgC9uNMN45Y_nhJGUhJVYqhiN6rmiE18t2I2hm82YPgb83h1yfWj0rPXqgB8BYJUSbdeHCyjZ_5GXmbpcysojkt_ksbIDg3Vrk_f_neynEahlAbgGujwMLUUHfNPv7NwpxiTWbLsppflN4tFWE4-7CcYGxX2Vpr1LisaWnH792XFdrY0zW147G-Fg-LCpkRZXtew3gaoIlI5tBxirw17woMm2uxbXFH_yTXPVdZkOGcW07sot9KgBTb_nuyzRzHC8464wBUGTpF-01lwhtKGdDKeakA5yrOg4J9ttQ_ehG3FFywFl-HGjAMsoYOfZJ0Mws_Hm8pM_lNrtgSija_gWzq-Rt2jFQvQFH2j21OtMsBmiMJHAqipPlOpPk1l1ez5L16zph7ABpxA3alIzSq_nhewk-weZ-kzq46KzNXsOmQAdvhJoYft2D0pX0QZNhs6BP9z6n59ANFQAfAvkNugpQ9p1M89pcdOGss2JfWXHlALfcP8moOLZSlkr_kkvXhsQh95kC-2AkXbzJrmFjKGAaLyKklKJbV8HIDFybXjmts3xl4WHTgXp5yVqsp4SjkqOhJHF8dZhthDCmF2GolB8ixrQDp-AlVCn1BWDFQpl9d82PY-UYEG_FhT1eYeEAdiqnAz49DnwY_mdt06_VFndrVWEG9CXl8QyhN0OgSEP5dy64GAeUTEqrDlf6KD-mG8v-ox9GKeIgWBKvSv5XD_M1SDCrgXfXceV-3sx43pul2L77_BwM6ocJanik2hRd6_FEmLTYv6z5ApYiF5vi23A5r3sGTnLVCIfWo-SORQvy7-aUGYt-VhJS3ahwk1PeNKctK2tj3ITnz9i4DHfGn0t374F3fj94vKlZWZs60DHeRA9cmtvW7CEcxN7RsuYKTST6zG9b3AsSR67IIXhYT1HGY_ujxaMxnUpZVJxUo2aEzeNSa0h4c7G7OeohyT68jUrl-BMLbru-1mKLjIhfT52lWSU-qB5obbLHbxCQgwlxYQAZdMvxiWT7jCGpk8Yz19tST4hY-RwR-p8IAy4jg3O9oHqPGW_kaiAVuBQsaVfRe7JdBO7CI3JaRXRVL8hx7ski9eoqv8s0KUVK6n9phVcbWwxN7bKZgj-WGQzSSokHNCk-lHler1k7UwMBJljbrUfaZzBJgoFRMDPTszKN7HFmQ_XtyqnyjWLLR2pHBBCC-n3JKH5GC0lVys0kficp9UpTwPlb5hWHbUnqVlcHtkTp1h8bD9VVUMWcaYAgSg63y23Yx-5WtGbvyIFf9TJaF-CaFH4zPDQmd73biXfZI2Pyp_Q7nsJ9LPkOZ0sAn5ZzZ9O4rDBw3nnFv_10RkI57KB-gu6qJ6pmhNGZy459H0LB4Ha1qtbYtW5zx1mYDeaMgdGat0AyImXMVO-SX_VCnYL2MfhYOyDZ08gWs5sbU76TvTgmS3z87uzW2dtWXz51cF4dLtD7uhS1zQR49miqnlv7JGGa-Y90TAGP_PqpdjZ-rjEjlOm7-v8GLZtbCoKPvqgusia_KdkAkt--pwZGnVd7E9J1wwATbZ4ypSpY6sun8wo1g7VKc20RIWOJIji85o-Y48uq9FQia60A1MhD3xA-xpuWlg8IgxOQCYo9n91dgChWRZxdvqYNNbQGb9wrQr3b6pQ-HDmRe5O2hwsrIOXbZdRcnm8vejZghAV_G-A-jp0kLp0jegR2dBvL2x1h5meC21z0qjSjSv7UMFFMOc5xmMFFH12G_9xIeYQmwSqU-NDvpzv2jEP4HLQPD3-QayPkxVskgz5AochryTspacjyRATvyS5QXuLT_If4HaYSTirVZiG3qLLr--zvsNrFwubCngHFXIsMnNVjUNQIB13jROIW6QJj11JmV7DFJ_UIK0NqohdfN-HZ9n7D4ia4-utYjq9RQ73OWFNIpyCBgY9-Ai3tzwq-LUvaqZqwI9vzkT0rhMDx738bP9tkh61oIh8j9BQafuzX3tEhkGZnOuIjN_a-wzp3YA-FdReEiqBPRiUXrk0IEjzsMB0QxKbnilnpKDwj9ZPPKtbJw2DR7ySAxI7sBOrLvYaBNFGgWC5TEE3sWrOgywGZFdaPwrxV3q0fZAjW0zS7XKg0bZygccSdRxsew76BEUnRGTti3w_w9QJ3ds9Liy6xYZqKbuXhU7NAQIA8ttkPTS44pgAFBqxaogUgYf1ljVzeKMUOWg28-x0N_lQgsPZpd1cj3pECnYC7lhNh4zdSWa8RzqB5ozRaRre0HGKY-vpL6qnQS1upAlPanndcasDGwCXXIJVICj3tHP1Thi4_PN2kzmwQ-Ga9I7UuqyKf5tJLxU2OFvgS5Az4HU8LAMnLc1m_i7Hy1Cotx-5vWPTOj42nE2kyiegHSJzFuxXDn1mCWIj5CvHifZ3i_rxK4AiwhD9YZboQZke-nCNdchqkZdrLYNgWaVhVBNn6AIAcEmKsG_iwyWDrUzgbczMGl2TNANn5SvYzGJsujexnR8t1FAPuv60_xNpI-kiLjwsOahU0-PFLcnUV2Dra7NoaNxBfqgp5OaVJewL9bjtHSHvWZM3Vvmd_G1tzUKjfkVj2V7KTmsMCQHGWFeLJc8sBsQ8CEcyBWvdyIhhTenMoqQpRdx-j22LczGxHim1GSEJDCtNP3h9TpogtgP1PcP-8knd-1VwH8QrFcUyqzYwEAnWqUq2bFGrGrNCty1rkkqHBJOg_RdvY-ySrCw_DbT4oMu3btlCs0panBJ96ltZJkXTctW17EmUX_Na8QEkluORvVSsKGym45LWHGFadE0Lbcc6C3V_VxXgAYN0UD2dsibkyj7CzKoAmj_XPGAv1q37dA3bVo5lhAENA1DVArUOA22FtAnuq_gEOC1IzRagZxQalsP1SpxZDEI3P705Og4Lse3tyzrSwcdjwB9gknOA_W-Ituh5xGhm3McBOyjwgKH-vWAbdMBoGtf-E2Y9H_z_JVsuKBdD8qN2fEbXi5-HC3FCruBky57p-CDhPs49flFJNnUjiaQb6tmF9UI2ICfnzoEGvcsRzm-EhfYN3bc1_QGyUch8CP02lFF9FgVTjFcQyTMeu9Kc5JeG6QrC_ZxYqtu7rH7JWyE_n6mYNMUeonOEv2H6LRTRuwrsNHaiDi8&cid=CAQSOwDICaaNAfW415vJd6fCTEq62yrD5EijPfr7gVxIfKhORPyJiGPc3t_n0JtsU9480dI0WBlWiwqYdUriGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=12877324123873343000&adk=1761367587&idt=109&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:50:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame B21F 30 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:34:07 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B21F 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 307E 1 KB
647 B 22ms
22ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 26 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B21F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5e320526a880eaac3727b4f7fd449d169ac7d1751bff80e080a195f8779680b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E3DD 236 KB
63 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:02:12 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 9 KB
2 KB 27ms
27ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a14d925b35bb3035cc21f39d7f34f8d83e5b1b2ad0bdc965d9d5e2ff7922fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248255
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2264
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:37 GMT

GET
H3 200 _preloader.gif
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 673 B
700 B 28ms
27ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_preloader.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:38 GMT
x-content-type-options: nosniff
age: 248254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:38 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 64DD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1&google_push=AXcoOmRT8uUAAauvKK6zGF3EnMg-x_v53wwvvK_PmyfwddpjUs0v_JyyXDSwgNYYB0daiCVNHek4Z6S8QUK4lUA5Fxmk_pgB8jJ67eo
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY5MjYyNzk1NjUzMzE2NzgyOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1

43 B
398 B

37ms
34ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmQ0mCsCbXyDQZ03gBQJma4bmcizVvP49Ha8Kaj-6G2yapgHH8UWpZ...

170 B
188 B

36ms
36ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmQ0mCsCbXyDQZ03gBQJma4bmcizVvP49Ha8Kaj-6G2yapgHH8UWpZ-Fagxg1YHqwCa_5qVS0kjVa4ym8LQKjHoOpL0ii-71INY

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230072-FRA
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698260533.595208,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmQ0mCsCbXyDQZ03gBQJma4bmcizVvP49Ha8Kaj-6G2yapgHH8UWpZ-Fagxg1YHqwCa_5qVS0kjVa4ym8LQKjHoOpL0ii-71INY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DD
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL33atUr1gucioMI8b6S81M&google_cver=1&google_push=AXcoOmTzNoJi6xYOW6Xtx0rZ4YrRPUobAdBmzKcriXdqCi10r8jcNKTF2p_b7zXynvOjeFPntGaydt92uiu...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzNoJi6xYOW6Xtx0rZ4YrRPUobAdBmzKcriXdqCi10r8jcNKTF2p_b7zXynvOjeFPntGaydt92uiuxJrXRN1sOVdvLdpqlmcc&google_hm=cogTojyZR-219WSlM...

170 B
188 B

38ms
38ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzNoJi6xYOW6Xtx0rZ4YrRPUobAdBmzKcriXdqCi10r8jcNKTF2p_b7zXynvOjeFPntGaydt92uiuxJrXRN1sOVdvLdpqlmcc&google_hm=cogTojyZR-219WSlMAYEChs

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzNoJi6xYOW6Xtx0rZ4YrRPUobAdBmzKcriXdqCi10r8jcNKTF2p_b7zXynvOjeFPntGaydt92uiuxJrXRN1sOVdvLdpqlmcc&google_hm=cogTojyZR-219WSlMAYEChs
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO6swrVrkx1OtmwujDDcOKg&google_cver=1&google_push=AXcoOmSlsCUJTeE2Xf0zPBJz2HSQBJ1XcJf5wgRIIo1G1qwoX08le_LaBR4izgMSOeL8hnYVLFOtZVaN3yrOTD...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmSlsCUJTeE2Xf0zPBJz2HSQBJ1XcJf5wgRIIo1G1qwoX08le_LaBR4izgMSOeL8hnYVLFOtZVaN3yrOTDFx-W...

170 B
188 B

64ms
64ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmSlsCUJTeE2Xf0zPBJz2HSQBJ1XcJf5wgRIIo1G1qwoX08le_LaBR4izgMSOeL8hnYVLFOtZVaN3yrOTDFx-WKAmOPiL8-Ora0

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmSlsCUJTeE2Xf0zPBJz2HSQBJ1XcJf5wgRIIo1G1qwoX08le_LaBR4izgMSOeL8hnYVLFOtZVaN3yrOTDFx-WKAmOPiL8-Ora0
Date: Wed, 25 Oct 2023 19:02:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgx2mQIZrU8Z8jtwerDiYY&google_cver=1&google_push=AXcoOmSKk1kglvEyqXpLp74S0eZ_MrTjQzu1YSGN_PG603qH1NkMMVuWFE2AGiEQ3lQS4GnWL7IW5jIz7QUrLzuSC8ROQ9Q...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKk1kglvEyqXpLp74S0eZ_MrTjQzu1YSGN_PG603qH1NkMMVuWFE2AGiEQ3lQS4GnWL7IW5jIz7QUrLzuSC8ROQ9QDGtSMYBo&google_hm=eS1PVndRaHZsRTJwRVU...

170 B
188 B

44ms
44ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKk1kglvEyqXpLp74S0eZ_MrTjQzu1YSGN_PG603qH1NkMMVuWFE2AGiEQ3lQS4GnWL7IW5jIz7QUrLzuSC8ROQ9QDGtSMYBo&google_hm=eS1PVndRaHZsRTJwRVU0aWhIYURJOWxLVHdrbkM4bE14en5B

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 Oct 2023 19:02:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKk1kglvEyqXpLp74S0eZ_MrTjQzu1YSGN_PG603qH1NkMMVuWFE2AGiEQ3lQS4GnWL7IW5jIz7QUrLzuSC8ROQ9QDGtSMYBo&google_hm=eS1PVndRaHZsRTJwRVU0aWhIYURJOWxLVHdrbkM4bE14en5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64DD
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJm2QhgqPe4LeYsk2vphBjg&google_cver=1&google_push=AXcoOmTvoc8d7PjFQjkIDjTIXrahFIrWG0gn19helgWhTRrgGk1WKAEJGhPIgL8VSx1JdAOPi42Tt8NrDZ79...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTvoc8d7PjFQjkIDjTIXrahFIrWG0gn19helgWhTRrgGk1WKAEJGhPIgL8VSx1JdAOPi42Tt8NrDZ79fOCxs_KK2H_q631EEA

170 B
188 B

37ms
37ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTvoc8d7PjFQjkIDjTIXrahFIrWG0gn19helgWhTRrgGk1WKAEJGhPIgL8VSx1JdAOPi42Tt8NrDZ79fOCxs_KK2H_q631EEA

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTvoc8d7PjFQjkIDjTIXrahFIrWG0gn19helgWhTRrgGk1WKAEJGhPIgL8VSx1JdAOPi42Tt8NrDZ79fOCxs_KK2H_q631EEA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 64DD
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIPbguS0n_5w...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRMxd8CnYtSCH5wOi13qVQYPZDixr9QRzX9q1KzDroNbCEupjBxWzhsAk6LoLX1mhZv652Ipo8N9o6Anjjqzs29zIxXYwCWdwY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

83ms
79ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 25 Oct 2023 19:02:12 GMT
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 64DD 0
12 B 35ms
34ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEWET3Br9APSIeXsWKvk7Cbt5DZco3Gi6ZsMV3xYHwdJvLfaH1WBwKYl78xGOolPFaiEuNyg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 307E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmTnbOKceKu4Q8LgcwG1TIvFqLuuRNYLTowzyFQ0cGu...

170 B
188 B

43ms
43ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmTnbOKceKu4Q8LgcwG1TIvFqLuuRNYLTowzyFQ0cGuBB40caelohVh7vTybxSYYhKuf_UILxk9xmZ6LRnD6JObgVMqRa1Fr3sQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 19:02:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmTnbOKceKu4Q8LgcwG1TIvFqLuuRNYLTowzyFQ0cGuBB40caelohVh7vTybxSYYhKuf_UILxk9xmZ6LRnD6JObgVMqRa1Fr3sQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 307E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmTeEx8HV7GZh7iDBajwXF-q9eoFTEAkWJs4d7br15WO-QTp5HnldV...

170 B
188 B

38ms
37ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmTeEx8HV7GZh7iDBajwXF-q9eoFTEAkWJs4d7br15WO-QTp5HnldVTvkDNbZa2yQeFbQILdLTpPz65WJr-OZrOQPKeDSZ6klg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230072-FRA
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1698260533.594881,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_push=AXcoOmTeEx8HV7GZh7iDBajwXF-q9eoFTEAkWJs4d7br15WO-QTp5HnldVTvkDNbZa2yQeFbQILdLTpPz65WJr-OZrOQPKeDSZ6klg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 307E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFclQ0MQzKccb4Qp20b02gY&google_cver=1&google_push=AXcoOmRZtf2uEsjoDpP5WBWnU_M_Iz6N8xL5KLDy-vlm_n5LNqqW9PgpPmQzth4p_jD0kQBy_r4NejFAa1abb5e7...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmRZtf2uEsjoDpP5WBWnU_M_Iz6N8xL5KLDy-vlm_n5LNqqW9PgpPmQzth4p_jD0kQBy_r4NejFAa1abb5e76Y4Qa24srFX3p4c

170 B
188 B

41ms
40ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmRZtf2uEsjoDpP5WBWnU_M_Iz6N8xL5KLDy-vlm_n5LNqqW9PgpPmQzth4p_jD0kQBy_r4NejFAa1abb5e76Y4Qa24srFX3p4c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmRZtf2uEsjoDpP5WBWnU_M_Iz6N8xL5KLDy-vlm_n5LNqqW9PgpPmQzth4p_jD0kQBy_r4NejFAa1abb5e76Y4Qa24srFX3p4c
x-host: tde-deliveryengine-production-69ffdcd588-ff4s2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 307E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSok5CL...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSok5CL...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMjUxOTAyMTMwMDA1MTg3NzY2NjQwNg%3D%3D&google_push=AXcoOmSok5CLo_5oMSpPBKyYxHMw0vjWNDqr2lGpJS0ErpGq4rlZgr9sy8RkKr6uylko-h...

170 B
188 B

37ms
36ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMjUxOTAyMTMwMDA1MTg3NzY2NjQwNg%3D%3D&google_push=AXcoOmSok5CLo_5oMSpPBKyYxHMw0vjWNDqr2lGpJS0ErpGq4rlZgr9sy8RkKr6uylko-hw2ogoizo9RjeC_SBB7JSUt0JP9Br_3iA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMjUxOTAyMTMwMDA1MTg3NzY2NjQwNg%3D%3D&google_push=AXcoOmSok5CLo_5oMSpPBKyYxHMw0vjWNDqr2lGpJS0ErpGq4rlZgr9sy8RkKr6uylko-hw2ogoizo9RjeC_SBB7JSUt0JP9Br_3iA
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Wed, 25 Oct 2023 19:02:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 307E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgx2mQIZrU8Z8jtwerDiYY&google_cver=1&google_push=AXcoOmRrRu8GS7XX6POqO3A720ztL_L2kLLgWolb40i85Xeoyp1uNgKDf82MfodRU7u5BPGWDNNveUqsPygqkXISf6_Rv1U...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRrRu8GS7XX6POqO3A720ztL_L2kLLgWolb40i85Xeoyp1uNgKDf82MfodRU7u5BPGWDNNveUqsPygqkXISf6_Rv1U2f4DnglI&google_hm=eS02ZWlPMlFkRTJwSGp...

170 B
188 B

41ms
41ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRrRu8GS7XX6POqO3A720ztL_L2kLLgWolb40i85Xeoyp1uNgKDf82MfodRU7u5BPGWDNNveUqsPygqkXISf6_Rv1U2f4DnglI&google_hm=eS02ZWlPMlFkRTJwSGpLajVucmthWk1qWVN5QmVGbmppbn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 Oct 2023 19:02:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRrRu8GS7XX6POqO3A720ztL_L2kLLgWolb40i85Xeoyp1uNgKDf82MfodRU7u5BPGWDNNveUqsPygqkXISf6_Rv1U2f4DnglI&google_hm=eS02ZWlPMlFkRTJwSGpLajVucmthWk1qWVN5QmVGbmppbn5B
content-length: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 307E 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 307E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIPbguS0n_5w...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT5AZnO4iDTcS6tyk1TTDoRdhtODHs83OPgMpq_xHXIkLy_mSApxpCwc2s7PP5diht0IjJOmTM-7U1NQVjK2dS5LbohdybrSlb6
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

82ms
80ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Wed, 25 Oct 2023 19:02:12 GMT
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 307E 0
12 B 35ms
34ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHps0LUv7ipXMuUF3owriKavH4BTrA0exEwkEZStQGJI7hZE6rPRFWfOXVXOQIQo_kLd0LT_U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame CC07 251 KB
76 KB 235ms
235ms Script
application/javascript 54.78.81.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jI-ARaTziKLt0g9jmQuZLQ
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.81.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-81-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1061f0f0ffbb0678b470b1c7a25bffb45553ff64cd5bb4e9307f56b02ef81f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame CC07 111 KB
39 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame CC07 11 KB
4 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuVxwQD6Hw45o0x9Z_7bYY_sjG7hyJHnq7AC790j9kVdFEg-YUE6V2Cx72jtmjqIi7tgKa5noPLmAZsz-wTqdK5Nqh_NTzdHl1YaTghq5IlWk1o8vUgNu_Q9n7y7otIfNsb39Oj4umSdls-RtnwimC03R4VRpS6k_tExh1o39KoivQ-8s&dbm_d=AKAmf-AAkxLDDskpYBZTRR-Bf34NoZB1wFZpoBZcv7AIpolE_-zDCYkUCLXFYJHAj1D5rqt7oGwbFXzlUgyzzqgOyDqEHkS8U3J_S0BKIHFDSsfYpgd8kpSYMLcIyrri15rr00SKDTwiqDFNgailFr6TKzIUHs4NSDQkBHcpDbFEbmOFj4zb0J0U4hdmKuKwnkJk5CuneV5dbXjhZgt9hldaw-MFQFOyM3H8bTUn1nJ7mNdRgMlhH4ga7fwdxfiEf-Gw3z03Em3jbyhUuX62QUhzP_MFaNJcI9IKX8CQXwiQdxbxHeG28QaNcg3QcIgfp8gxq_gXbgUs5Zn3-EIltrm0jq_0oqoi8AqJKAVk4b8d9xxRx0lchiWfQbFtG_9djDuDa5eZYyi80TW1R0R0eWv3VZBi1SLPe7Ci7b4zuwyVrjvPzuSEpUL7bVE_5QDaP2969Sw88y-o2dSgNutd4XfRu2qQjlEaTEb6QFdgdZneuaRigHNsS6x4rxkE28pjsSe_T8n21reqe7VE7IuJmlmR-kESfNACH_97XdvwfRer79GWpPu07GjrvbIc_Wwf1vwFUYEnb__wzasCDebqfImu8ULM_6FW0SjuTAt6x4pONNZmo4qT8v0JaWm5DLQzFGPHsyFVquNs_Hahz3uMp-s-Igh98U9YCHzdv6xWQC0qYpsdG71KVfkKcmcBVHOdm22fKbDmhp2-amQDBY8DtWuPalip9nvJnC0WSspAz1jbuAUat9rWSjpQ7dfIoMUdHaQtLqiXBOXvWOmGxGSzjzYb4IZFeVQshwj6wB0qjy7H8RGN-rv4zQJcw5jS-Iqwjg0ZF7gaBOlWXqCF2nsRDVPQZbcvx4pGboHeSetit-TwZ2rpiuhLWNQLxNe41LTlv4Qvmcc_ZnXf5J-45HvZ7oyp1xZFRizdEFY288Y-Ob7uN8_lKkDUSnCzCIAnpXNW7YZy7DTv3b63DROcC_d6af9JO10AFs_jPmK_vCQRw8Hg85Q1AKVqIqRZY1lzp4n8Pyol5tdo5pOoC81HX9_aNWPJMaYKwGeMc7-2FI9TpEQsv0AjSpniLV_S_94sFTgbCKeOTNt1XuFrLt1qu2_jc8YR5nouho7wdh3aJSa3LCETSXGnz36Z8K3ZV8jQ1NG1mUYWd62Li_h0xEtusu6MFD80_lx9rt2-_3s_hB9rSJd0euOC95POImMhSM5rSY19LkfUQ_LZKz91v5EuLQB-7-mT62giUSdyNtOZ1o5BS_NQTsPbIf2kk25aEqRcW8LOJDEJnEhGMDZvOjpD_uc5RRJa5FUPhl0j7NmlthW_6HFPs6A_lJKO4brqNZE2Hd6AfLWnJku_t5Hy6jT9p8msmVShAvOYrhTHQKn3f6j5DwCdhhGFsx897-C_DvxixeBgyKGf-iL5KooGWhRj3e9ZTcDsjKX1JTfKdf1R72EXnz4PZW9P2j7g2kQ_Dw4jRoIi6Ks3dHMfbh55UuuIwB3ry2Zw7yKjne69o5L1DbC4BjKk8We8AXYt9hHNG7rlY7rFY7PvNr9DVD9LqOnAXwitvtGRhtIQCRJjLp0VPQvqs9ev41EGX5OgeZ-W2dh3tk3jnMUEnuJIdbs2UXB0hzPIltosobzR1hv2MZ3f2ddqbXeUPpCLnR5cCmGBBW3bPIINtaU4BSbfva8-Tta0DyOipiO14YCBUU0gzXtlvlcsWB7yTeeK0q39XxfEwqVmld4omciM7D0jgvL2eTKgFG00Mx-QAk8qhAYyldB9dPWY0hBXph1daGRtren0tTLtTo0zm2LEWu32_SsgaZRnjBLQVr9pUJcr94VXvQv0wVlKrpbrEM64Ri7koW7UGIhXomWd0aWLgNjQRsf774eB3O_Y-NQ_FdnUA2g9L6rSVjAMTQEjTc07EJpJOaZDg2AnPHkXFiE0Z42JiNzB6eL6qsd2rYnsc6a8z-NDMKDSypkOk4L41fJqje528DNsb38WRI-_bqZojm410C5bUnjBUgy6xZqq0obrpPjZ64ldlKN2qXnhH63L5QtgLbtUnX_Jf4zXFoSTQyvgi3SXwLzIcJKF6vJWdS1-8OuQZODbcXdNiqC4-tW-8DVQWJKrO48riY-0LC8lI1guQlvkXFRl4cXxmw_CBZxEv9Gf_vLggwG6z3ZyuDMHnYNW48ptfhF-PjaDt6FkJseUJqhBf3sUpmeIiASh6VcfCnoDLiYPjbFDn4b-kWIUgazfLv1jK_OjPhwoePz4XDO-h1_OFZ031sWGsfbUdx1vpw7_QgO_3rJDOpUNseOBE_LMgCdK-f93_lgLNx3W32_Dmxlnhhvwt1qwiDHsGicVk_BZIT7490Rz3VCenEhEwpeRQVBcsaI89g4UYXKrXO6dqJABM8XMPQeFxefyn-bx26O4DJk4XlSzUtTVZxPi_YJatkTDCYlmY2BV5TRnui-blPiNxcKOIdCyJm8n9X7JCIOfpXdbvJPNTjvra80ioCRVQwWOC3ksgcwHEUAvSs-k9ZHTC_0dDlXdZ8RkGmqYO1IBEHNkSTwTAwQcf5AY4kISi8OxHk5_QNwjEbsI9-V8iYSEG4KtUuLvSEz3n4q5robpc-khr6gCiKYgi0xiVKBYO89bRMZbAUPLsYclXFvxX3GguJU6aL862YY72wqfSvjvhOUANW563xVlCfDS5CfPYeXnh2Cdp3WFbNI7u7-2nJhraJuimmTlkHYHLR6DpsNSor_wED8ZMVuHU-KRQ3fJyrpPppY-_wSTEOar1M1LDFILdg5wCO06pLp9an36DgrXBQuwdmr9npIddZozr06qjvzO_txaXNn3y7LbnhaFQCEbq0p-lx6_cA32NnkZaOLgvmhOp_F0pWd--cGSiuTP0rHfqA6Um5NOLLy3BqEI5jgi5V8Ud2zOdZTHk2Wmml3sJPeRqoY1cSVk1dvSzzMqDfrzkqhfqzIPG6kuOIJNlKg5bmzIPCfFU5sZTjuVxsRG4QCgOnKVJ-FUOAKiIvkSEq9kbr8ImFexRr2gAiSAU6zXk8bIlxWCW385AX8Nr2ik2X3coOV9zve4AVJGQJu0DZOlyMfxihik2shzF8jt_FYSBd3_9TfoIcRxh5JLvke1u8Xmxi6pCxDppiHmcqOhs5XwIyrisXLJeGx-K6YzxX6HSdVyZ03KmaNy47NAfK35mg1NQSosVIKnywaB7RQRaPsf4qRYndU6Gb2Fa-OKQAZI5dBT-qsrhJ0Dm7hfWfTTDat3fYVtx4wDSs2gokYd5QUHx5xl6ZO_u509REaTtNTa4agpG74_RDg3aTQFDmu0SimZxrIperH_RtDP3mvNnvzUhoshD0bZKAEAOct15bHp-0gfcktby_sfAcLYKyi8Re004dHK42slqql2xHfADYv9PgRYssnFTWlTgHHmqqDm5KR5OIzk4C_vwLf_XDJjPkpXtCpizcKu_zWCJjZ8-4hxS4rGpUyfjsb9XuU6zYTOtcllHKLH6YpjEYIMxBDfa0nVaYt7PwfqQIlEmWJLFfzg_LBjvvhA5g9To23msWVumKSH8JwwjzfeiJPl_AMCHTCAbTxsA8iRNlQHWITtf24_XU8ZNJ6VegFLGTuIG3QTCONe4cLVqC5decBBgeCy0vHLnyPMhlwoKawqaTye6k8xmRnYrRtM_yPMAo5CsE4LWbh6S9t8kR9wxGVx6xdlK-gKajZuuSuh8mkVseXIMUg&cid=CAQSOwDICaaNCcTlWVvmyqvSavDXriFBCFGclGtqmLDRjY27IcOKBRz-PXCIkks9-WxYAS4lzzsvcXKkAM4CGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=17817924601101840000&adk=1877897943&idt=155&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:50:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame CC07 30 KB
11 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:34:07 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CC07 41 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3940 1 KB
647 B 33ms
32ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 26 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CC07 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67d7e4ac14f1d2d471002fb7a0fdb15c4755f545ccbf37a12081861f474e6d51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame D2BA 251 KB
76 KB 231ms
230ms Script
application/javascript 54.78.81.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hoLSqtGtGARBdTMoXKBukZ
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.81.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-81-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9a534d8d66085f17708bcb1e8ac876a537a0d61767a63c7be022d2d3c10b6987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D2BA 111 KB
39 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame D2BA 11 KB
4 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBZWdmaWMzDJ91Mi6vwFMbrg9O6qWfyD8fLC95n8bXNAjyKzFj9rKFmRrEYNq0uh6LNQoS97_aT9rPqoRLPhYmjpGuTUhRzZt6esxvuKeoUkqaUkMXHZttxtIaznvys2dR2Lh4deAckSq6UmVKUP9LQXV7jhRzGK1ryndYRNvizFzej9I&dbm_d=AKAmf-Ceo1NENTPDw2hN2FFZcRtr9kqfjwETSFCrWT-V-x6hrOBgePXr5WkKiTBbJJB7pgKFVMUeJXrrBLj21MQrKvPqN5w51OJ9lLlK7_5sCYWSx---PR19wEyFovNI1oFc0YhNOg2Q_X45qzcQGU8YeT7IIK-KNTFnwU5poHAZ-NDExkqgZH8FG_zTgRex0DnLUMAqgGbCqO_LrIQ__Uqx31QLYCZ6EFAcl-U6tJgNGOS7KHQD9OfmlA89FtNaEEX-q2O051zlSD0jZkJJW-tTWPEFRe7To-aiCohTuTzySWDEucYfPwfegjag7YYk5PJ9YbnzOOPmGJth51IPte8ZFYgt2wtwx9V5mQCJmTsfSqw9S0LUgbxp2ByMWJ_utSpQYzOzbFoyE71pf8QWkSTAXAkFKCAQtJFjXH9qWARDLpyVJJb47n3TrlJj5addIAZdlccbufFcKztRI7Mj_1BMMQ6TQnifcMd5w7WMqqVuGN5oUl9nODiBfSazKOQDslyTmX9v8_1-wWzVbBgnx-TBGVzudg1vTOnbD_H1ViMrdlAVF7DLEwIxlaquOmeHl-BwZK5OnejPD3vC2Q_NkUCiUT-NfNFm2CncSGzvOGDddKw7Kgv_6S2DtHgDR54iVxiqLgyFr9TObpiujZ7nEOZVnAmOlmFHm_6jhSTaMxD0YpIw1f-Vrc-4wnb9bDuTBHbpodjHgRLK9naFEKgeFsjO0Tp5i1vg99DA7bxgo08uD1mGgu_BC37i0FJM6kfAC1KebD42Nb7dJYMeQp6dIDOhLEbO4A72kABZGhATGMZi_PJsH4LpcHKO7NMUoGjLtanIqgXkSw5aprTkJ6pf-mMmLq4bjVh5ckpwLTdQfHRgS3LdbSUWbBTp2U5q8xsh7VO4XWQGlHjXbqErRM6LXlkvZVPNn70C9QuwHbQ2MdyASxWwqZIlR6F2ya_lNXGWphr1JSdA8C_OFkrouWHGZ_40XyzwOFym1iJGlQzrhrMKrpyC0-hPjBqJkfr7JEohkUDD1S85DhSxbWAweRwzijoRSCQMm2kIHgWCVTRpfij492XphK3B7pJS1KoZqkU9RsRuPP5YqF6fpFl7y25oRUMRjQOosh9ZPKgTSacX04CFrn-34ukcx0UPKt8CcmNM4lzzn-R2MfykJhpwc6WJ60olG-7Lva7OB7tNtzcbmYHTRaXlQXa-GfTmYnDanDdyKH7LUfkuOaZ8RFp1pAqYWPfbaCRyqiy4jTibvSa8HD5NuYx4-X5SdDa5zpZ70xcikTkk_eNtv8vNw91l8KCM5K9fUdoU8hNefn7Sy3hqX5pScsR6J5551XpMdfHe_Jrta9XK5ms6i_tcRAPVVO2Xk3EfN0-Ial5HpMCc5kD6jlatCVp4MaQxJTJaPzmht0B-x2Cpp1jbpF9tpWovZlPw8szZxIvNBS_acaJQ_0ZhYJVp-vXeOAKMr-akn4oB_yuddzMnSQocOQ55WqQy5ifjaEo0jd0Mmmeq_3yDpb-_Cdi3FBQbCrr74Q6-7WMaiKRgPqxkKEK_vZyTLG0__FwypPtiYq5dX6iheVDTD19A3257n6a_FCh08FAmcEvRGLvu0Q_rNHx-J-XfMcqjq7pVPf3VJjH8pLUwErHAF0bw1GTzByFKDk4wxOVOvS_ZPmu0nWBHHZubVnfexBiMds5aK_gBsICXHpcEw_fCbRxUK7AxYDWVANCqeH5jVj-D1v12wH5UG25opaztBGLaaJLN-f5NbpvKXMx9UwftIYAz3udsDGdU-J3FrcCSVOiuP0vcelddQQ7Kk8mf6CRMsBsKQs_HVZlJubpN8aO-w8sfdOr3Wn1sxyMU-sPk6VAaceMCGPOLTHGuXCCRDUHJ7d1IXQat1xqbTMeGNfcYuJIr5LN1nI7RVT5sgTdm_klrDtW-H3XZ5Xd_dbmK-KWVESJ2j06jERsnZMxmzvZs-9TRLDnEox8rIN82syD5WDY2UGdgC3QTCOPuOD4ao33hjN9pG5q1E4lyWkXdE11xQk0vBIXScPBV2EoQ3vYc0SR4-KcBXqgW_qZv2qavyOstMssRtj0jFYLEuroANivzq01Y62P17-7kS6ohQxsIyMSSfm2UN6mOJR-EEP83cCEOEELQXrOYwiT2J45wsecPqP19WlYsuko5LgrZpimQihpJR81xBRTplBtCzkVuqlY2a0aKgcuYc4-2RoJTph27Xj_u0U8hmZhGoBzphcOpd94dzu8jO-C_x9BiCLKWGx3_47WZ_kIHMZTAjnu5iBp8TY7ccVHzcTJIW7TXhrz4fhKVTsrUmM1qXgSwoibK6zsAyYaode9fgnoRcMamNUlH1uKe8Y32De1aQAl_-Zv9lzyFG5CbH4_RM5NqFwLRO6dwarhSBhDS7hKKnPCiE2WCk-XDepYiguguhSusM0d9_udTpUBRsDLawJGVohmVOTpiTq-5qO5Z__URkMZVN3Uv883Qh76KiChL_aeea34th0XTTIF0bK53D2R8H9_3HHjFXtumFR_aotj3FMEFi5aKzIQhshpdyHjeU8QjtitNg4KmnqbwLuGEn0qXSjWucAMwidjODTEilhLtxGFbH8b2PhBlO3TL-2VJ9p94XjK007gSmTfPq-GM8lohKuyLVxlxVgDl-Df3PfQbfQKxf5dblwtKNd2LGeJL8SDFjxiz1Et5H0JNcqn11TJBwk-FGdpS6Oq2afQ9Y8JfP7blbrD5H-C3wUirXbK18BeLCM2JwjOwxSs7LtFG54ahloFg7z9_OmR5-xQIvkuFs2Y83QngV4DDAIvCoBRXLRpbXeOTavCy4QNhXDyDudVnF5tTSOjhbij9nPhJfxh8i1LWl9WTd_kQTpjn7IrhtVNa3pjpXaKwzbG_rXZg2I-1942_Bh6ifDq_mYrx0pARqhFg7XY0QOT3pyRC90Je5zaEf1VVh5xbHNNJX3GfxoyZgG3l8JNJUzVVH4eYY6sn8ekw9flN7BSx0m7tnEVG8N7LLrGUidbW_g5WUhILH46Sb0wtIG9YyabplsopCH9i5TsfU5CGG2Nk2WYakbAPOc666VMZSv6lctUczq9pIFjSz9sxeIL6fjvBLk9ExJ7Cd-HCCyvd24uZMRcTHj4H5hkjDurb6ml-nl4-vQM4lE4RjrPAjyTlo3t3Rq_RzEheIaSxLd9Wg3VSXJgZwCnsMCY2Azj_lQ0iY4h_jQFrpmjppme8mtF7ekXeEchnfbo7J1C0sCZiz5SfUOsUlxDku2CA75hSvtRVeEwwdlctRTuYejY2Z_UGDGMnpTQYM5xf6gMMOxFESRwGvN5K6NWw9MWnpRzzl-Y5S0oY-VRWZYxZk2Oo6dCLclGHXNnB-dubXocCIOvuqPqg7JPpoz2ImoHHPTc8VY8Oj1Ee7vv_xdY1EZV8UpFobxUN9OIbiFP89bJLZIDT1ocuXIo_WSt9X1e8OqxQv0pFQyP1PdmrIuREH0u0kLzogspoihc0RTGBB00s2uS3XtFoiDXxzw-Q04cFpB_mb543SrreCdMfFWywzFZ7AuP3TnhWT7SFyTqQj0oz8thQ_vCBFgO6Gp6B_0_uHp9Z6MJoQI_Kzv19xfjvFh9m1t6DOImY7nlguSBaE2LSG8Q3X93351hrQKgePSxWZiR7iijDEJnSKt9vCC5eOGzU4hSRTm19fPOl0tmk24TxbKyyWUNKxHpjvQCE1T2FLA_LiBTdfJ0-zHTF0UTRrnLaHSOy3zWg1r9W8dKwEukvMrjmJIuBnWzBdF3JTQMs5K4&cid=CAQSOwDICaaNDRQrMwkgLyhrHyNkKQVUN03OMP8CnagV3DfcUFzeO5wnAPmD839fX8lq_8ltUfC3mIRbrQk7GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=13091205379883762000&adk=521587874&idt=191&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:50:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame D2BA 30 KB
11 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:34:07 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D2BA 41 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F054 1 KB
647 B 30ms
29ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 26 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D2BA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 424a241cd90964af9b5cdafd556cb73726bee48844cc096814e2db2c3d0ef3ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame 7E79 251 KB
75 KB 427ms
426ms Script
application/javascript 54.78.81.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jcf9bQxT46aphd-W06gZUh
Requested by: Host: baiyunju.cc
URL: https://baiyunju.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.81.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-81-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: db837b7d61ec80a592ebc2873621fe25eed4e918151ddd39e8e0bbdeef87a486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7E79 111 KB
39 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 7E79 11 KB
4 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKwdDBpfy0NjvPPIrpzarncELMwtpmXAFEBTKvXKPuTUUJFHdjHh8VhxbX4yDWG_wL-0u1Il24RcbfB_gpotw6H12UXV9o58rSQN-ZGcNvKlxQuDP_De0cja1PSs_fPqeRsdqoAV_zvQzPyXYHCBHs7-IaVvSe9NRvvc6ZE18--vbugas&dbm_d=AKAmf-BW84OQ5PUEL1Z1ZaWqJbnmkK8-Vz9YaOfZxIQTBrOtyZrspcCtirAZOPsWfCvpgWav6K7yEs50o6lWs0-f9Ud-xglAUYrrVx3IEqMXnEi8RKo8SRBVaV4NymANZQrJW26rGWnT-G3B3BbTMo2HFA3a5cogo3Ubaqb8PllMkVTM9rbQwUAqupak87Vorvz78FYTC5Cb2LH1et-yM7hwP0c0dUfsjveUahW7KffJAaJUh8vzKhq4FEphsv206Osv-MgCXILrI97lILbdPnvBHU_njAY5CWDqMS720pd44Q4NiMGYilJmqs5yi0NIAZmXcujqY_eQReUqQU-SeJP2ZP-u3OfqHeR97nVUx02tS2Px193W5ZDtn1MQztnCAaakvjl4oe-MynV-OOEiMxUIUakuyFuFZ5nxVT7uB5w_hSe9A_L7VjUbed2eRillGiAMEQ4kgxvwjH01MoiD0uc9a_Ft72xlZXe5iDDFAxTcWJZbBk7WgGOk2FWw76C70uAZS9Hy6MOP0xdf2wHCdfgwTY1OHcQIwD8E4us6erhgK-Hk8F129R8Yzvbc-wlEKAdYPHTmF2QRCOt08kHDsyqjxh-7YJVVcTM61zOC4bBs3sxTmsn30C1ihKzc84nvakHfTkWcP8rRgNCkB3R98HWjjFGDwQckkDJStAsJ8sIQE1uEBOuryNdkOZSvXqojDuUCDURz7zyk9nhKeaxA63G7wpvg-eng1WfbaoFzMQHDJ3JdC-mPVWhaGROIfr40FweE2A-hgPx0ti2yz1rapGP4hJI-kIIc7FlcsOeTCs5FuuxI63f4Tes8LuMUUUbfVo835GxIUEJETT9zXWvW6DNpcIrQ6BD5Lb2wrEURoWl0L2s5pU1cicb5A2aX5grK-behjQQBmvnsZLiWncuHHMCUFgPYxZU9jrD9_dNADCc8KZDi4JOyt4uYWisoLtGhuo8r0usAGfnorUgUdAHAnj3ON70w-FzTID4AqBy1OdFV81q7LPVgHL4OxqB6kumA0AVFEYqE7ucHQcgYOJYA_BS8f9Q2gEqm-RnnFdUKkgAUNsk3m7rkOc_6AzJ6c0ZLEiLyLGCsptpoZC40CXnPABLewim1UUDjyTVirCUc3JNOKnlL_NwHSafSczMe38cViID70isfc7hF7ELjQxlobEDvkqLgXJn96ll1CHTUMpwSKHsGEqCeQf1DqQu91JgD09xzb7dPaUCvCBkA-H2kmbYA2IzujV7GAFQje7ttpG3nVAJ5ZrDnEvLFHFU3lWD1ni7itbI3l78-PQBk1U4zgiSaDXOZSbFj94qKh395GOvtsepsuUysup1jwhxjK1TLzjtVBjjMk7xuMDNnxwzVVnSrUyULnfxUy-pFRHVj4mfcYbufH9vn_5Jqi-HDazSmcCkRnL7QZ-ENeq8OyQ0MULV8IgsfWCzihXufIXZJfBOLLzExvx2ip5zO03KPoZLmotkGKVOpa7o0h0OqnuevFHYq4LqZoZjo9QKQECtZopH6E3qEEYcNpKvBtzsiLExfpIABN4_jrM6K8iFblOaU__pMP1ndauNQoO8RDKrEpPw4gQudjR86P1GfH4EuK_LIHxxNNKsSm7UhFlZu_Lu8lMuJwUiGjXOp2fVh6jQCoghFPk24-HujPQViT0UdEApTJvjTOxtblt2hklstd4qMUyqzU4tGQ2t5J72RoV44UXtcOzbCZHKp_U5HISmg3OLrtQkTJVHQ2Er7FzkOMrcMkXgrWQljVQNxQIHC88fvEvNm8NHuekS_fukIreMyugkjX3WugFL4vQ7HP5B0_2h8VbaaZVvg0sEc69biAxdhq7kTv21eGpdExq1-l6a7LrbZh8QS2GaPf163f8JlSQCI8Pw0I4j5aTiPYy14eCn-6LUIw4bcNyyBQeLLGyossSUT9UtMhMSl2UDyqyj3B751_noNL3uT2MOjOXHFryH_znc38aBWUpCghABYApG-CW3atCNUA7jYtJZp02wruGaj7PmwnRRotz7U8sVjuwyVGZLE1KSIVKWz5ja67ciscIbnD2r1ggv8KW7AckbIOVq7hYTYFL7U6pRmfeG1PLtZBFP15mb6EDksfnMUu7fwQ3VjtfPieeUU8lFV6Fb7Aw35O9DkxYYflUfcI-st2Nl67uoEJU_mNxtMCAtWrkoFBkw3kbi-bDMVnXR6G3EFC9wDc1YdaMpccr-JdcD3YhC6dg8F33FuLo1bVrDq0wmlnLHZYvaXOrbJrZFGqqxM3bBkpJwDyMMtJRJdTTfG4qX9CgxDUokz8YHknfwlulKme14dvwHjgCZqJYzXo2o_cpdap-BFtOR2L4mbe_-_QEghuYO-MKvAUj5B_sj9Hb-Q-aYSzdJIrq-jAzKV8ywmAVnpaberUuu8S0OrC2sE5eRMI6UmYsVFOHYIgHIHSTNDnwPRJ898kxw5DatpSFTzMLtLFdA1rYcia6lFyegSwaXI-uY1UMCRaPwG9KRqysueWv_QRBbDLuD4L-VHuncPt0YGVqBkpP-eFmeiCCYw7ZgmEe_pZ5ozDAqqIsSVsJPuvNDeVgg5Uh2rdrkerh7M0k8YyBp0u0lLH8AqBHVvB_V46VnH0KjxGTco2AQ2kOmt5izxgYQL8GKDPDyf_kwfdutgZmbUN5f4Uc3BrgnTcDESDxpZYDH4vxzwWmAJgAdF3ADv9Bu7SztJtZz2ar2pRM6eUFl8PJWK8thGB6uNo3NK5E7ssz7BEzKgxKCHg2mGYQlbmJFvUUu_DNCJtJ8oBHaysqiukuKXzpcy_JwVKNJnaOCm2ICzncrqPN6TipqiLvRtRl77AZm3BUz2TJK95B6ZxKhrD0out-ssB_oIk5k4HulWp_4g0pnqPBdMumaD7j-xcomA4lAzrD-RwnJ99nBGoehnacRzaG0PmENdscr-K8Pfe91klceXvECJkc1aR3ZuqXCtwDI3r5aXNTZHDLyrw0eaNRi0N5Ru6nApVWzahz3-BesMHsUPaqfS606YIEd0cbMxiLYnA3m-XSDs2iSyqPoj_v0i4Hh5XOPyDHsElAoL1GY35dl9BfNFTbaHQJkgO5ZnfDEAi06jVqXr34mIq9UzlOj9wepLXifZhwJlN25kq8XdDnYYXwFy7lfbCYqf399aMUk4hoLc0e9FduS7G9ZPj--opIVxoUmQQgMmdrWh6HmlK7RtqqHycQq4nKvSVEwD6_nJ_5Rcz9_ZRTdU_yohYgD6eZ44b2BTXmhbZa7VR-Oc6MVYH2khNhNs2CYH6oAlQD7xteXkeoywT83MxAD_iKxpAHY4BtZACJ9aEyDruOQ1DUUZRooCov4Xi6VE0IeSSTVBTZy5ELfiNc8X00WdqF4XY8_Sj1cME2LE0LBS1MljEgFw-bvky561A2F1PbaOZWMLufRR_-huOb5D3rL6IOVwRCWsBYmeLK8nz4RP3R58SF2_nvvaWGUaWvfmj8ZA7SVB-WSWLbNX3ZjC-9YvPJs0FU3y3dvQHt_Wyi-Zbn9T5QK_hKInQzQS8lVYyq9ISs-OuYGJcZhdhfGpXt-dCb8s1YiQez9y14tj6iaA5czv6fK2Wd3qW-nmdG_Ticz0IMCBteuPQtoA6R7cBsvsf5MELt9PwKUoDdnyey_rh95ThBM-HiO-WoaAselDCxW6iheOW3EKhXYmL8R2AT_dnfsGV4I4za1b62HIK2TKZTw30X1CKvk&cid=CAQSOwDICaaNvyQe24K9vklaz55U5sRq0UqZyCidDDRLJVYXn6YvznnKuyzYKkAIQNRgaIgO3dfGO0ZXNEI4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbaiyunju.cc%2F&ds=l&xdt=1&iif=1&cor=7943715016734382000&adk=1726166460&idt=165&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 07:50:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 7E79 30 KB
11 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 12161711247934188981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:34:07 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E79 41 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1761 1 KB
647 B 27ms
27ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 26 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7E79 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18a96e1adcf4c983adb11ab0630b46def46d9025cb364cb375829c70959f22ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 42FE 38 KB
13 KB 29ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CF36 38 KB
13 KB 25ms
25ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame 780F 141 KB
22 KB 25ms
25ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 360226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 14:58:26 GMT
expires: Sun, 20 Oct 2024 14:58:26 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B21F 0
0 72ms
71ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthsVElJgCHCDBfDXPfez1NhMYvror2HJ49FJxiqABQdR6pMKsw9fDZj7TCID0yM16UusXjnWEFSK_KToxsll4Ins46HneNjqeUsXUDANHecsG_SQbDG4HBKFZsKSBEdkJovFYTZANquG-uzXgPAsiAiepPfAa8QJXk12-jBFqFD7blCHK971GBn1PB4KSLSmSkFla2I8731bq7oo3G92VFu0p9QfRhV9Yww9KTpojQwUTbKWgLo5TOZIP6vkfYuiSQEIYrGfyuHnGDpX15SoGl6-wqCGRM26braQOFD1NEyrvm8TKod5484-oaQuEaueyf5k1wCNwLsvEeitDTTuAMvhwymbkuzbb3-pbkNaG55ODolKMeKZp6hxnsvTHQ0kzMorFj13Rqx1ySYvtV3umkVzIlDXuzbJ___VgaPD4M9P9_n9XcTjn1GXH7xOoArbeQBkgjp_VliNjP_9Awcz9WDEIzJPxBGM4iBLy2xscNWiz32-rhouzivYzlAB9TI5m86NJO6ajWa-GzM2i1nEpaeCj_lwYZnlI8aQ-l34i2ZXoRLPvm3BTejxvcmZdt68pozwFyhow0ynJ7cs9z7IIDkMmqbvMOGw8vUJ6lCfwR1DYof_HwRccZ7wqAAkbiQzC82CASmJMGZwXBgoDLqe3cVrBxMxXlyTN3FQJkiSTEBg-FqXsjczRQhttF_saHdYAWtQSUxWkohbE5xYZ7MFRloNNvz56aTVxa7lA5qy8q6nlVyuLWncJo9kYceQSk5l0kIMip3fPadFsugICC-Mt8GrHT1mliIdfM65L2UszXF-jC_j560B5LjYNek9i7PMNavk6ghYusx-Tynm0uQjFdJ4cNqEDbZSjjI9726DDL4hg0lsizWNhpkTD0RmQKsh-bCPlyI2vEKfuD3MLY5g-P8STQdd4rXlkeaIi2JdnC7Hj54wZQBTkOiLMuQj-DtB_4lBScsBjsd1MT4FR1YApNfQBkOMfCfg6fKxyvKaeAWVlboq094CF159oG4FLZxXnyePFSVrBSh7m5_4obBZnDV-U9H4rLjP6ZrgTXpz1xg2l6gVEi01bZItVjYUfyTDmuCI-IRCebH8mLRhHV1KlqE_UUFdq7zUY8J2kr_5kzdqiUh0EMEpsqCLIwk6fgcHc3ievx4JB9tzqhSaZAV4EPnA5akD81fcSFq-tAm244kpmYyHvxsUpQ2vowLMK_8-PBMLR_76IGY0mFdGkHR79CFs8Sk9N8yTsQ4zqzI3adBdzhLNixLZyovy6vH3DExJpqN-4ZeQOCrNVkNwYrorZ7Kt78ZcEd7caYErHSvQldnYRPuBMXaxa4h-fJHEHyOHCepAT9eg9u7XFFeeaX&sai=AMfl-YTo9QOd9A9adZC0CTNDFF33PdJoy-sl0ygajwJ3PTjsj12xMeUVP9njF0mFCGyQiKpBJ_XPgxiGJXPbu-OmQIojLLjvURkm8dVp5qXw7SqtE1U5MOK-5sx-TyuksUYEq_v8yitefqEac4hclNUSPhM1685RRF7QlEsxF5SrKQs3oG_iRexKyZ2NoWmpNw5WjdB8FEKvkwpGrhpgJzRZNCmPU2cc53jRMV4NL4DoCWT6KNjO4oHPgQvTgloWz4SbGbDC&sig=Cg0ArKJSzEb0lpHfOmvfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=343&cbvp=1&cstd=341&cisv=r20231023.90832&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame 61C0 141 KB
22 KB 33ms
25ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 360226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 14:58:26 GMT
expires: Sun, 20 Oct 2024 14:58:26 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0EA7 0
0 73ms
72ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM_ISbZarbFH-M9gZadjVJLESpHhNCuuEV5fwlKiOXe9aMLEF90I16Dcotctz9s85qKJOwX9NaWsqcbZQUNsqtUTHKnF4wkVe_cPfogxdTeUixZn0us59irZ7GZazAwhm7BYpBJAWO5J0XyGBhBeY3lpcIbR2SDBkvL9iUKEur4afrzsnVsK21Krt6L4PVD2CnJXIKtzlsVbMPSUbKLKmJ1arOatlfpBVMXYmk4kFcz_F_IuK6lmZSfFHp6xs2x3HLhefCPr-v6iEoQyA3Xy0fsKBp6w-UinBO004wbwBxAct0k0Tbn7sszJOTpRNWtDvcr2FkyxMQbpfmtyFo9Qb5qGHmyg4enmUPnaQ9eW_zZyVf2QTXSjN63SkAXZY_pUrZPJhD8NC4E4JGtu4X4moU-tfop6lk4h4Y8Buf-uNm-FbE4gX52Ke76FPwmD6WftYuW_CB74-Kmo0yHO8U-oBr8ZWpgSd6CmSxJhfDtf5rm8rnOeD4DX2ftrkebRzpdKmnVBodHDeSP-0AW-4pmhHlvaipmczZBUms9UFseZ96z5rI2W3O3ljW7-KszEW--KePGy_X3tR-Yhap4--NIy9FGQmaji7KEQpC189_67P6OreNXRubYG5nYbjb8r6QFWLEkjZUT_9tNrU5TWIGUVK8ulA3CJZ0ycpGIFgcr1LfsSV-tiV-zHonQChZs3iG2vTYyDtlPsxFYvMcmD-uY5WJHRsApDhyTBtthH2OhYu_cWyJwlXK6vz24aylsSCpBhTVcdVsb-seY97sPalq5UEGb3Y0bp5qi5CJGSSQKxC0sjkf-Ruit3YrpRqRw47f9Le5uaQla6Ny21bof48-A7FbIYrDzx_1UyQeX4U-uIC7XciGk93WnEM3IHoc7A2cV9b8RHd4p55V4H7vGI_bZ4OUoJ4J0ePPuvkWvTyMD6ThjO67jo-M9uoNE67hlXE2Muuk43-Ym_PzWzX4zJgkFuE-Sxch3eeXtmcUsiD9OIA-JMiyfYgXDVCeHFHknTX5kEQvUlz7exh8zEUtoigbiKnbTkhjUqBfP-HZi5MD1rgKgq3f509mIjGoX6nN4ReX80TaDJItQTiQe7scjzmX-ISbtuu3pCikvjQsaevBPFmrR3VJLuO-PPFIre0-f4mdkZJsZGRpILJXoD7w7yCLS16ENgJPcV8evQ7ntnE5r4nDNSQLFXsrBc_l1D31KdVkJdG_oAVMOeOq8jMrAMZuA0Mlohxgx3uYAnNQVHdc6ukYiw1yPJX1tm3x3f1iLtQuhF6MQMqFUbEvREXit_UgZhoZbhaql1toq-Pcng8reKARKHnwvpYP_vib&sai=AMfl-YR8GKmuGCW-p17ciymtyXbvOD4LolmrrtS8byw_vOPkurBDiUZuBus1uL4Np0KaaUeqfxzqk483XtVVR7JCPNrqWMFDadA7wSs_sni4a0dkeMpXxf1IOpCKletj9KTptuPBwBs3K1Wjlh6eFEZ3BRx7Jc0CLxDyLdlqqrBISX1RrFDF-NOI6tIxELo3i7miuJCfjOBVpcuUkRj-C9moKHney5CixHkp_J3WZ8SijFl7zPJOyLc9QwFhxVR5d7xeZyon&sig=Cg0ArKJSzGnsynoE7jxSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=404&cbvp=1&cstd=402&cisv=r20231023.46207&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 _728x90_bg1.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 15 KB
15 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d921015568f0a3b71ce30f6efad2fe3cfcdeaa9c17a683946e13d0924748da94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:38 GMT
x-content-type-options: nosniff
age: 248254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15762
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:38 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8A5D 0
0 61ms
61ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssj0Y0xTl-GZbkcLH-D24D2igguTZ6OlA-vTejkB7akEgF6EGc11KmFXE4OM8FSosJS6GTROiImE-Pyy21Wmn1tSElKTamPtxCfmoFy4_zykEwt-gz0lSP6U-3g9INKccH6KQwU4M5Lz-hWeltoV7vS8LfWJLYfpSpn&sai=AMfl-YT5CjpgMehpXN8eFVs6wlW_jghG9Byp8IZSedFJyiPvov_NzuCVZI1uITlN3rxLZj7-iKRZTh9C4W2u9MX4JkvodBSQUjpvXUeIwA&sig=Cg0ArKJSzBFnjYdUlYvIEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=645&vt=11&dtpt=544&dett=3&cstd=99&cisv=r20231023.30788&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 780F 29 KB
10 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 10:44:39 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 61C0 29 KB
10 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 10:44:39 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3940
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4q...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF...

43 B
434 B

195ms
194ms

Image
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81bcb66bdef04dc4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 208
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSx4ITjay4jzPJY-EIqiiWFE4kRydUWFNEzpgEYn9vCLw_yhOZQDNCsCM_AnzUidfuFggT2XRY_Q4f-v2EAkKrsVCUR4MF4qM8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81bcb66a9c914dc4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3940
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL33atUr1gucioMI8b6S81M&google_cver=1&google_push=AXcoOmRFRGTd5qM5Evz5Y_sAaRjiYA-LEDjFRwIIdSY7uUh-kyIMfF1aZh9F2Dswzb-ZL9XBctaXiT2WG3t...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRFRGTd5qM5Evz5Y_sAaRjiYA-LEDjFRwIIdSY7uUh-kyIMfF1aZh9F2Dswzb-ZL9XBctaXiT2WG3tUvuW-eDs-oe3yg5WJdQs&google_hm=cogTojyZR-219WSlM...

170 B
188 B

48ms
47ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRFRGTd5qM5Evz5Y_sAaRjiYA-LEDjFRwIIdSY7uUh-kyIMfF1aZh9F2Dswzb-ZL9XBctaXiT2WG3tUvuW-eDs-oe3yg5WJdQs&google_hm=cogTojyZR-219WSlMAYEChs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRFRGTd5qM5Evz5Y_sAaRjiYA-LEDjFRwIIdSY7uUh-kyIMfF1aZh9F2Dswzb-ZL9XBctaXiT2WG3tUvuW-eDs-oe3yg5WJdQs&google_hm=cogTojyZR-219WSlMAYEChs
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3940 0
173 B 128ms
34ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFMpvc6_waq1-jUOpP_LYVA&google_cver=1&google_push=AXcoOmRUIdu2NR5cMJI8mlB4KBAf0WO4Rp8cw8si9PzmHi9A2nwNI7b5aqLZ1wSK6CkiXQuhaGIC_zOb1MYwW-rrSUMTwWv8m3XT8l0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3940
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO6swrVrkx1OtmwujDDcOKg&google_cver=1&google_push=AXcoOmQRvCtFqEDf97apI8s2fKNO5iboOC86x5ELP8b41JTJv-tcO7HZY2lDTj7ZOiVVedURD2g2DgfK7zxE5p...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmQRvCtFqEDf97apI8s2fKNO5iboOC86x5ELP8b41JTJv-tcO7HZY2lDTj7ZOiVVedURD2g2DgfK7zxE5pMGOy...

170 B
188 B

54ms
53ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmQRvCtFqEDf97apI8s2fKNO5iboOC86x5ELP8b41JTJv-tcO7HZY2lDTj7ZOiVVedURD2g2DgfK7zxE5pMGOy6p9pvpQH78og

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzk3MzQ0NTA0NzYxMzU5NA%3D%3D&google_push=AXcoOmQRvCtFqEDf97apI8s2fKNO5iboOC86x5ELP8b41JTJv-tcO7HZY2lDTj7ZOiVVedURD2g2DgfK7zxE5pMGOy6p9pvpQH78og
Date: Wed, 25 Oct 2023 19:02:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 3940 43 B
146 B 191ms
21ms Image
image/gif 18.158.5.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDbqJcO3lr7su7MnzEBSY5M&google_cver=1&google_push=AXcoOmR9VSL7KCIwlVbX6aJAiZ2rLEB5eHIDgKhl2rSV7IauZJ_WsjbDj7ZH378wWh0xTryxK38QTwrcCDjvVZaT_ZyF2vmBLMj33A8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.5.115 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3940
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMgx2mQIZrU8Z8jtwerDiYY&google_cver=1&google_push=AXcoOmT7Ac_Li9ONdEKOuZjCQXm10BoyPOWDS-5jU01cpEiemYi07Eg__YLId2bl4n_yzw26oiFWI2ucAmHXFL3LWXmet0n...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT7Ac_Li9ONdEKOuZjCQXm10BoyPOWDS-5jU01cpEiemYi07Eg__YLId2bl4n_yzw26oiFWI2ucAmHXFL3LWXmet0nZyTIjqBQ&google_hm=eS02ZWlPMlFkRTJwSGp...

170 B
188 B

64ms
45ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT7Ac_Li9ONdEKOuZjCQXm10BoyPOWDS-5jU01cpEiemYi07Eg__YLId2bl4n_yzw26oiFWI2ucAmHXFL3LWXmet0nZyTIjqBQ&google_hm=eS02ZWlPMlFkRTJwSGpLajVucmthWk1qWVN5QmVGbmppbn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 Oct 2023 19:02:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT7Ac_Li9ONdEKOuZjCQXm10BoyPOWDS-5jU01cpEiemYi07Eg__YLId2bl4n_yzw26oiFWI2ucAmHXFL3LWXmet0nZyTIjqBQ&google_hm=eS02ZWlPMlFkRTJwSGpLajVucmthWk1qWVN5QmVGbmppbn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3940
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJm2QhgqPe4LeYsk2vphBjg&google_cver=1&google_push=AXcoOmTF4_kemlrC-OHqT8Cwc3bB5q7L2JSvyVsZRec5JKq3H9T_QRBhdf-z6udGu3vxVzljOtbPvxlPdDPh...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTF4_kemlrC-OHqT8Cwc3bB5q7L2JSvyVsZRec5JKq3H9T_QRBhdf-z6udGu3vxVzljOtbPvxlPdDPhEk9ONMmi--F7Xhxv7zI

170 B
188 B

56ms
53ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTF4_kemlrC-OHqT8Cwc3bB5q7L2JSvyVsZRec5JKq3H9T_QRBhdf-z6udGu3vxVzljOtbPvxlPdDPhEk9ONMmi--F7Xhxv7zI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTF4_kemlrC-OHqT8Cwc3bB5q7L2JSvyVsZRec5JKq3H9T_QRBhdf-z6udGu3vxVzljOtbPvxlPdDPhEk9ONMmi--F7Xhxv7zI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3940 0
12 B 34ms
33ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGApeg32BU2SyKDhLT7ifys7t9v0NKMQ1ATL2F1mkna-W5g4l4fED6MhsxF5BgNC8Yb7LM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F054
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1&google_push=AXcoOmRlgPhn4aC5O4ulOOsZ63pfPj3QKBxoepQt5dxCzk0mUKrCJW8ZxtMVqNdNFa-cQw3DTWLBMd3_4hGmdNQd3D_rlH_ehOTMODU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY5MjYyNzk1NjUzMzE2NzgyOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1

43 B
398 B

34ms
34ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHPFNW8lae1JsFRcdMqwtKw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F054 0
104 B 198ms
64ms Image
text/plain 2a02:fa8:8806:20::2010

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBeRJ0E7-AqAf0dM-2dFmPQ&google_cver=1&google_push=AXcoOmQ495uwW7TyQPdcte5IWRSc_Ekvlwhzk6QmK44QGjgxYTM2RGs_pA71BG3yJVjo_4mZVj0ArU7YtaPiB53Oc1i6uexCGNlohDs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F054
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_I...

43 B
405 B

204ms
202ms

Image
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81bcb66bdee64dc4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 202
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSiEQoO5EfyEbZo_WhPnLg6OuhIWZ_I5_SZ8_PRsIDREuTA6_ToEiHwSmJ8dqDlvjAEljbpcXvxXUUbXKrosaX0m66zU_IH-hA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81bcb66a9c964dc4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F054
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmSWk0MCzZq8G4HxPAvXVZ_4ZLerkm...

170 B
188 B

47ms
46ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmSWk0MCzZq8G4HxPAvXVZ_4ZLerkm__cDaXrUieWUc57irjlEt2Pz1-Rq47KMB0MgxlcRaCDXe-VLKA8F2kdVVGAzXNIoGB2Ts

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230072-FRA
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1698260533.845198,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmSWk0MCzZq8G4HxPAvXVZ_4ZLerkm__cDaXrUieWUc57irjlEt2Pz1-Rq47KMB0MgxlcRaCDXe-VLKA8F2kdVVGAzXNIoGB2Ts
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F054 0
119 B 118ms
35ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFMpvc6_waq1-jUOpP_LYVA&google_cver=1&google_push=AXcoOmT7KLR0sZq5CEeiaQSscsU8ctwBjobVFZViobp_VRI7KQ8_VI7Q6p8AcXRMj5HlkVfzsmlk_izCmLCoAAAGZTkrsotjTJhT2A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F054
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFclQ0MQzKccb4Qp20b02gY&google_cver=1&google_push=AXcoOmT160ubAqaX-UFV4azYqy3WJR1BaVNcJ4amkR-2VYrIG5KuxUghTA7fM0dIP7eJ90Pn76njqx0Lfmoxz7Mp...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmT160ubAqaX-UFV4azYqy3WJR1BaVNcJ4amkR-2VYrIG5KuxUghTA7fM0dIP7eJ90Pn76njqx0Lfmoxz7Mpya8fIaXITXBk3A

170 B
188 B

34ms
31ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmT160ubAqaX-UFV4azYqy3WJR1BaVNcJ4amkR-2VYrIG5KuxUghTA7fM0dIP7eJ90Pn76njqx0Lfmoxz7Mpya8fIaXITXBk3A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nyAfTkkaQFwWSM27kwI3MA&google_push=AXcoOmT160ubAqaX-UFV4azYqy3WJR1BaVNcJ4amkR-2VYrIG5KuxUghTA7fM0dIP7eJ90Pn76njqx0Lfmoxz7Mpya8fIaXITXBk3A
x-host: tde-deliveryengine-production-69ffdcd588-kgpbd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F054 43 B
363 B 119ms
36ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRhVBjDQV73gJi-SXjnL0zL6Klpix0Q95Va6q4IGD9D6zgD0i-icD2qFEOqIZznPW9lSh9k9eLM70B1Ixy965ZF9xuN-hip6A&google_gid=CAESECpOYdt1F8ClnHRUHOpIaXc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 318417
expires: Wed, 25 Oct 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F054 0
12 B 35ms
33ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JwRF_2bVoUpiM2VbDd4BkEv8129HEYH9bdhWh-vzgCdM6rM3zdewvSWEKJ-YTRcxH446-s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1761 0
103 B 182ms
64ms Image
text/plain 2a02:fa8:8806:20::2010

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBeRJ0E7-AqAf0dM-2dFmPQ&google_cver=1&google_push=AXcoOmTcouPQH1Ipn1Lj3bdd_7W3nDNcZRkPmWvSNwv9XUrgR3YauIm_wke3-TzabERP9kGU1CNEQD4ql1EAtNpHeMr6cXJFyDn9hQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1761
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmS7tKsCf8Vk7ZhPjvNMLH_SZeV1EosB9RzSn-Obl9L...

170 B
188 B

58ms
39ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmS7tKsCf8Vk7ZhPjvNMLH_SZeV1EosB9RzSn-Obl9L91nv5Dy_VaqxXbN6zuAY2m7iYzR4oE5GpsJ8VFLOOKQ5BK3Nlm9h0rw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 19:02:12 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=blFSbVhrdHcxUVZKOFU1&google_gid=CAESEHWbT_bRs9JThxuC5DMNuqQ&google_cver=1&google_push=AXcoOmS7tKsCf8Vk7ZhPjvNMLH_SZeV1EosB9RzSn-Obl9L91nv5Dy_VaqxXbN6zuAY2m7iYzR4oE5GpsJ8VFLOOKQ5BK3Nlm9h0rw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1761
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43K...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp4...

43 B
426 B

219ms
217ms

Image
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81bcb66bef094dc4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 202
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMSNGZWQJEAiVr4cZKNrqMk&google_cver=1&google_push=AXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQqBL35Ln9UyfkQkTjj1wWQl_nq6KhBDGPgCq_n8Vvb18dAu1Fw-biArsh1QlvQfl2o8UbKa_ma2udqGzFs6LBmWFULrp43Kg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81bcb66a9c934dc4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1761
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmRPSEu5T3s6RwnNR0KqkcmmLn8iOl...

170 B
188 B

62ms
45ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmRPSEu5T3s6RwnNR0KqkcmmLn8iOlMZz3rYx-GMLk3gQb41pc4HeyFfM0Ue3TUZn4VtDaiOpxffxUj5G9xHReYpYQ6R2-J1Fg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230072-FRA
pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1698260533.866447,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRsbU5BQVhUaFZEcWdCVg==&google_gid=CAESEBOQF9HSBiTNOg3bT7TIBko&google_cver=1&google_push=AXcoOmRPSEu5T3s6RwnNR0KqkcmmLn8iOlMZz3rYx-GMLk3gQb41pc4HeyFfM0Ue3TUZn4VtDaiOpxffxUj5G9xHReYpYQ6R2-J1Fg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1761
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESED00TcErr7jTpucH1DcY7Ws&google_cver=1&google_push=AXcoOmTlCfgR1ZXhW2g_86n_RuJ5EFA7QqhGPIcvJdmOm6kqp63w7Lb9eMuDae-zfABDwbxPu7WZVwNKz2twp-mI25BCkgq2_o1m
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20EA50D646EE452C9E3151D7F4A116C4&google_push=AXcoOmTlCfgR1ZXhW2g_86n_RuJ5EFA7QqhGPIcvJdmOm6kqp63w7Lb9eMuDae-zfABDwbxPu7WZVwNKz2twp-m...

170 B
188 B

35ms
35ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20EA50D646EE452C9E3151D7F4A116C4&google_push=AXcoOmTlCfgR1ZXhW2g_86n_RuJ5EFA7QqhGPIcvJdmOm6kqp63w7Lb9eMuDae-zfABDwbxPu7WZVwNKz2twp-mI25BCkgq2_o1m

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 25 Oct 2023 19:02:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=20EA50D646EE452C9E3151D7F4A116C4&google_push=AXcoOmTlCfgR1ZXhW2g_86n_RuJ5EFA7QqhGPIcvJdmOm6kqp63w7Lb9eMuDae-zfABDwbxPu7WZVwNKz2twp-mI25BCkgq2_o1m
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 24 Oct 2023 19:02:12 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1761 70 B
149 B 169ms
49ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELEktGl7piioJlAbb89ml4U&google_cver=1&google_push=AXcoOmR5uU2cmcLxys6ZLVs6OR04OMIhRWH7DjGAA6dOlX_Dz2jPWed9B8IlcHswYKldoL5-fc1X1sGHlACzLYJlGLzUmAsnyMFL-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1761
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDKpSIRH_ef7TU6rvc0Yfa0&google_cver=1&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44vHNOb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDKpSIRH_ef7TU6rvc0Yfa0&google_cver=1&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4MDcyMTQxNTM1NTg3Mzg0NQ&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44vHN...

170 B
188 B

34ms
34ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4MDcyMTQxNTM1NTg3Mzg0NQ&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44vHNObblqBy7SMTRYvp9y0vyHd1g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzI4MDcyMTQxNTM1NTg3Mzg0NQ&google_push=AXcoOmR018ihrto9ZMoH02Evf2F8sA1W5qiwm3O88W7Edl9tDRUl-J346mRzJOpqaHacC4K7w44vHNObblqBy7SMTRYvp9y0vyHd1g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1761 0
12 B 46ms
38ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILwpwnemvfpCxSG1cXczu80rxexW23JL1u8SCl3mtVwi60kb-rYKxHyzza1kVrDsBBLinH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 _728x90_bg2.jpg
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 16 KB
16 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_bg2.jpg

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d288569d31c44c2b5bf3971e7c4acab9d27401efb7212afa97b10e3e3ccbffab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:38 GMT
x-content-type-options: nosniff
age: 248254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:38 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame A0BA 141 KB
22 KB 45ms
24ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 360226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 14:58:26 GMT
expires: Sun, 20 Oct 2024 14:58:26 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D2BA 0
0 75ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuM80Qaj8jRECEMp7VKFz2N-cd89Wsg4GfA3zfWmF8hjmEeeAp93gVv9iM1WmPvSsxu42dw8Xqby4i4fTPYH_JeAPAttXcro2D8Z4gl_28fvJW8oq3K2VdtylYSZJD8OMMROQeKLOwqWR7SMjETf7xXUgMgGeZHDapmKp-tQaXBfhWElbi7WYFiDUzq7Q6-jcLgHhDVhKL-legAgnOp8-mP7mA7Zlm_ppATUxqroj6q6zMxELdzZqqqrKWaoWNX3BuWhg0N3cpZ6R7MtAuKN8i3QFoWWTEg_c1TEYsiNx0iXQcWgBzwRJpS_vValMqoSslycQ2IRRi3v2bkRDJtrGjC_Ap7GsPPYMQ_AhvECj4zeij2SDz6UvMTSyeh8fiLS3p0XzxZrdCDaz_gddlCMn3E9nfxNh1N1pLVW72I0UIeNOlQ4wSH3DepaHkmnv8hqMOHIJbw0OkPqVD8OL9-OaOrKE3gs-sDUbgX96q3vAXATmQxBQgP7fapUeJyfGESjneovLOKao21u6X99mNRc1buHnqoMIP5TdXif6d4dcc-7hIlV8jCsiMP4W8W4o3dq2aoT5oZs_Q-ruQcrJA_wnezEXi8LHNGDOQuNr1eYa9M_uVNaTaXoMWk4s1jHPH-SWlJh2pgrPcYaeZWq8H1xj-5tdAGYq6GU-fdJ-2FUy55rit2Qxo7I_2tFTkQKsW4VLhyevT6meLXRaHo1gOHUvaA33uPkTePjcuYARtGkfkE9BPPaqICDbQ8udjLyJdYJIXRQ4OLu7u4knFehES8WftSZbT1J8gP7e586xK-4CY__ktVCMZWiK3A67D08KdiRlEkXDOhyog0oRTzXGPO_mn76wD5tXov4rOv-D3jSAn26BBRdjNUd_jYVLt_C-IYTlZ0t_qVtT_ygEP5Sl6hEGrddSU--X11afLKNJuZ9rahNSf6ktistdKPWM_GjFGYVUhG9zGxMWWaTImskYCnvQ-igm-ms41V8Gc2fBtUzEUt7UwUd_Hgh06wWaqdf3_ci-CUFFAsmgMSJTmcD1A2PYu18aa6JH_W7QYnnoSh2zPPcPTMi2y6ls8Sjjv3JqMS8LG-9A_RGPfEc85n4iK-NSGvyj2mG8WAX8AiTB-REWFaedCi9egTnE9sGzwzc9nalSZeJIWte12kLi3-vpudi4fbiTLWeCG4cuhrCZIqG65dlcYt6OkJfGC7h0m8VPISnNJYFuEAK4nmwBAgoal8FUuuY-joWB0sG333H5rg8JD22WSEZaf_Uwz2XGfuk5qLVcrv5aKFp7sQra3y8XBcxMAOxg1K6NIkOTqViHNdIhbK8p5AkqXKhEXEs8Um2fh42GnM59YkI5Quv0onPiwnkQ&sai=AMfl-YRqq9a2euIm9QI9Xj7EgU1WhzWo1SbEOTX0rkOfTqkZU0TQuDeRAaqpKsKWbnCxhv5re0NYiNKDT0TYzhB7rzhNaLOnZEllaIZ_QqORsrtKtL8UBS2MVC3f5OSOpgRlJnF28v6ZPfEU98FhfJJhbhJHurv4-Gf2vU_XuJQG0Ng8dGNCaV7lJIVT3AVsOICgDfClwQJQ1PtGW6bO16NSNZyeVH9RUI2aeW9FXieSjGz0VgaDt_-YyNf2ujQ6DGcmIoKQ&sig=Cg0ArKJSzJWk0mlEj3sBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=268&cbvp=1&cstd=263&cisv=r20231023.92174&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 70C0 38 KB
13 KB 41ms
30ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame F8CE 141 KB
22 KB 42ms
31ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 360226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 14:58:26 GMT
expires: Sun, 20 Oct 2024 14:58:26 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CC07 0
0 85ms
77ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuiqGo8QgRv4Pw435vy54YizMBW2CRJUXJ1akR9qiiVOWk28aOBPb7tPzR4lPNnsykRAcUg4e61WXhndkOU7xiTYVj35RNDB2JUXCOpVf0qa3RR5bANA4dX6cL5kn3q1MTjjQvTEhMo5W9Os3dk3L4y3_ivXSWMqnW9hKU2m19GgplXYNrtwJREqWGtYvZKSpEKklB8qbBZZMLrmpe0GLDkdpPGVBOL6MSIw_9WIhsKZr0jupLwZEfyNgGyszPJANWrHkllucHt8Tmqd3BSNSY93Wdjh-OER3TVcTIi5Hus9qluwHZ2hDjusjQVjZSgxyy2ICLIsIzu8ccyDkpeUjrir0J01-e9nI6b9eIBq-JFVA4A_3TmsBGpIkIVpayUol5QQTo9dMS9WABXPPzJ5tEq2kYjARjFABACSFwjvz6jqUStTwN4AP6vIex5X9bib_6hHQbu2m7jAo-eewvUFDXqFMEVv654S3rUgzbn9DAwO-B3KHyQxd-rds-myem-NdaaoggqoMbmN1wUFJJ3lVrFrJcqpy6OHpiEMk3EcpJgytxhgpvRHx9ImR8hsyWW78y7vBcH28d9mTc-CxFhRokfmBWOXa1EApJxTLSBWH_I7mZTsTHHhLtbCAqeXSXu5dg0ThJeeXSEsVOa70Dwyptw4asp0nw5HjF9PO-xI01FxDeD7wwcL5wNEY1sBd5_GhVglSGs_VyFQ-9iyIMgR7k8tGZhcWVGtNXmjD_opDd1Tac-ZJIp0y4G9V5BskvQUKwZ2_nhF2gR4I9r7WjW3yO1Iv0FB2zQw3lqrwSi97DP1X8RLXnGVl04yrTeFaLI5TbWgWPg0qRCd3nGl-5wuscKxQjjjSVXGnSO3Xv2lHTouAVAqla_mEkp3jsNj1iMCxZgnBFer7ZvkvA6W7mDNVrJ-WCliBqH1yv4pUE3UQvpvL7zSigHlzaa2z9L7VQFmSVywU159y64bZfr8BhrSyspbVU7W1-X_jrnYCoF63vQ_hAZ-tDeQ00RfqnYkUwNMKrsEM7T4EllODgJ89zxsVmP8lm-qT9FClYiHs6aC1-QgEnk3P3cW0On-qrkoe-Z05or-uorzYCuRRCHBB79dC_4i4rjPrcWSddId_5gcGWn3MuUqyzFjXkLAmQ9qrNj2DRPs9kzmQsMEXR5bTUvP3bRFI6idEjFrncNwo3PmzDiut-D6eh6AJC_sZykA0QZzLhOdjVcx1dR8Bw8aslwu4qUe4edyZblyfhV9yqtz36QdVd94uG1_j9OPm8SrIwqCilKxXbxKuFWbEXfNeJHSvfA2pYLAeIiLiXF7cY4xB9gbAIIDvDBsZMlw&sai=AMfl-YT9nl3mznERo15PeGwEUAexmHfJgRl4Cxr-IP8GD8eVJ8wvKk-D0I80-dybHJryuQPC1WLMybfm46gdfSUH_JnNQ7gc-m5kfYpsbWlslc2wyx5kIJWUkPFj8zEkQa3U4NG-S6QwLf286dKwZkuXOmVOfhe-TfvyIX36w_Y51JQ9P7sYGHEJWOUGbbjKk2jueHVnxJyDCM8iqHxAYXVD1X6h4zcrzdN1MQ9T6N92EzwHtAoKMgrfMXPhdlaCtU2VMZYE&sig=Cg0ArKJSzKEWtRfrXEVNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=384&cbvp=1&cstd=382&cisv=r20231023.31374&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 05BE 38 KB
13 KB 43ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 96EC 38 KB
13 KB 42ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 568643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame 5524 141 KB
22 KB 35ms
34ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 360226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 14:58:26 GMT
expires: Sun, 20 Oct 2024 14:58:26 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E79 0
0 69ms
69ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuO7nPkEjH646_2zVW4k5LZZNlxAnF0zqCtaLZsCPz1c-YLnA7aakTrj41BgEUX3M3w81x4hEnEo2K9I0PHy70pvDdFYVmud30CG1LS8oO6VfTbS79WarKIj0niqfymGh_-Va8jzatkTlULkK7fVyOl3VN30rOq-N3MaJqAXUEIMW__pTIrZALX4Lbe-nmsLs2izRxajOsKOvDNYZQZ7eWxQHUCxlPO2-s0eoN1gDbvhCVkRWg4CuH-YvmjfQH-l9fWOhr-s-uOJWNBoag4JgRv7hCNKx9QVS64kPht31woaXTPuVZPhSySmB9VS9gaYAO9OjLaFIy5pcQmC61QEgn9qa_vle4n2QHYkTbI-iWtS7U4xG9dbZz1lnQKZxQ0hWDyiPokJS853GMXw7LS9lRxmUcf6GlST60LYc_I5LkHhggw4PL6k8C9v-xPBC7SY9AgfNV5urQUcmOGcMG9CxYFbU_5l3yCt5EQh6gTl64kD0NdvPbu9QPUw8GZ6zYBqtX3rEtwEybTxohDc-JvCdq7HmG7axMc52vRuOUB6JJfEX8t2vWNlUrKrCZItmWSOJY8wRtWfwyIdh3Q8Zk3lCEBL4uyhgf6AyuXU41yGmciVV0gqXZl6MyDqlIKKmYxlmD2E8tvO3TSuBCJmvHfTEWY1WvgePvc-ozU3MK5Uaph2eMmLdpQj0Qk8jUSXK3pM_TxEr-lVB8FMMlRxfMxDiSEtYEGPTYNgH04KmRfri9rNSyjIiV1LqodBNx4MRpFGzWtW8QhQfUb0tpZfFFnAMYAm0uVH5fdotkKOVBm_-HldUukP8igV03gszCEm6fBv_PoAtiCNC3hYPnI6CD7jjFg7k_KNlqzCKgHPYtSQZSEhKfSGIEJK0ClBBq5Uvt5l48TK0QeIusTVg_j8JTF151Hrk9mBwkMHUTrsFdT4URTpFYQdYyKfEElCAo1w4VuioVcLL3vAso522kI7gc703_KIQzqxk0TqOeOrfgMzeAL_ZyCgAPi4k-MmpTacWFSHEF1vS7WOW-cdmqKnt3-I_kL30lVrripn549qjhtp6zyymHbYpYP_Q3xNrgIU9mTDnNYt1LGKXJglfzpSbltbbNNbP1Yz_897I9LYsHAca3rYv-7-lW89gw2qVElD3zBMpzjvVo357vynwWkeGwlZ-SjqDwgnGdDSd-c_zRZiuyr-Y5zu4uIcaYeep4MC2IzpesN1jpShbACIiEAAhM6EK0fFmLh-mAqf17Uv9mRLc0AMLPSN2J_lNGnbKbkQJxIdb2Ei2FxBJuXTia8R9tNtbm0NcSEtd2hbkNgXO3nagD1fSara3_HpJKPlH1Iew&sai=AMfl-YSKIfMun4-0JnqDSLa17I0J-NQmHxfEVfapMsXj7sbMzFNk_eVX4n_ymZ_XoInKTBNOz3tvd5g2EDTDrWfnqFshZh2ZA--iSrTTCWC5bFSodW0CCizSHnhUZWtye6hcVi8ddWIE2Q6DYS6-qCtMA7qx6kQ3yXuidqst-yUnTINL5Yob1mCZ_DF8eI1qC3PEoHbQZ9FirpkZErySqwVPJiTQcfMK7Nvgk6fSrvmiiCxKF-jyIJUf5JK_pchWhrLw9I9S&sig=Cg0ArKJSzFID_7qE05RLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=249&cisv=r20231023.51092&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame 42FE 38 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DD1 0
20 B 130ms
130ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=By31CM2Y5ZeHOMLuv9u8P9uOfqA8AAAAAOAHgBAI&bg=!rq2lreLNAAao7_3LiO87ADQBe5WfOGSBvuCwSRD8eg4UPuniekOn05joRjGeGvCgFHYs0mF-I9nyJ1CK4ac9GHBZt1atAgAAAjZSAAAAA2gBB5kC-tu9Zqo7qM4WIPa0bK90hbDJp295Pvla0IeFkUojW5tcYfZkwYxjEAYxRLxDfGt3hoqX5tOALe0pnQQt1rlMUUwR-JvsvrxW7UAA4YPHUgGKDWgCq0HzMr5rgMI8ddMV9BrCKgVHDPUTLkKFgG7rEIRRfJqZ30i7ZyMDeKzCQ8n08_UECuLn18YK_yGvxLpvy1nCtLUfUdAI8IZcsUaxJSfmmvjwzO3SNjE7MJPvH2iuf9dUrhA65WVfBZE1-AnabNA7BPnb-zI4IhtdXHmc5nD26XKfJsHCD6BxltgzGn-vDvrS__0aHppraFKcn4VB6tyLs2I-vHYt4pXxkk85zXi4A2cXAa_-NsMOpTbEvX0bg161JKMuBvb4WwzR0v2sMnolP2lQpXne6KoUt7sADctWXiY48U5MNZB0KNu2vfxteIFFOaNMar0eGOboN_Qp9NWz66PRALkXEUuyxdvdw0InpIQ4DHm0wMkBl442oZP8ECTUpr0b2qCKWyxC0Y-qron3KUYsOliAxjkmQ6oZjX4nIj_6Nh8DFpWKVpR439OtzDvA-WxTC8nV2LgRlGvPEDTBpl4eSHDdCZe6f52iTMZA9jYhAnxUhp77bBybatk6EKSFgiS16wYcSTjqbcgUmzVR11TlrN3J2eTU2QZkAbtNGo8h18QAeExvvN5XcTW7OnF5dfoFkOeP58uNOwkDZPkax1kUJAfBngmAUooKE94BwntrBCD5f7p_f-h4VYwmyK_ZKNCtk0VTYlmKbJOfgkIURkuTsXMAtcAmaFedR6mn95-ROfbnDTMoxCGHiJ9JAnppZC_57g-5ZuwvrWNT7k991lQQlfvwOU5bhSNfUueLmcj-UJqBdUbr1MTvlhkWf6oE5PPDC1mE7STucrk59WTI2YuWth1sBsOLjPZfLLh-9W1C-gA9YVryanQrM24zeB2tSqr6jlP-RDWuBA6LB6mkRTWzdhSnrXzKqKF_E7qlF-STRkWxBjSB5vEHd5ZZrpPz4F5GTjIe3w

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame CF36 38 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3 200 _728x90_btn.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 1 KB
1 KB 24ms
22ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_btn.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e5af8a33b9e65da9de11179875c91d6f4db5cfc79e2e444d8a7d98b353400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 21:05:35 GMT
x-content-type-options: nosniff
age: 165397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Oct 2024 21:05:35 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 0EA7
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZcDxDKeT9u8P58WFoAg&cbFunctionName=goog_wrapCb_NGY5ZcDxDKeT9u8P58WFoAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

52ms
51ms

Script
application/javascript

2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZcDxDKeT9u8P58WFoAg&cbFunctionName=goog_wrapCb_NGY5ZcDxDKeT9u8P58WFoAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H2
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id: mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 181364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 23 Oct 2023 16:39:28 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: WdlfjPb_TZhXzbsmqTIZ6w0iubMuioTQxKt5zcaQizN_qcSqzBJPLg==

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZcDxDKeT9u8P58WFoAg&cbFunctionName=goog_wrapCb_NGY5ZcDxDKeT9u8P58WFoAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7327 91 KB
23 KB 207ms
34ms Script
application/javascript 2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 12001345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 0PGD-U52PSa10v0YHmAZKq60-0H-uergORlPC1dBwDlKtjHvoYUT6A==

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A0BA 29 KB
10 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 10:44:39 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F8CE 29 KB
10 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 10:44:39 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 5524 29 KB
10 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Oct 2023 10:44:39 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EA7 43 B
216 B 515ms
125ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=723ed8b4-9f20-6245-5a97-6aaf86e9a198&tv=%7Bc:s5uLqB,pingTime:-3,time:186,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:57%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:186,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:57,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B173~0%5D,as:%5B173~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C191*.990511-61634096%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d131%7C1d14,idMap:191*,rmeas:1,rend:0,renddet:na,siq:58%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EA7 43 B
215 B 652ms
264ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=723ed8b4-9f20-6245-5a97-6aaf86e9a198&tv=%7Bc:s5uLqD,pingTime:-6,time:188,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:57,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B174~0%5D,as:%5B174~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C191*.990511-61634096%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d131%7C1d14,idMap:191*,rmeas:1,rend:0,renddet:na,siq:58%7D&tpiLookup=ao:baiyunju.cc*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt29.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 _728x90_logo.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 693 B
720 B 27ms
26ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_logo.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be0aca44bad073453d3f107123dc563fa9f6d92889d2ef3b2b2d27a6a643457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 693
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B21F 0
0 60ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthsVElJgCHCDBfDXPfez1NhMYvror2HJ49FJxiqABQdR6pMKsw9fDZj7TCID0yM16UusXjnWEFSK_KToxsll4Ins46HneNjqeUsXUDANHecsG_SQbDG4HBKFZsKSBEdkJovFYTZANquG-uzXgPAsiAiepPfAa8QJXk12-jBFqFD7blCHK971GBn1PB4KSLSmSkFla2I8731bq7oo3G92VFu0p9QfRhV9Yww9KTpojQwUTbKWgLo5TOZIP6vkfYuiSQEIYrGfyuHnGDpX15SoGl6-wqCGRM26braQOFD1NEyrvm8TKod5484-oaQuEaueyf5k1wCNwLsvEeitDTTuAMvhwymbkuzbb3-pbkNaG55ODolKMeKZp6hxnsvTHQ0kzMorFj13Rqx1ySYvtV3umkVzIlDXuzbJ___VgaPD4M9P9_n9XcTjn1GXH7xOoArbeQBkgjp_VliNjP_9Awcz9WDEIzJPxBGM4iBLy2xscNWiz32-rhouzivYzlAB9TI5m86NJO6ajWa-GzM2i1nEpaeCj_lwYZnlI8aQ-l34i2ZXoRLPvm3BTejxvcmZdt68pozwFyhow0ynJ7cs9z7IIDkMmqbvMOGw8vUJ6lCfwR1DYof_HwRccZ7wqAAkbiQzC82CASmJMGZwXBgoDLqe3cVrBxMxXlyTN3FQJkiSTEBg-FqXsjczRQhttF_saHdYAWtQSUxWkohbE5xYZ7MFRloNNvz56aTVxa7lA5qy8q6nlVyuLWncJo9kYceQSk5l0kIMip3fPadFsugICC-Mt8GrHT1mliIdfM65L2UszXF-jC_j560B5LjYNek9i7PMNavk6ghYusx-Tynm0uQjFdJ4cNqEDbZSjjI9726DDL4hg0lsizWNhpkTD0RmQKsh-bCPlyI2vEKfuD3MLY5g-P8STQdd4rXlkeaIi2JdnC7Hj54wZQBTkOiLMuQj-DtB_4lBScsBjsd1MT4FR1YApNfQBkOMfCfg6fKxyvKaeAWVlboq094CF159oG4FLZxXnyePFSVrBSh7m5_4obBZnDV-U9H4rLjP6ZrgTXpz1xg2l6gVEi01bZItVjYUfyTDmuCI-IRCebH8mLRhHV1KlqE_UUFdq7zUY8J2kr_5kzdqiUh0EMEpsqCLIwk6fgcHc3ievx4JB9tzqhSaZAV4EPnA5akD81fcSFq-tAm244kpmYyHvxsUpQ2vowLMK_8-PBMLR_76IGY0mFdGkHR79CFs8Sk9N8yTsQ4zqzI3adBdzhLNixLZyovy6vH3DExJpqN-4ZeQOCrNVkNwYrorZ7Kt78ZcEd7caYErHSvQldnYRPuBMXaxa4h-fJHEHyOHCepAT9eg9u7XFFeeaX&sai=AMfl-YTo9QOd9A9adZC0CTNDFF33PdJoy-sl0ygajwJ3PTjsj12xMeUVP9njF0mFCGyQiKpBJ_XPgxiGJXPbu-OmQIojLLjvURkm8dVp5qXw7SqtE1U5MOK-5sx-TyuksUYEq_v8yitefqEac4hclNUSPhM1685RRF7QlEsxF5SrKQs3oG_iRexKyZ2NoWmpNw5WjdB8FEKvkwpGrhpgJzRZNCmPU2cc53jRMV4NL4DoCWT6KNjO4oHPgQvTgloWz4SbGbDC&sig=Cg0ArKJSzEb0lpHfOmvfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=765&vt=11&dtpt=422&dett=3&cstd=341&cisv=r20231023.90832&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0EA7 0
0 60ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM_ISbZarbFH-M9gZadjVJLESpHhNCuuEV5fwlKiOXe9aMLEF90I16Dcotctz9s85qKJOwX9NaWsqcbZQUNsqtUTHKnF4wkVe_cPfogxdTeUixZn0us59irZ7GZazAwhm7BYpBJAWO5J0XyGBhBeY3lpcIbR2SDBkvL9iUKEur4afrzsnVsK21Krt6L4PVD2CnJXIKtzlsVbMPSUbKLKmJ1arOatlfpBVMXYmk4kFcz_F_IuK6lmZSfFHp6xs2x3HLhefCPr-v6iEoQyA3Xy0fsKBp6w-UinBO004wbwBxAct0k0Tbn7sszJOTpRNWtDvcr2FkyxMQbpfmtyFo9Qb5qGHmyg4enmUPnaQ9eW_zZyVf2QTXSjN63SkAXZY_pUrZPJhD8NC4E4JGtu4X4moU-tfop6lk4h4Y8Buf-uNm-FbE4gX52Ke76FPwmD6WftYuW_CB74-Kmo0yHO8U-oBr8ZWpgSd6CmSxJhfDtf5rm8rnOeD4DX2ftrkebRzpdKmnVBodHDeSP-0AW-4pmhHlvaipmczZBUms9UFseZ96z5rI2W3O3ljW7-KszEW--KePGy_X3tR-Yhap4--NIy9FGQmaji7KEQpC189_67P6OreNXRubYG5nYbjb8r6QFWLEkjZUT_9tNrU5TWIGUVK8ulA3CJZ0ycpGIFgcr1LfsSV-tiV-zHonQChZs3iG2vTYyDtlPsxFYvMcmD-uY5WJHRsApDhyTBtthH2OhYu_cWyJwlXK6vz24aylsSCpBhTVcdVsb-seY97sPalq5UEGb3Y0bp5qi5CJGSSQKxC0sjkf-Ruit3YrpRqRw47f9Le5uaQla6Ny21bof48-A7FbIYrDzx_1UyQeX4U-uIC7XciGk93WnEM3IHoc7A2cV9b8RHd4p55V4H7vGI_bZ4OUoJ4J0ePPuvkWvTyMD6ThjO67jo-M9uoNE67hlXE2Muuk43-Ym_PzWzX4zJgkFuE-Sxch3eeXtmcUsiD9OIA-JMiyfYgXDVCeHFHknTX5kEQvUlz7exh8zEUtoigbiKnbTkhjUqBfP-HZi5MD1rgKgq3f509mIjGoX6nN4ReX80TaDJItQTiQe7scjzmX-ISbtuu3pCikvjQsaevBPFmrR3VJLuO-PPFIre0-f4mdkZJsZGRpILJXoD7w7yCLS16ENgJPcV8evQ7ntnE5r4nDNSQLFXsrBc_l1D31KdVkJdG_oAVMOeOq8jMrAMZuA0Mlohxgx3uYAnNQVHdc6ukYiw1yPJX1tm3x3f1iLtQuhF6MQMqFUbEvREXit_UgZhoZbhaql1toq-Pcng8reKARKHnwvpYP_vib&sai=AMfl-YR8GKmuGCW-p17ciymtyXbvOD4LolmrrtS8byw_vOPkurBDiUZuBus1uL4Np0KaaUeqfxzqk483XtVVR7JCPNrqWMFDadA7wSs_sni4a0dkeMpXxf1IOpCKletj9KTptuPBwBs3K1Wjlh6eFEZ3BRx7Jc0CLxDyLdlqqrBISX1RrFDF-NOI6tIxELo3i7miuJCfjOBVpcuUkRj-C9moKHney5CixHkp_J3WZ8SijFl7zPJOyLc9QwFhxVR5d7xeZyon&sig=Cg0ArKJSzGnsynoE7jxSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=824&vt=11&dtpt=420&dett=3&cstd=402&cisv=r20231023.46207&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EA7 43 B
215 B 606ms
262ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=723ed8b4-9f20-6245-5a97-6aaf86e9a198&tv=%7Bc:s5uLrm,pingTime:-2,time:233,type:a,im:%7Bsf:0,pci:%7Btdr:147%7D,pom:1,prf:%7BbeA:986,beZ:988,mfA:990,cmA:998,inA:998,inZ:1002,prA:1003,prZ:1038,si:1044,poA:1045,poZ:1069,cmZ:1069,mfZ:1069,loA:1174,loZ:1176,ltA:1218,ltZ:1218%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:57%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:233,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:57,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B219~0%5D,as:%5B219~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C191*.990511-61634096%7C1911%7C1912%7C1913%7C1914%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d131%7C1d14,idMap:191*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:58,sinceFw:173,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3216561584&pi=t.aa~a.3914809518~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3319&idt=1&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90%2C760x90&nras=6&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=4059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=Y7RtTiXi04&p=https%3A//baiyunju.cc&dtd=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame B21F
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZefAD9nl7_UP6MirkAs&cbFunctionName=goog_wrapCb_NGY5ZefAD9nl7_UP6MirkAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

46ms
46ms

Script
application/javascript

2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZefAD9nl7_UP6MirkAs&cbFunctionName=goog_wrapCb_NGY5ZefAD9nl7_UP6MirkAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Protocol: H2
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id: mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 181364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 23 Oct 2023 16:39:28 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: dKMj8pz1l7SJoFVdei0mSAgr3hfm00NDSMgAp270J9EkZhI52l-9JA==

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZefAD9nl7_UP6MirkAs&cbFunctionName=goog_wrapCb_NGY5ZefAD9nl7_UP6MirkAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C304 91 KB
23 KB 29ms
29ms Script
application/javascript 2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 12001345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: dYvNVojpTJ59ZAzN3L_ParQbx384Ft8mbIphrwkNMCKtIk2QJR5nHQ==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame CC07
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZYLeGL7L7_UP9-WhiAI&cbFunctionName=goog_wrapCb_NGY5ZYLeGL7L7_UP9-WhiAI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

47ms
25ms

Script
application/javascript

2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZYLeGL7L7_UP9-WhiAI&cbFunctionName=goog_wrapCb_NGY5ZYLeGL7L7_UP9-WhiAI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id: mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 181364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 23 Oct 2023 16:39:28 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: stwKq5xHRztE_mRP5I4WY0Qi0QNtbLOXlgGgWZpeyfHQKc2PIANL_Q==

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: app27.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZYLeGL7L7_UP9-WhiAI&cbFunctionName=goog_wrapCb_NGY5ZYLeGL7L7_UP9-WhiAI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2E8C 91 KB
23 KB 33ms
32ms Script
application/javascript 2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 12001345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: n2p4cnCaQ7qgNzsfXrcf3g8nWsLYJ5Nv_yvH7Ovxzq8kTE-gd6susg==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A5D 42 B
64 B 132ms
131ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstBPRmA22QsBXvQX3YVPZRAaSVwaY7JblPnao_cRlA-Z4Tb9QgzeXP56sxxd1AxOXlF82MiwEwx4AlwsZaXr1joXjihf3T6ULV2lL7VvdZRxbA9Z62UEN8PhBm9BJyARTHoTB_D1-U6bni&sai=AMfl-YSTQQQ4-1-PCVK-jaGIm7XDXCBCuxLhXoIkY9s3VqodEEQXjo3DoSOFqzvrPF5GB5aeFwKak8ezZq_20ndehhK3sY01TQ1BJtpaaB2jZj0vqiUhEDe9lsoRGLKzudMdPrLlJwqtaZsqZOyD&sig=Cg0ArKJSzMwmOTLacIKPEAE&cid=CAQSSwDICaaNCHkXQDw6Ortc35aAQ3HY4sQ594fTpo7ME2CM6Btw4JWFwh8VGbu52qWKYUbFC93pc_2sg1VaZ9Y74sSimJpls0GcV-3FjRgB&id=lidar2&mcvt=1114&p=0,0,126,728&mtos=0,0,1114,1114,1114&tos=0,0,1114,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.67&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698260531600&rpt=557&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B532 0
25 B 189ms
187ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BLXqANGY5ZYSLAb2U9u8Pi52AmAMAAAAAOAHgBAI&bg=!DA-lD0DNAAao7_3LiO87ADQBe5WfOKc6dWWblLU654d9tOaoG38tODZ1_tCWXNU0X8V3Zx3Nue13MyBtxlEkAZGtxaDhAgAAAkJSAAAAA2gBB5kC-1QYzWMR3apK4QTjmh4-NcJQZIJwGY9MTn2jhcn4m5rdlZk9LIQSY1vlz2dWcpogQYnXIEB8u0arrmB7mdqHGTsL4mBxi-k-6DBsp5hch4cguHy23BVpdXnR3caEoEqmM9Q-jBnogSo2bZMwo20-icH0IrtklSJBR0yz_K_DQorvLSaSJocFiSTeR7HGi2lP2zZ_bW-fcmfvtHqBql3ZHchPmsByzJsoMTk6v6aVM8mTYPs9D1mnjvZCIAmJDm5qsmHnmtHSycU6fJCTrInnEbCaTeEhCL3P53aVc08v2FiD2qG_8mXmhToCdj4pOlPczXrpcN54crGIGFFm7pQ4pGqSrROT1s10Tpc0oDOTPSpU3lY0RFD9uriAylUZOsOusivW-cd7sZZjcwpU-xbAbY2RCgDhor9RoF7yY2OzgZiELpZHx-iUeCsNMjMOZijBuh3HxGWk2X0FCN_bQ0ivxT4FrNURmzzon4teeiuKKjWEykP-HSTjO0c7ozg56W0Y812X-fsfG4OVvZuViMkzdxbElXiVzh20yC1RGWzvNO1yA4cBySiHcSSgxC7YvKdfvK8p_eoxulJmiuyAecsWEUp0_sy1IKprGKwrLsj0lqO7WELI9sNG7wfczBArOq5f7Xp6FeZZ1ZNlow9LcrLoyoWNgAHWqr8YF8KpOFQQ4J97ec-uCIxlNiE9K07FS61MXPJORxpo0IIGoUI73h3JfUi7mEYKq-Khq2ZG3eDXy1kehol2XgoLj63SpXI89hV9S-_2mFRvBJiogaN6NNfEZY2-O4jQtOGeZuCuTnu3cVPGMZt2lRqbgVYtj_yD3RlpXK48kF0ZZNkD4bl71s6HOSdEfOVhDyhpInEqiTPFx_t2KfYt4IHl0lSFiexqp7oKXR9Dlf9Ka-zQ7Bb0mIsgFg9TunJ1PTYevkr3jGlds5lqzxJUNE1iCckVdXAqGTQxmSatlsir21DT0f7KDKqwxsx06tN6-1z2yuaRBSJFP0Eg2XsQc1phIpc-XjI

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame D2BA
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZbPUGM6F9u8P8t-UoAs&cbFunctionName=goog_wrapCb_NGY5ZbPUGM6F9u8P8t-UoAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

26ms
26ms

Script
application/javascript

2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZbPUGM6F9u8P8t-UoAs&cbFunctionName=goog_wrapCb_NGY5ZbPUGM6F9u8P8t-UoAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id: mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 181364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 23 Oct 2023 16:39:28 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 65XuUMPb_WKfTZ1mk7QQPc8NYR4RwKXNXSYW1ZNd0hmyyNIY8_rNNw==

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZbPUGM6F9u8P8t-UoAs&cbFunctionName=goog_wrapCb_NGY5ZbPUGM6F9u8P8t-UoAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 55C9 91 KB
23 KB 30ms
30ms Script
application/javascript 2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 12001345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: rtOypNiTk4WES-XTY5Vku740xPaL6mDHHUOm1GI3uNovxK84KcjNDQ==

GET
H3 200 _728x90_t1.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 1 KB
1 KB 34ms
33ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t1.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff39cab0ad3ca8bc174726bcf9c7ef2e1de32ce43d0f786dcc94062a747e3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1082
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B21F 43 B
215 B 394ms
260ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7f3108b6-8b11-54fd-2ca1-f0345df2e2ab&tv=%7Bc:s5uLuD,pingTime:-3,time:201,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:202,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B196~0%5D,as:%5B196~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Ui+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:151*,rmeas:1,rend:0,renddet:na,siq:23%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B21F 43 B
215 B 387ms
261ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7f3108b6-8b11-54fd-2ca1-f0345df2e2ab&tv=%7Bc:s5uLuR,pingTime:-6,time:215,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B209~0%5D,as:%5B209~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Ui+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:151*,rmeas:1,rend:0,renddet:na,siq:23%7D&tpiLookup=ao:baiyunju.cc*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame 70C0 38 KB
15 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC07 43 B
215 B 372ms
263ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ad6617fb-96c2-26f4-13cc-8d85e5716be5&tv=%7Bc:s5uLv9,pingTime:-3,time:186,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:187,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B181~0%5D,as:%5B181~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Ui+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C181*.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:181*,rmeas:1,rend:0,renddet:na,siq:23%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC07 43 B
215 B 368ms
261ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ad6617fb-96c2-26f4-13cc-8d85e5716be5&tv=%7Bc:s5uLvb,pingTime:-6,time:188,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B182~0%5D,as:%5B182~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Ui+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C181*.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:181*,rmeas:1,rend:0,renddet:na,siq:23%7D&tpiLookup=ao:baiyunju.cc*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A5D 42 B
64 B 139ms
139ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0jjPXMQg-C2_Zspwre96GQy-WgMeVqq8hnJKUVZt0TTbZaKs-DYRpHnyoLH72i79Ofc4w2z7iPWX3egNlhWm7vhhEamct3bFKF0QBZAkoQIQAH8CWpSP2pQ&sig=Cg0ArKJSzFU8Cpl-PDL7EAE&id=lidar2&mcvt=1129&p=18,0,108,728&mtos=0,1110,1129,1129,1129&tos=0,1110,19,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=34&adk=3062569612&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698260531600&rpt=687&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame 05BE 38 KB
15 KB 80ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame 96EC 38 KB
15 KB 83ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D2BA 43 B
215 B 319ms
262ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3b0fc1a8-7692-5f33-82e4-82de7a272d86&tv=%7Bc:s5uLvD,pingTime:-3,time:130,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:130,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Ui+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151.990511-61634096%7C1511%7C1512%7C15131%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C171*.990511-61634096%7C1711%7C1712%7C1713%7C1714%7C181.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C1815%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:171*,rmeas:1,rend:0,renddet:na,siq:25%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D2BA 43 B
215 B 320ms
263ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3b0fc1a8-7692-5f33-82e4-82de7a272d86&tv=%7Bc:s5uLvF,pingTime:-6,time:132,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B126~0%5D,as:%5B126~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Ui+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151.990511-61634096%7C1511%7C1512%7C15131%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C171*.990511-61634096%7C1711%7C1712%7C1713%7C1714%7C181.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C1815%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:171*,rmeas:1,rend:0,renddet:na,siq:25%7D&tpiLookup=ao:baiyunju.cc*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 780F 2 KB
1 KB 93ms
39ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:02:56 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 780F 3 KB
1 KB 90ms
36ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:45 GMT

GET
H3 200 tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame 780F 8 KB
3 KB 90ms
36ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:17:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:07:31 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 780F 12 KB
3 KB 96ms
43ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:39 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 780F 4 KB
2 KB 96ms
43ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:33 GMT

GET
H3 200 728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 780F 36 KB
36 KB 95ms
41ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:38 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37294
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:38 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 61C0 2 KB
1 KB 94ms
41ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:02:56 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 61C0 3 KB
1 KB 92ms
38ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:45 GMT

GET
H3 200 tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame 61C0 8 KB
3 KB 92ms
39ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:17:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:07:31 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 61C0 12 KB
3 KB 97ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:39 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 61C0 4 KB
2 KB 97ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:33 GMT

GET
H3 200 728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 61C0 36 KB
36 KB 96ms
43ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:38 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37294
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B21F 43 B
215 B 316ms
262ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7f3108b6-8b11-54fd-2ca1-f0345df2e2ab&tv=%7Bc:s5uLw1,pingTime:-2,time:288,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1110,beZ:1111,mfA:1113,cmA:1115,inA:1115,inZ:1118,prA:1118,prZ:1127,si:1133,poA:1133,poZ:1155,cmZ:1155,mfZ:1155,loA:1325,loZ:1328,ltA:1397,ltZ:1397%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B282~0%5D,as:%5B282~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1613%7C1614%7C171.990511-61634096%7C1711%7C1712%7C1713%7C1714%7C181.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C191.990511-61634096%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:23,sinceFw:263,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3429564163&pi=t.aa~a.3914811396~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600&nras=2&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=HDT4PSOWH2&p=https%3A//baiyunju.cc&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 _728x90_t2.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 1 KB
1 KB 82ms
29ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/_728x90_t2.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ea63c90cacf953e3eba54a5083eeae0a4ee8e1b67fedbd594e7f3128eaaa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1055
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7E79
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-9529152553031266&ias_chanId=1&ias_placementId=20338656165&bidurl=https://baiyunju.cc/&ias_...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZZP4GL-n9u8P2pKFsAM&cbFunctionName=goog_wrapCb_NGY5ZZP4GL-n9u8P2pKFsAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

28ms
27ms

Script
application/javascript

2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZZP4GL-n9u8P2pKFsAM&cbFunctionName=goog_wrapCb_NGY5ZZP4GL-n9u8P2pKFsAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id: mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 181364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 23 Oct 2023 16:39:28 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: wZSjDNvEsdvxw_Davb0WQ5xvXij_K_Rb-73SdSGKBlzaPPPK678A-g==

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: app22.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_NGY5ZZP4GL-n9u8P2pKFsAM&cbFunctionName=goog_wrapCb_NGY5ZZP4GL-n9u8P2pKFsAM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5B39 91 KB
23 KB 33ms
28ms Script
application/javascript 2600:9000:21f3:ec00:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ec00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 12001345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 9qBJ0X2xBtsILSR2n3wXUTXciVrp_FjVBtCn0vpKnaggwQZDiJG6aQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC07 43 B
215 B 260ms
259ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ad6617fb-96c2-26f4-13cc-8d85e5716be5&tv=%7Bc:s5uLwZ,pingTime:-2,time:300,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1115,beZ:1116,mfA:1118,cmA:1119,inA:1119,inZ:1123,prA:1123,prZ:1132,si:1137,poA:1138,poZ:1160,cmZ:1160,mfZ:1160,loA:1303,loZ:1305,ltA:1415,ltZ:1415%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:300,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B294~0%5D,as:%5B294~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C171.990511-61634096%7C1711%7C1712%7C1713%7C1714%7C181*.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C191.990511-61634096%7C1911%7C1912%7C1913%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:181*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:23,sinceFw:276,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=861672672&pi=t.aa~a.3914808220~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90%2C760x90&nras=5&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=ddqUO5dEF1&p=https%3A//baiyunju.cc&dtd=35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D2BA 43 B
215 B 254ms
254ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3b0fc1a8-7692-5f33-82e4-82de7a272d86&tv=%7Bc:s5uLx6,pingTime:-2,time:221,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1229,beZ:1230,mfA:1233,cmA:1234,inA:1234,inZ:1237,prA:1237,prZ:1248,si:1254,poA:1255,poZ:1278,cmZ:1278,mfZ:1278,loA:1361,loZ:1364,ltA:1450,ltZ:1450%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:221,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B215~0%5D,as:%5B215~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151.990511-61634096%7C1511%7C1512%7C15131%7C1514%7C1515%7C1611%7C1612%7C1613%7C1614%7C171*.990511-61634096%7C1711%7C1712%7C1713%7C1714%7C181.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C1815%7C191.990511-61634096%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:25,sinceFw:195,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=1298879487&pi=t.aa~a.3914813343~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90%2C760x90&nras=4&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=JP7KnZ4eN4&p=https%3A//baiyunju.cc&dtd=32
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E79 43 B
215 B 236ms
218ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6b02839e-2b35-e9f0-a8bd-a1e33a7a4627&tv=%7Bc:s5uLxn,pingTime:-3,time:81,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:82,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67YY+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C15131%7C1514%7C1515%7C161*.990511-61634096%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1715%7C1811%7C1812%7C1813%7C1814%7C1815%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:161*,rmeas:1,rend:0,renddet:na,siq:26%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E79 43 B
215 B 232ms
218ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6b02839e-2b35-e9f0-a8bd-a1e33a7a4627&tv=%7Bc:s5uLxp,pingTime:-6,time:83,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67YY+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C1511%7C1512%7C15131%7C1514%7C1515%7C161*.990511-61634096%7C1611%7C1612%7C1613%7C1614%7C1711%7C1712%7C1713%7C1714%7C1715%7C1811%7C1812%7C1813%7C1814%7C1815%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:161*,rmeas:1,rend:0,renddet:na,siq:26%7D&tpiLookup=ao:baiyunju.cc*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E79 43 B
215 B 192ms
192ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6b02839e-2b35-e9f0-a8bd-a1e33a7a4627&tv=%7Bc:s5uLy2,pingTime:-2,time:122,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1373,beZ:1374,mfA:1377,cmA:1378,inA:1379,inZ:1383,prA:1383,prZ:1393,si:1399,poA:1400,poZ:1420,cmZ:1420,mfZ:1420,loA:1456,loZ:1458,ltA:1495,ltZ:1495%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTJ67Qv+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141%7C142%7C143%7C151.990511-61634096%7C1511%7C1512%7C15131%7C1514%7C1515%7C161*.990511-61634096%7C1611%7C1612%7C1613%7C1614%7C171.990511-61634096%7C1711%7C1712%7C1713%7C1714%7C1715%7C181.990511-61634096%7C1811%7C1812%7C1813%7C1814%7C1815%7C191.990511-61634096%7C1911%7C1912%7C19131%7C1914%7C1915%7C1a11%7C1a12%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1d14,idMap:161*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:26,sinceFw:95,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9529152553031266&output=html&h=90&adk=2437241550&adf=3930193421&pi=t.aa~a.3914810381~rp.4&w=760&fwrn=1&fwrnh=100&lmt=1698253330&rafmt=1&to=qs&pwprc=8643742065&format=760x90&url=https%3A%2F%2Fbaiyunju.cc%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698260530837&bpp=1&bdt=3318&idt=-M&shv=r20231023&mjsv=m202310180102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2214b802a57d9290%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw&gpic=UID%3D00000ca41eb784e4%3AT%3D1698260528%3ART%3D1698260528%3AS%3DALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ&prev_fmts=0x0%2C760x90%2C300x600%2C760x90&nras=3&correlator=8504770521755&frm=20&pv=1&ga_vid=1805518006.1698260529&ga_sid=1698260529&ga_hid=1913542126&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=2107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079098%2C31079192%2C44805914%2C44805932%2C44806738%2C31078301%2C31079124&oid=2&psts=AOrYGsm2n0RsVKGDVKAyBNLlM0kYhTvBNuK9eYeQy32nYi78U7StOH31l5RxxZFqeVJLWF1DujSpMf-9DCxmYrDnj9-oHPE&pvsid=1621882134783127&tmod=385490013&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8ctQ4741EO&p=https%3A//baiyunju.cc&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 splash.png
s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/ Frame E3DD 5 KB
5 KB 27ms
27ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/splash.png

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/37525695813651387/Programmatic%20Banners%20DE_AT_728x90/Programmatic%20Banners%20DE_AT_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 22:04:39 GMT
x-content-type-options: nosniff
age: 248254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5155
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 06:01:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Oct 2024 22:04:39 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D2BA 0
0 72ms
71ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuM80Qaj8jRECEMp7VKFz2N-cd89Wsg4GfA3zfWmF8hjmEeeAp93gVv9iM1WmPvSsxu42dw8Xqby4i4fTPYH_JeAPAttXcro2D8Z4gl_28fvJW8oq3K2VdtylYSZJD8OMMROQeKLOwqWR7SMjETf7xXUgMgGeZHDapmKp-tQaXBfhWElbi7WYFiDUzq7Q6-jcLgHhDVhKL-legAgnOp8-mP7mA7Zlm_ppATUxqroj6q6zMxELdzZqqqrKWaoWNX3BuWhg0N3cpZ6R7MtAuKN8i3QFoWWTEg_c1TEYsiNx0iXQcWgBzwRJpS_vValMqoSslycQ2IRRi3v2bkRDJtrGjC_Ap7GsPPYMQ_AhvECj4zeij2SDz6UvMTSyeh8fiLS3p0XzxZrdCDaz_gddlCMn3E9nfxNh1N1pLVW72I0UIeNOlQ4wSH3DepaHkmnv8hqMOHIJbw0OkPqVD8OL9-OaOrKE3gs-sDUbgX96q3vAXATmQxBQgP7fapUeJyfGESjneovLOKao21u6X99mNRc1buHnqoMIP5TdXif6d4dcc-7hIlV8jCsiMP4W8W4o3dq2aoT5oZs_Q-ruQcrJA_wnezEXi8LHNGDOQuNr1eYa9M_uVNaTaXoMWk4s1jHPH-SWlJh2pgrPcYaeZWq8H1xj-5tdAGYq6GU-fdJ-2FUy55rit2Qxo7I_2tFTkQKsW4VLhyevT6meLXRaHo1gOHUvaA33uPkTePjcuYARtGkfkE9BPPaqICDbQ8udjLyJdYJIXRQ4OLu7u4knFehES8WftSZbT1J8gP7e586xK-4CY__ktVCMZWiK3A67D08KdiRlEkXDOhyog0oRTzXGPO_mn76wD5tXov4rOv-D3jSAn26BBRdjNUd_jYVLt_C-IYTlZ0t_qVtT_ygEP5Sl6hEGrddSU--X11afLKNJuZ9rahNSf6ktistdKPWM_GjFGYVUhG9zGxMWWaTImskYCnvQ-igm-ms41V8Gc2fBtUzEUt7UwUd_Hgh06wWaqdf3_ci-CUFFAsmgMSJTmcD1A2PYu18aa6JH_W7QYnnoSh2zPPcPTMi2y6ls8Sjjv3JqMS8LG-9A_RGPfEc85n4iK-NSGvyj2mG8WAX8AiTB-REWFaedCi9egTnE9sGzwzc9nalSZeJIWte12kLi3-vpudi4fbiTLWeCG4cuhrCZIqG65dlcYt6OkJfGC7h0m8VPISnNJYFuEAK4nmwBAgoal8FUuuY-joWB0sG333H5rg8JD22WSEZaf_Uwz2XGfuk5qLVcrv5aKFp7sQra3y8XBcxMAOxg1K6NIkOTqViHNdIhbK8p5AkqXKhEXEs8Um2fh42GnM59YkI5Quv0onPiwnkQ&sai=AMfl-YRqq9a2euIm9QI9Xj7EgU1WhzWo1SbEOTX0rkOfTqkZU0TQuDeRAaqpKsKWbnCxhv5re0NYiNKDT0TYzhB7rzhNaLOnZEllaIZ_QqORsrtKtL8UBS2MVC3f5OSOpgRlJnF28v6ZPfEU98FhfJJhbhJHurv4-Gf2vU_XuJQG0Ng8dGNCaV7lJIVT3AVsOICgDfClwQJQ1PtGW6bO16NSNZyeVH9RUI2aeW9FXieSjGz0VgaDt_-YyNf2ujQ6DGcmIoKQ&sig=Cg0ArKJSzJWk0mlEj3sBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=992&vt=11&dtpt=724&dett=3&cstd=263&cisv=r20231023.92174&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E79 0
0 71ms
70ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuO7nPkEjH646_2zVW4k5LZZNlxAnF0zqCtaLZsCPz1c-YLnA7aakTrj41BgEUX3M3w81x4hEnEo2K9I0PHy70pvDdFYVmud30CG1LS8oO6VfTbS79WarKIj0niqfymGh_-Va8jzatkTlULkK7fVyOl3VN30rOq-N3MaJqAXUEIMW__pTIrZALX4Lbe-nmsLs2izRxajOsKOvDNYZQZ7eWxQHUCxlPO2-s0eoN1gDbvhCVkRWg4CuH-YvmjfQH-l9fWOhr-s-uOJWNBoag4JgRv7hCNKx9QVS64kPht31woaXTPuVZPhSySmB9VS9gaYAO9OjLaFIy5pcQmC61QEgn9qa_vle4n2QHYkTbI-iWtS7U4xG9dbZz1lnQKZxQ0hWDyiPokJS853GMXw7LS9lRxmUcf6GlST60LYc_I5LkHhggw4PL6k8C9v-xPBC7SY9AgfNV5urQUcmOGcMG9CxYFbU_5l3yCt5EQh6gTl64kD0NdvPbu9QPUw8GZ6zYBqtX3rEtwEybTxohDc-JvCdq7HmG7axMc52vRuOUB6JJfEX8t2vWNlUrKrCZItmWSOJY8wRtWfwyIdh3Q8Zk3lCEBL4uyhgf6AyuXU41yGmciVV0gqXZl6MyDqlIKKmYxlmD2E8tvO3TSuBCJmvHfTEWY1WvgePvc-ozU3MK5Uaph2eMmLdpQj0Qk8jUSXK3pM_TxEr-lVB8FMMlRxfMxDiSEtYEGPTYNgH04KmRfri9rNSyjIiV1LqodBNx4MRpFGzWtW8QhQfUb0tpZfFFnAMYAm0uVH5fdotkKOVBm_-HldUukP8igV03gszCEm6fBv_PoAtiCNC3hYPnI6CD7jjFg7k_KNlqzCKgHPYtSQZSEhKfSGIEJK0ClBBq5Uvt5l48TK0QeIusTVg_j8JTF151Hrk9mBwkMHUTrsFdT4URTpFYQdYyKfEElCAo1w4VuioVcLL3vAso522kI7gc703_KIQzqxk0TqOeOrfgMzeAL_ZyCgAPi4k-MmpTacWFSHEF1vS7WOW-cdmqKnt3-I_kL30lVrripn549qjhtp6zyymHbYpYP_Q3xNrgIU9mTDnNYt1LGKXJglfzpSbltbbNNbP1Yz_897I9LYsHAca3rYv-7-lW89gw2qVElD3zBMpzjvVo357vynwWkeGwlZ-SjqDwgnGdDSd-c_zRZiuyr-Y5zu4uIcaYeep4MC2IzpesN1jpShbACIiEAAhM6EK0fFmLh-mAqf17Uv9mRLc0AMLPSN2J_lNGnbKbkQJxIdb2Ei2FxBJuXTia8R9tNtbm0NcSEtd2hbkNgXO3nagD1fSara3_HpJKPlH1Iew&sai=AMfl-YSKIfMun4-0JnqDSLa17I0J-NQmHxfEVfapMsXj7sbMzFNk_eVX4n_ymZ_XoInKTBNOz3tvd5g2EDTDrWfnqFshZh2ZA--iSrTTCWC5bFSodW0CCizSHnhUZWtye6hcVi8ddWIE2Q6DYS6-qCtMA7qx6kQ3yXuidqst-yUnTINL5Yob1mCZ_DF8eI1qC3PEoHbQZ9FirpkZErySqwVPJiTQcfMK7Nvgk6fSrvmiiCxKF-jyIJUf5JK_pchWhrLw9I9S&sig=Cg0ArKJSzFID_7qE05RLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=939&vt=11&dtpt=689&dett=3&cstd=249&cisv=r20231023.51092&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CC07 0
0 101ms
101ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuiqGo8QgRv4Pw435vy54YizMBW2CRJUXJ1akR9qiiVOWk28aOBPb7tPzR4lPNnsykRAcUg4e61WXhndkOU7xiTYVj35RNDB2JUXCOpVf0qa3RR5bANA4dX6cL5kn3q1MTjjQvTEhMo5W9Os3dk3L4y3_ivXSWMqnW9hKU2m19GgplXYNrtwJREqWGtYvZKSpEKklB8qbBZZMLrmpe0GLDkdpPGVBOL6MSIw_9WIhsKZr0jupLwZEfyNgGyszPJANWrHkllucHt8Tmqd3BSNSY93Wdjh-OER3TVcTIi5Hus9qluwHZ2hDjusjQVjZSgxyy2ICLIsIzu8ccyDkpeUjrir0J01-e9nI6b9eIBq-JFVA4A_3TmsBGpIkIVpayUol5QQTo9dMS9WABXPPzJ5tEq2kYjARjFABACSFwjvz6jqUStTwN4AP6vIex5X9bib_6hHQbu2m7jAo-eewvUFDXqFMEVv654S3rUgzbn9DAwO-B3KHyQxd-rds-myem-NdaaoggqoMbmN1wUFJJ3lVrFrJcqpy6OHpiEMk3EcpJgytxhgpvRHx9ImR8hsyWW78y7vBcH28d9mTc-CxFhRokfmBWOXa1EApJxTLSBWH_I7mZTsTHHhLtbCAqeXSXu5dg0ThJeeXSEsVOa70Dwyptw4asp0nw5HjF9PO-xI01FxDeD7wwcL5wNEY1sBd5_GhVglSGs_VyFQ-9iyIMgR7k8tGZhcWVGtNXmjD_opDd1Tac-ZJIp0y4G9V5BskvQUKwZ2_nhF2gR4I9r7WjW3yO1Iv0FB2zQw3lqrwSi97DP1X8RLXnGVl04yrTeFaLI5TbWgWPg0qRCd3nGl-5wuscKxQjjjSVXGnSO3Xv2lHTouAVAqla_mEkp3jsNj1iMCxZgnBFer7ZvkvA6W7mDNVrJ-WCliBqH1yv4pUE3UQvpvL7zSigHlzaa2z9L7VQFmSVywU159y64bZfr8BhrSyspbVU7W1-X_jrnYCoF63vQ_hAZ-tDeQ00RfqnYkUwNMKrsEM7T4EllODgJ89zxsVmP8lm-qT9FClYiHs6aC1-QgEnk3P3cW0On-qrkoe-Z05or-uorzYCuRRCHBB79dC_4i4rjPrcWSddId_5gcGWn3MuUqyzFjXkLAmQ9qrNj2DRPs9kzmQsMEXR5bTUvP3bRFI6idEjFrncNwo3PmzDiut-D6eh6AJC_sZykA0QZzLhOdjVcx1dR8Bw8aslwu4qUe4edyZblyfhV9yqtz36QdVd94uG1_j9OPm8SrIwqCilKxXbxKuFWbEXfNeJHSvfA2pYLAeIiLiXF7cY4xB9gbAIIDvDBsZMlw&sai=AMfl-YT9nl3mznERo15PeGwEUAexmHfJgRl4Cxr-IP8GD8eVJ8wvKk-D0I80-dybHJryuQPC1WLMybfm46gdfSUH_JnNQ7gc-m5kfYpsbWlslc2wyx5kIJWUkPFj8zEkQa3U4NG-S6QwLf286dKwZkuXOmVOfhe-TfvyIX36w_Y51JQ9P7sYGHEJWOUGbbjKk2jueHVnxJyDCM8iqHxAYXVD1X6h4zcrzdN1MQ9T6N92EzwHtAoKMgrfMXPhdlaCtU2VMZYE&sig=Cg0ArKJSzKEWtRfrXEVNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1095&vt=11&dtpt=711&dett=3&cstd=382&cisv=r20231023.31374&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: baiyunju.cc
URL: https://baiyunju.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame A0BA 2 KB
1 KB 29ms
25ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:02:56 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame A0BA 3 KB
1 KB 30ms
26ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:45 GMT

GET
H3 200 tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame A0BA 8 KB
3 KB 31ms
27ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:17:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:07:31 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A0BA 12 KB
3 KB 32ms
27ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:39 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A0BA 4 KB
2 KB 32ms
28ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:33 GMT

GET
H3 200 728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame A0BA 36 KB
36 KB 33ms
30ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:38 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37294
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:38 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 5524 2 KB
1 KB 39ms
35ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:02:56 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 5524 3 KB
1 KB 40ms
36ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:45 GMT

GET
H3 200 tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame 5524 8 KB
3 KB 40ms
36ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:17:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:07:31 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 5524 12 KB
3 KB 47ms
43ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:39 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 5524 4 KB
2 KB 47ms
43ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:33 GMT

GET
H3 200 728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 5524 36 KB
36 KB 87ms
83ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:38 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37294
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:38 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame F8CE 2 KB
1 KB 47ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:02:56 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame F8CE 3 KB
1 KB 48ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:45 GMT

GET
H3 200 tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame F8CE 8 KB
3 KB 48ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:17:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:07:31 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame F8CE 12 KB
3 KB 48ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:39 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame F8CE 4 KB
2 KB 87ms
83ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:11:33 GMT

GET
H3 200 728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame F8CE 36 KB
36 KB 49ms
45ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:01:38 GMT
x-content-type-options: nosniff
age: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37294
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Oct 2023 19:16:38 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A5D 0
25 B 126ms
126ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1141842672304&version=m202309260101&ct=77&x=1&cor=6316967483219639000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 75ms
75ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231023&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e5c820f75dc2a22f53d3f105585a1c691b2acc0877d60e74b6617bbc36e6420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12239
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EA7 43 B
215 B 124ms
124ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=723ed8b4-9f20-6245-5a97-6aaf86e9a198&tv=%7Bc:s5uLDy,pingTime:-10,time:989,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698260533936%7C%7Ca03ab5a9054dff9fdfe0b009c4545e8c%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7Ca94a44650cb0c2350f8683ebfb9889c4%7C%7Cb5703afd2464a6f8a6e545657894c1f0%7C%7C7e917edd96c04c5597f86df9aaf67dac%7C%7Cdb3271865ecfe569f0fa0f915a6e3fd8%7C%7C49993e8906d63b14e3bc29d92eee8c12%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:13 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B21F 43 B
215 B 129ms
128ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=7f3108b6-8b11-54fd-2ca1-f0345df2e2ab&tv=%7Bc:s5uLDK,pingTime:-10,time:766,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698260533947%7C%7Cd43377242b3490ad92423fc6aab13ade%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7Cbced263965785d411709cc44b8def563%7C%7C54c1b83051fd1249acfd25ab6e13c183%7C%7C6ebbf7535c5279f46e52a64cddb4a3db%7C%7C84fb2a0d9e5ebe6399deed6cbb29941a%7C%7Ceb5f7849fa437334029320ffac9dedb9%7C%7C1663701684,im:%7Bpci:%7Btdr:652%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 42FE 0
25 B 131ms
131ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bu9mMNGY5ZcDxDKeT9u8P58WFoAgAAAAAOAHgBAI&bg=!CAulC0TNAAao7_3LiO87ADQBe5WfOEDSc4K2gHjOrChGJn88oeeSGy7xob6NOR2rZkhYEvctHefb3PmzpBbwTwj2sxGPAgAAAgZSAAAAAmgBB5kDAN239AsJhSCUhPczqLS0t0iXYSKgHdmDWbIqEITAuCasK47HheXV8soaJNBN230kTddyFfdZy37FraZIO1B4XJ58OIIuhxSCmgNxJdQ_LPUFcgRKgDvFPXSH7ejdXEm8qFEpMSfb_GpVJ2RFXsYi_inuIq17Inm87bHPDfaOxeEITMePpXnZz5a0B6rV1o7zF6BDltwFjR7z94M7RT-4lPB1tMDL7WECHcII2w74JxRnvYJ9tB9d3gvFR2njs5PUtWHfsWMX3SKh60vLcs3Xzjs-qtBw5Olum9ZQK8ZxXbLS9rv8hgJeY2Ahau-gCSz_FMkb6t-MZglrmH8CGHhB4D_-6YsykD2tLrmdZRoDN2bCzUZjSO6_HDjHSVSSuzwVWfg8qY6VHF7MbsmuttXHfnTmPYFHVxoDj_2RBDNOwMV-Hx4BzaHtYz90zndDrIq1kXZzHFJhM-CtRJ26FQRLqhNHgv9rZG_KINcHLvSlQwCgUgsqUIR2Q0fXEmfBoLSEYwWXgHkv2zeMZO-t8pEDSxC-CzCo7_WJ8rfVf11zZRIh7VfPpVp9g0LUD2EguI9mlStVO1GgV1aCSwh4fy828k5K1CVlsS7SJ5EWYI8_bYgunASY9MdpyBJYBgCLIL6viozTBaxBrLY9tauiqxGm3vnNgb9i6llynd1dhOF2NeE-UpHVa7-vgyfCZXKpNoCJz_AozDnliU6tKUZbfAtJ7S8dUzMM-P7xz0OesK4nAIsHHSpznPXfLdZWaAv6MMlfPnVB25B3kMN2PFrsDGjMpQqoEl1UzbFno4YfcUKL-RC6xWbaSDclt7eRLgwAR3Tfv_Ju8L-77SwlkNWre7ldSfDtUPOzCGI6BoKuWNl35PM0svuARV---_6xhOAwrPobf4Ygc5K00-WpNBWdel3KXKZqRwKjbbOYfJfZJjX1RjKCz5z4hBRzhdF1rFkTTgipW6MAtmmaWe1-TTFyVTG66fe2RNI5sJWb_s8ki8tNpEC5K2zxvObNCoy2f4emktmTjw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC07 43 B
215 B 124ms
124ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ad6617fb-96c2-26f4-13cc-8d85e5716be5&tv=%7Bc:s5uLE8,pingTime:-10,time:743,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698260533972%7C%7Cfd91bfd21a1dbd3cbf6b8ba039165d16%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7C69277fa44145db2ef22db7b0d9ad5c33%7C%7Cc78cc74edb4f66bdb828ff6a3f91dc6b%7C%7Cf3cf71dfb9dc60ca03871c35954495ac%7C%7Ca35b432093ff08ed6174fd2ad5967592%7C%7C8d1d9cfbe2a3f193d6743da1dd624c78%7C%7C1663701684,im:%7Bpci:%7Btdr:365%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D2BA 43 B
215 B 123ms
123ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3b0fc1a8-7692-5f33-82e4-82de7a272d86&tv=%7Bc:s5uLEw,pingTime:-10,time:681,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698260533995%7C%7Ca884e147f1b872ed17e43621ae3116b1%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7C0ddee2973cf6184917ac60967dd082a9%7C%7C53323f53679efedf0df3f329c310408f%7C%7C001f1cd32c86ba5bda9292a40023fbb1%7C%7C83ccb92c0a884d050b5fe58e55dad296%7C%7C1515d080be30bdf5157e66a7d32064de%7C%7C1663701684,im:%7Bpci:%7Btdr:276%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baiyunju.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 19:02:14 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7E79 43 B
215 B 126ms
126ms Image
image/gif 2600:1f18:1aca:4282:b37c:8600:2034:3140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6b02839e-2b35-e9f0-a8bd-a1e33a7a4627&tv=%7Bc:s5uLFP,pingTime:-10,time:605,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My4xMTcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698260534077%7C%7C592d7338556d6faff2c1924e005f0b1f%7C%7C2a46ab34512a4512731c109fe969e5e3%7C%7Cfe547db21409dad48478babfb2932f9b%7C%7C59753e9a0864dc17f3be1b9d783d7589%7C%7Cd62e7e8517280c2abacd5064845ae020%7C%7Cb9257097ca07e60f5f0e8c4b6704393d%7C%7C6d49a512140a9c1a583bdb7131155fb7%7C%7C1663701684,im:%7Bpci:%7Btdr:118%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:b37c:8600:2034:3140 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF36 0
25 B 129ms
129ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZ2KoNGY5ZefAD9nl7_UP6MirkAsAAAAAOAHgBAI&bg=!5uWl5arNAAao7_3LiO87ADQBe5WfOMiL36s35r2n2M9bfFhX00KzFNxKVyHKV87yZYdA__xDhBN4-szxurFvXVCq5ZlcAgAAAm1SAAAAA2gBB5kDDicVu-O2G-GKYC0iMZlaUTFVb6iymV39sCrPfI5AdveeoOUXHILM_KDCC5ejOGTsen375j1wIfaZao05O7aCIsiSCAPium57UiT-c5OXkcMWTBm7fCdRBWuwcEgR49Jk85fRSp3Km1tWfF9s3w-Nmech8Jmk9k1G_kBjJMSzpMErFXTe26O47qD3v1wcXKfboXvF2KMqM7VZw3qujnCWyqZYGZN9vvhSDDdTCV_xOEgt2z4RnppDG6Moe0hlBW2QL_q1pSac_L63pcMCVY7xetMFIGf6YCgAst57zAlU1QLvihBfdsGn8M862YDOa9pcVTB07Usk6u32BWSSBv8GtpksfN5tD3-c6erPK7sfPzJwDsTIU4Uj--pn-QdLY3PaNRgFF3Tj_jPnsqUD9KLDprHWseMVcnKjy542BzRMELO-ocEZzv08sPA6HHhCZaGLCkrWY5TbijoMR-cmvPknEf0-QHUYKL4Hf02VoMwuZxOPfx64lYau7zgqNgrO4T5x5b5VtUdVkHet5XBiqtBsCt9YXfz3hSL72T4AVlG72TaztpQgOeDk_93nnQppfMP_D91TtCTSdeyjOexha4FQHTOjk2a81BbFy7A_pD3s4_mNSyMCwsSrc6jzkSj85k-y13ULee9xlbIitGPijeidCsPJ3nEulQm6lyPc13Es1CG5UiabuqgBKzPxzxs9dDXBjlfbe4lMdNV5E_D-pAmgfvztkAaZp05pG_bkbtyBS7XOoPdo1Gpub-VGYJkWJki3bSekiyhH-H31qt4foII1NFaZ7iy682wNBwCLWwuXh8jv6ie6kQGxWMSFOJ8Wllobk3_sEW6sWtGG-L4VG0GSlid9wvz0pRJWG_T0tZnSVKJ3WImRi1Y9S72L1DlZczFZ3zqwp96aT8qRS1O9YLNRitxpKrUF0MkqWxTQ9q45ldF_8AICFOOxUJLb_Qt-25rHIphCMMYHltufVex6YFuc5DUM2N4tM6h-k1n9AVBsU8pEigGDY8mfXxIJ7eQ0Lgm-12pRDu7fWY76vd7mM7ZR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05BE 0
25 B 131ms
130ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfK-BNGY5ZbPUGM6F9u8P8t-UoAsAAAAAOAHgBAI&bg=!q6ilqOfNAAao7_3LiO87ADQBe5WfOFPP0fFo3UYV9ve8d2gg6FJi1TqmZqu80JfZFQ5iNdQqcYUp-R6OdRVIoYmvMY0RAgAAAaxSAAAABWgBB5kC-bdjattn-xqm5Jmi1-3hEZWdjw37JFxavt6dvKkh6LOwxFCV-sexMLnEFq6I-5Twu2-s_WuScuzD2GK6PFrO__Ao0CxnZU74ou1lA4JKAbnKA_GIiamyPcR-IAXJk6v33Wy5otrVGzRM6hiEaVU47gXDVG3yep3cDxw1b7SxYATeEuPBfBuiUrk36vPCxlakfiZ0S9t5hazubX3Z2u_XH7vVo6b7Uw3nYoI5r_bEJ6tT23kFVj_51pheshFQQYnIITDNG1j43YfFEFst9YrKicoDt_rayTRe826paWmjavlPG1hcK87OGNgn83hiFV3TEv9hhE7SDFUyccq4C0fpQAiY8T82zXhMXpEEnVsE5oTJBZ4G0jdOw-H7nhBDJDPHEtiHC1E3eNzGmDcAtkHm1EuQdE3wKDM61wayTs_gTU0hgqBTgHBlq8MPjYq_3iWrSlGduVkIvD19DSPeBhSM024wBteiNe_Gwa2T4DB_ZDdVqRpKAdy0ybBEoiaXrmg8RN_5bzanwQRhLLA2ic_q6p5dM5FZWg7DyqcBIZ3cOJWgZAAVoVXYTYEN7PQ1BbxAoUhbHVRRyIF_lwoWFib9g2g6JP2mUGBR4jw2xj3nLlnlEL7GFSsMoXj7oxKnJDEh37qL0vTUiTFM3yBFNuI17rWR3CGWTV4mbegbiElIPpX-Fp3nlqAdKJTCZRDSxUFW5ItoGGiOpubw34u0DwXqG8ig02Jbqn4n6gq_NwwAUgOM-7pjyIAW2iICyiuNwcF6EZnTw3dwi8GflLNc6mKO-dMEoXHMaQsPsWTokQieYRrU09WyTkRYj6jL-Pr1yH141KijusmM32jKnW6Ka2PBapbJ57gILomBFvGvZ6Auo5MwbZ-nh9z6bn-cLaSz15tf1UMRhk4YxCVjtEUhSTRms1ca5pKfksnEh2bn07RtPOpAXoT0I5pottQwCk7iGcVqSP4jdBnqKNro46ZG0_NZ_05Gtxeo_W2ww6n8GXl1aVVB-QouwpsFy2N2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 96EC 0
25 B 129ms
129ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bj5AlNGY5ZZP4GL-n9u8P2pKFsAMAAAAAOAHgBAI&bg=!GBulG1TNAAao7_3LiO87ADQBe5WfOHXmNnaZ0laPh48ClIejOE0VItitfKDxq9iCnqz6J5QbCKyEpx20aonPOtzqTnyiAgAAAZ5SAAAAA2gBBwoAb1IfDpPtRSbG9V2YA6NzYsfIAGLsNw8k-drkVvjuJukLXB1I8Eje16f6GLmqqVz510i6fWQDpa5VGHKif8YMqYwORa3JXxRV4munkuxe3q_AuLiKjgbnDcOyBrLECJ9_AAgAVVMAtnUv4h4GdnYShZkDAl4Rl5BklbMsAtVBRScdLLpM3dPvfn9Kp9mEubr7mVVMMu2iRbRQfX-enJgJAOuINL0CsnjZ9ZaAoPGke9hS-CcZL4b41Y0Dg2rEW74zR9aHCfbamL8_Uoiln5ucnDUo3Yf9aB7qEzYneBWug-4AfJFebXyBjg1llz-MrH0A6FLvCOUbyOMSCjjUS6VyIJtOO2HRttOUqzlLSGrs2hAK8zLfvxmJLA2dBZW2wVwA_d1m1Rad7jEllrEN50fOTfy1Zw8nOteGI-GHxWHQ-qNifud7flDJf3beNpsflvhKoLZeha8QpkMBuTUMtRoGbkh6cP8cuDh9VN8asOAEHqMDd5nV0_JG7cqsp49sEuge8NGXWVlg0sOxDw-DOdqCC-6p4Fq9Q_J8-z9xK5CQZqGCes71nG9KFPUH1irDnP7x72d87xgT6THTVUxmRiIARCussND8l7gQh0KQbB0h-zUESIjJMCPRICUQaSs7CG3LTd9zqi2sb1MBIEvb4QR9V_udlog3AEkf5E8Bm4A5QlvwTPGv8D1tSMLejV4fz2RsWKET9NexORFwU7Kx0SXraqkr_W56wZh42JIUIGvUrNxU_RLCExkX68lp7fH5UQeyvxlmkBGL7TsUK5lhivwFqXNpPF4yTOX5LS27H2o73hlZl_DdQXvUb4f3HYS6PyIE3AOgJ3Kjh_3P47uAPSe6l9iodE3VL9q6VLPDzlSwY2n0YKEZblvJy2C95YmrmJ68mF0VMMspcIhbBudX-tv4Krwrevjti2KrcEg7viGQU1Lf52mZk4ayFImqeEO3j0fAVIE6xNUHsrXwphe1eJ9Ll1BF9YP4iYvLc-HnsoHOsMBm8Sn2SZj6RmsHniNJOgEAj_TS56E2P2RKH4SBO4TBY_aSnzfs_7eE57uGXpNR00oEf7-77HH-er2jA8rER1sGhI1_VR21Vjin8W0Vv7WHrazHtjKjHkWSmTpMbX9qwUT7F8vN_KLcwVWVp5RNd6YW09bDk3UVhjJg8b1ri1Lb08ESp-tr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70C0 0
25 B 131ms
131ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-_hjNGY5ZYLeGL7L7_UP9-WhiAIAAAAAOAHgBAI&bg=!q6ilqOfNAAao7_3LiO87ADQBe5WfOOXOd5Hc7viBGBV6LaorLm9JoN5aBD3w0pTW-WYss93CmADJtbHScIbKYoibETbmAgAAAeJSAAAABWgBB5kC_N2fjCyXwiU5cw0XZwu4PGjbnlfXq9_uha5T69LiwFeYQaUOmyv9gn68zA_L9Uyqxa5jGF9r36h1GlsTCujcTzvk9wEBtNZlY2fNlAKZYULityj6tYZ3__YZh3UBKHwACSHcsipZ108wQkvoNE2Z4FHYfK3NRTy8AahG3Aszp5AZpcyeNA0llv1izbj1qFwO4odETFFm18OFv3JVJhoSMinHBYpUxqGjkkCmDOev5laNS84l4F2jv_sOOUjthIkpnqaPyN4lUdD7frnWr8-WC_HJZcQBhA5X7D5RqvAeEX-0MHsTHInot6uRgEUSgZpq-yixcDry2p2Ykw4L2Ro69-TgBDYULgvsdpOZzVATLCgeRsdyyW6TNDNNcO0qpOBv6dtfNnqsvhBpyBE9ln830BjYNYtZZ4W1d_WekYxHD5WnfRBScngunrgT24UNXG5g6Z0xAgpHUeIghfie5S5hQdGXiIgBhtlsvaTCj0ETHJIjXUntJ2wcXLhLEmvYHUX6UFGPfYVpSIy4gmNH-E40CPWkspDnKAPKflPrZG757W17hkCbRiDNQ8gX0EHGZl2TVbqy0_Vzn27lSwkSiqlYH8nbfblZlQvS9OjcotjKHNVOrcOz5yy_nmDINo6Y7KbBpXJhkTwnZP4W4ylU1fbE75BYnC864HmzYwpXmzJEzlyiInBeBxVgHlsV6B7GtQndCzEfoxob5WOup9qotzZWX4K95Z4v85djytI7rzQ9Co7p6aSicb3b8hJBF7XZlzdBMvjnUiZsclwmZsWpfa67FBUJ24sUV_U1SJXcXOa_SKWBiV4C5jXRw9QXt9_IjjM8FGnxWCN2a_bG0k-sJUUTa-Bbs1u_daY_mImTgtMFdV-FUN8HI49Yuh09UdOkT1J9IY5fP6vVZg0edVmhH2I17StaQ7hO30th-2Y1WG1YNsnP8cvVd8cIpveUCoak1bAU8_oMAspdU7RVq_EQonkDi01eIKGEaQGzYYj9O4yaEMXXZ8_4L4Q58lPGRIi6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36E4 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 16:51:28 GMT
expires: Thu, 24 Oct 2024 16:51:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4480 829 B
560 B 31ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90af1f468a6c650ab4f6b01bba88b67d79b72b5759134eda0b2bbcac875ab68d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--7SW6vvZ21Yvd3dtF2fNvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baiyunju.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--7SW6vvZ21Yvd3dtF2fNvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:02:14 GMT
expires: Wed, 25 Oct 2023 19:02:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4480 0
0 125ms
124ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231023&jk=1621882134783127&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame 36E4 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 16:51:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 36E4 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AG_WDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 19:02:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECeECGCFu7haktb1FNbltg0&google_cver=1&google_push=AXcoOmTXV1SYXrI3X1SY_d-JCAKBX8VovGIk7FdsYENBRN7K5cWUI4QPra0s0QRiz-Kepr7pca29ef7ANrssPYr-wLfBHRutNsbh5cU

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baiyunju.cc/	1970-01-21 01:20:20	Name: _ga Value: GA1.2.1805518006.1698260529
.baiyunju.cc/	1970-01-20 15:45:46	Name: _gid Value: GA1.2.762038622.1698260529
.baiyunju.cc/	1970-01-20 15:44:20	Name: _gat_gtag_UA_39765619_6 Value: 1
.doubleclick.net/	1970-01-21 01:05:56	Name: IDE Value: AHWqTUkobTjtE2PuOTSdBLUA7t5g6cHTpBaFm7LipDI9VjqRk2iEGtOEk4Mfv48B
.casalemedia.com/	1970-01-21 00:29:56	Name: CMID Value: ZTlmMRsANWW34YGt4cUCswAA
.casalemedia.com/	1970-01-20 17:53:56	Name: CMPS Value: 5243
.casalemedia.com/	1970-01-20 17:53:56	Name: CMPRO Value: 5243
.doubleclick.net/	1970-01-20 20:03:32	Name: APC Value: AfxxVi5aq6x-6Af0QZO_8W5dN4HRdYG2J_g2A_UBCcfw0xTwpTOQBg
.adnxs.com/	1970-01-20 17:53:56	Name: uuid2 Value: 1057681054695505085
.baiyunju.cc/	1970-01-21 01:05:56	Name: __gads Value: ID=2214b802a57d9290:T=1698260528:RT=1698260528:S=ALNI_MYTaMSGQKn_SvbjPENv05-k9LMClw
.baiyunju.cc/	1970-01-21 01:05:56	Name: __gpi Value: UID=00000ca41eb784e4:T=1698260528:RT=1698260528:S=ALNI_Mbs7ZPJBwMD4qGh79acXdmMadIOkQ
.adnxs.com/	1970-01-20 17:53:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ileeu_2!]tb?8i_iqf!oN/@E'zz<Z0Q@z9hG)<08/wycQ)=HOgKMRSyw+F8F>h<>TD._*PlZ[C[-kX-=Sai3
.doubleclick.net/	1970-01-20 15:44:24	Name: DSID Value: NO_DATA
.travelaudience.com/	1970-01-21 01:16:01	Name: _tracker Value: %7B%22UUID%22%3A%229F201F4E-491A-405C-1648-CDBB93023730%22%7D
.adfarm1.adition.com/	1970-01-20 17:53:56	Name: UserID1 Value: 7293973445047613594
.turn.com/	1970-01-20 20:03:32	Name: uid Value: 3692627956533167828
.ctnsnet.com/	1970-01-21 00:29:56	Name: gid_CAESEL33atUr1gucioMI8b6S81M Value: 1
.w55c.net/	1970-01-21 01:16:01	Name: wfivefivec Value: nQRmXktw1QVJ8U5
.yahoo.com/	1970-01-21 00:30:18	Name: A3 Value: d=AQABBDRmOWUCENZvtGd4yAf92_4sbXEG-Q0FEgEBAQG3OmVDZQAAAAAA_eMAAA&S=AQAAAhqLhAgy2sBHMBhzea7gcsw
.w55c.net/	1970-01-20 16:27:32	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-21 00:29:56	Name: everest_g_v2 Value: g_surferid~ZTlmNAAXThVDqgBV
.baiyunju.cc/	1970-01-21 01:20:20	Name: _ga_0JMHSJRT0D Value: GS1.1.1698260528.1.0.1698260532.56.0.0
.ctnsnet.com/	1970-01-21 00:29:56	Name: cid Value: 728813a23c9947edb5f564a53006040a
ads.travelaudience.com/	1970-01-21 01:16:01	Name: _tracker Value: %7B%22UUID%22%3A%229F201F4E-491A-405C-1648-CDBB93023730%22%7D
.e.dlx.addthis.com/	1970-01-21 01:14:34	Name: na_tc Value: Y
.blismedia.com/	1970-01-21 00:30:00	Name: b Value: 653966345043EAE588D0ED0BBLIS
.adform.net/	1970-01-20 16:28:58	Name: C Value: 1
.simpli.fi/	1970-01-21 00:31:22	Name: suid Value: 20EA50D646EE452C9E3151D7F4A116C4
.adform.net/	1970-01-20 17:10:44	Name: uid Value: 7280721415355873845
.tribalfusion.com/	1970-01-20 17:53:56	Name: ANON_ID Value: asnoeUxZduBmRApTpqhfG4K1q3PQtQ65qfFEPsRxZa
.addthis.com/	1970-01-21 01:14:34	Name: na_id Value: 2023102519021300051877666406
.addthis.com/	1970-01-21 01:14:34	Name: na_tc Value: Y
.addthis.com/	1970-01-21 01:14:34	Name: uid Value: 653966355073fb27
.addthis.com/	1970-01-21 01:14:34	Name: ouid Value: 6539663500018d1d3f196fca73d062b8f28340f99c7a22aa3df2
.dlx.addthis.com/	1970-01-20 16:27:32	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 16:27:32	Name: na_sr Value: 20231025
.dlx.addthis.com/	1970-01-20 15:44:20	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 16:27:32	Name: na_sc_e Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDUPQsR8AOieCYVV7qYZsW0&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.travelaudience.com
adservice.google.com
at.alicdn.com
baiyunju.cc
c1.adform.net
cdn.lamp.avct.cloud
cm.g.doubleclick.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
match.adsrvr.org
measure.lamp.avct.cloud
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.tribalfusion.com
s0.2mdn.net
sp0.baidu.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zz.bdstatic.com
googlecm.hit.gemius.pl
sync.search.spotxchange.com
104.18.26.193
104.193.88.77
142.250.184.230
142.250.186.66
144.48.143.107
151.101.194.49
163.181.92.148
178.250.1.9
18.158.5.115
18.239.83.125
185.86.139.104
185.89.210.101
2.18.161.51
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.212.162
2600:1f18:1aca:4282:b37c:8600:2034:3140
2600:9000:21f3:ec00:8:48e:53c0:93a1
2606:4700::6812:18ad
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2006
2a00:1450:400c:c06::9b
2a02:fa8:8806:20::2010
2a05:d018:d29:3601:865d:cd9c:e13b:6712
3.120.0.219
3.71.149.231
34.240.213.30
34.96.105.8
35.186.193.173
35.190.0.66
35.204.158.49
35.244.159.8
35.71.131.137
37.157.6.232
51.75.86.98
54.78.81.175
58.254.150.48
69.192.160.219
85.114.159.118
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
065a805274aa9dda80a209a37391d6d65c0db66abb7fbdb4877d1a5c3ef8bfae
074555b112c4b15138bb22be7a563f262075a91cf55542030312d92132251d20
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be0aca44bad073453d3f107123dc563fa9f6d92889d2ef3b2b2d27a6a643457
0c53c233c8012aad0cddc4231745ed5c3c74a12dc7825603881644f4ea10da76
1061f0f0ffbb0678b470b1c7a25bffb45553ff64cd5bb4e9307f56b02ef81f81
13ea63c90cacf953e3eba54a5083eeae0a4ee8e1b67fedbd594e7f3128eaaa1f
15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a96e1adcf4c983adb11ab0630b46def46d9025cb364cb375829c70959f22ae
19ed2db4b8d7d3ad488812ca8c5c4af9a446a349b151267535f72f85dfabeffd
1cc933a2cffa5971635779412d5ea0fcd6d3d7950271c6784c5e44c0a76c8beb
1f36b8f709471a74ebfd50893129f95ce2b99e238abb61678596ae62dce22e33
1ff39cab0ad3ca8bc174726bcf9c7ef2e1de32ce43d0f786dcc94062a747e3c0
23396d19473b96e969de2f3a631c0f6c6624bbb3b63030f19edcd13a6976ce06
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
255c8f919e0770a01437d6f898f7a57872d0e4a5f58fd4ce5e0e05573247b6e6
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
295ccdc3df31e9d6e900d9f625393b930914b5b0e1fe306f2cc8a90da0671e4e
2b58931984824cbf5abfc6b946838b605fd1861812cbf91cbf941af42fb0cdf1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
2f6b3ec28a1d7b69953e2eeda4ddc2a0739434199bf59b06a1d13a77a3230219
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318fdc7810570346d657fe4d3f6e94d233b0e9cf887617c306e17a2399f1df61
323e5af8a33b9e65da9de11179875c91d6f4db5cfc79e2e444d8a7d98b353400
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34919c057f7b9564b2788b1996fdc16587e4ec7c0bea30d460be08f30390ce5a
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
385401bd6a6bcd0c8d610a1540710a94a3e248299f71309cafacb6d6e6d7af34
3886aa7f5e3da451738276d777fc8f5c20225032caffae8ba0315c25de877693
393b3fc949730680c944764cc6958127a643827df45371084be0d9ce56aa0ad3
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
40c6cba32bbf3544acfd384bdd8759282c593ad74a57e0f213f34ecc301d9f61
424a241cd90964af9b5cdafd556cb73726bee48844cc096814e2db2c3d0ef3ec
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a194f5d92dd6081926dd722075bc361945f5e8e2467fba7089de7a268935993
4a3e90f7e0c2786ab5eb7a9664870771605d82729389eda271827327bc50b5be
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
50469c96bfe72c277794cef185a6fc45a3afc490b612300034a3a3065e411fef
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
5a79ea78835e72640066fd66d6e49d6ae584d5cfbc7cf575cf45c6a652f31f76
5b68a8fd227dabcf16b61696768f96c37d960042d5fd5b7e5d6c8c71cbf21358
5b7b00104b652a68894852f9e1630981e03a7d9e344a801854b5c46c9c8536cc
5bbd86c4c198969de3e9e9c669ceeabc3decdaab4fd5bb802841e42c1872cf22
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dbb55a11bd19a4b851a7c6a3dbe489c156b9565a3c085cee610be6eefa7d8cb
5fcf01d687730d505f5721a2a95ce4bdc5933609011e18d9a8d14baa876d1789
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6229770d211d3e9ec87b1daf5fb2576cd88a3caab6a9cd45baf2240703c35800
64752f3602b7d74fa7d2a2472e125b734100935adf636333ef30dd2f875294d2
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67d7e4ac14f1d2d471002fb7a0fdb15c4755f545ccbf37a12081861f474e6d51
6aacbec97910be872c41a4e0935f643e79b9066a274a303a52bc6bc8a59a0615
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6be7b63bdd7fe0b451f7e564b2db3663775894827f4b13ce7902770ea58ee0ad
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6e5c820f75dc2a22f53d3f105585a1c691b2acc0877d60e74b6617bbc36e6420
79ce560154084a302b268df01c2f29635339b93dcfe7154a8c188f8b870a2ee7
7a14d925b35bb3035cc21f39d7f34f8d83e5b1b2ad0bdc965d9d5e2ff7922fae
7a31237962212315139c1838629c844bf56bae219180288cdbac5606cbdb7a00
7b62efd09495904f6013379d997644a46f9db8f9cb1c163fd6e48a7abde1a9a0
7fde918e6fe89a653cb87021f5e8799273ee1edcd0ff6c0f52e4d11f429dc157
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8551007820252eebdec56c40904ed0302702999d706f473dee28d6ea5cb45f84
89645ef885977d68817cfda4a1c6f874b24bc2232385d89e9e759fe8ce4dd85b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90af1f468a6c650ab4f6b01bba88b67d79b72b5759134eda0b2bbcac875ab68d
90c47d126c451c704877cdc3bcbfbd74feb3cf00ee2a1a36c0cb3bae83e7e315
928c79d026c80f6cd0a594be9d5c02004f451b4fa41a64a917ef33003baa3f28
92fdcadbf224bfe461644696c1eeaceb184b9906bfbe08a47a388680939df0e9
94f6acc2165ab6515717921549164b6f84b29173a2dc6ce652540dd6cc2c8ddc
95351a3702d61501eb4dd5304e500ea3212c9220309e54a4e3e63a8d540d7861
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
98badeb40a3fb4d595c52ef93685e5cde80dcdcb55dab0de814e00956d94dabf
99d84cffe2be95f6c8347d0c87c0685c873410b9aa3e155a7fb09489aa0c5f1a
9a534d8d66085f17708bcb1e8ac876a537a0d61767a63c7be022d2d3c10b6987
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a680c6c0b26a196cf4e141679fad382f34272ada617392a295c5e0d5ec5b51
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a27ee116a04f56a5f02da73cf73a656df4c1a59558623d4adf1dd71a39faf4e5
a2bb12e88266c40aa8e4b1b0cd7204b23f0bbd8e8b4eabb96806116b590949cb
a2ceb9d510ced32d604ff621657de88204c6ec57e01fee0a01f4ef35f8a64aca
a5682afe0eb75ec3c830cf498b8bc9e45cc8f947a94966e60a888af2cba546d2
a7247368541eea4748e8815760d39fdb0d9a5624f307951d5616d18f089831dd
a7deb99604da9561a884cc9674f9fbc4267a605dfad129e5768f1b3e2d0723a0
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abdeff3f6b80e43233abe7678ac77ae09b4e04abbc10ad9cae8f472b8c12d151
ac25e9f9ace0e608832fd4ba56da37f4e0ae82c5864e4f5417db0b94346ab8c0
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb2da864e04c4c9cc587de58db21d63a1a0d37f90fe47890df710f553e40d8
b82d5a23d47decdc121f4288a7ea40dc50b855bc85b4c711266ad4d707b92eec
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
ba3b8fc344c47591d48e4151e049bd9cc755a3a9de8291f8b81be64d653a63ad
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
c4ad29961470ba23b57dafc9c1626b5c751d8055517af3b13b1f395f6068f0c9
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c5e320526a880eaac3727b4f7fd449d169ac7d1751bff80e080a195f8779680b
c7ae98d93b1c48b9e5bddf293cbde5b07c4fdb3aca41a4cdc940aacc3ab982a3
cf50fe12213503752fccb0726cc95368bc83166da9104bbf9a4505706870afa5
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d288569d31c44c2b5bf3971e7c4acab9d27401efb7212afa97b10e3e3ccbffab
d2b98709eade1745216956d07a8b77286bf3291b02ab43351407d51fed5d807e
d4efd444cfadc0fa73be14c7118b0d2309ff87de575e16af032cc5fcf4bfe4bc
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d72d653649e032862cb4e7005a6a3b0b2258a62ede5bc8323155e7612337c406
d921015568f0a3b71ce30f6efad2fe3cfcdeaa9c17a683946e13d0924748da94
da18849e09ca7517671f0244bad6aff6299f6c320ea5b37213e76963ffeddf0e
db837b7d61ec80a592ebc2873621fe25eed4e918151ddd39e8e0bbdeef87a486
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03854a496645e86e806d686ae5cc80518f2ddeb0d77fd428b55f5336a31cdf3
e0e5c8fec151580237772c40323e59e1f52fd7dd55fe11a6b393bfb6a07c40d9
e2a8032eb7c364799cf6021aa91f11550ed0ecd71bb20ffbfbf3612f2a2b021c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaaf4ac3f8176054e934c315fc88af01511f5e54ceb42349564ccea18501509f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ede9054596a10b9110068274f17a0b731ca0449535c2d529e8e73615c5f668ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17b91a3acd9b8c629f0b7e4a71af5e49c771303348f2a335024cb71df8dff41
f3f77c1d71500b9d9e23d6b1827d6fd768b78d425d2bbde2a3cebbc4595214dd
f57fcce9549822891d1202d4cc0e63f08df7d4c62fa9c4f772e6138e8f8c7c45
f62375013033f4c25d5df1275a676f365e75a7f2b04cb0672ce858896a77ce33
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f96bc53d8ca1252ed4e4ed2a6f3c51d2e6c00b3bd2fc99d44772a7aec834ba1f
faa1e1e9558c409f2cadecca7ee6446dfba3415dd14f4adeec648842cd58822d
fb821cddab32db0243ba7756678d7409a7fe410f599c6ee8da2f8384e5253ad8
fc66eb654c8c9619b73b5de4f6b61bb531466d0c12aca0ab699db11a4fc03ecf
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

baiyunju.cc Open in urlscan Pro 144.48.143.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

449 Requests

89 %HTTPS

42 %IPv6

41 Domains

55 Subdomains

41 IPs

9 Countries

5100 kBTransfer

13928 kBSize

38 Cookies

0 Outgoing links

Page URL History

Redirected requests

449 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

baiyunju.cc Open in urlscan Pro
144.48.143.107 Public Scan

Screenshot
Live screenshot

Full Image

449
Requests

89 %
HTTPS

42 %
IPv6

41
Domains

55
Subdomains

41
IPs

9
Countries

5100 kB
Transfer

13928 kB
Size

38
Cookies

449 HTTP transactions
10 data transactions