iqqoz.com Open in urlscan Pro
2407:c080:801:fffe::7c47:a6f7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://iqqoz.com/post-2293.html
Submission: On December 03 via api (December 3rd 2023, 3:11:57 pm UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 10 countries across 26 domains to perform 89 HTTP transactions. The main IP is 2407:c080:801:fffe::7c47:a6f7, located in Shanghai, China and belongs to HWCSNET Huawei Cloud Service data center, CN. The main domain is iqqoz.com.
TLS certificate: Issued by R3 on October 31st 2023. Valid for: 3 months.

This is the only time iqqoz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2407:c080:801... 2407:c080:801:fffe::7c47:a6f7	55990 (HWCSNET H...) (HWCSNET Huawei Cloud Service data center)
1	163.181.56.211 163.181.56.211	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
4	240e:97d:10:1... 240e:97d:10:1401::40f	134763 (CT-DONGGU...) (CT-DONGGUAN-IDC CHINANET Guangdong province network)
1	163.181.92.173 163.181.92.173	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	58.254.150.48 58.254.150.48	136958 (UNICOM-GU...) (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network)
1	2602:ffe4:c49... 2602:ffe4:c49:0:3::3fa	21859 (ZEN-ECN) (ZEN-ECN)
2	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	2600:9000:225... 2600:9000:2251:4e00:12:30a1:de00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	163.181.92.235 163.181.92.235	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	35.157.73.176 35.157.73.176	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	103.235.47.103 103.235.47.103	() ()
89	37

10 2407:c080:801:fffe::7c47:a6f7 (Shanghai, China)

ASN55990 (HWCSNET Huawei Cloud Service data center, CN)

iqqoz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.211 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

static.hdslb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 240e:97d:10:1401::40f (China)

ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN)

img.iqqoz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.173 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

img.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.254.150.48 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)

zz.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:ffe4:c49:0:3::3fa (United States)

ASN21859 (ZEN-ECN, US)

lf1-cdn-tos.bytegoofy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:4e00:12:30a1:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.235 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

zhanzhang.toutiao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.73.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-73-176.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.47.103 (None, )

ASN- ()

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	236 KB
14	iqqoz.com iqqoz.com img.iqqoz.com	143 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	77 KB
11	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	28 KB
10	google.com cse.google.com — Cisco Umbrella Rank: 3119 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693 clients1.google.com — Cisco Umbrella Rank: 411	179 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 c.clarity.ms — Cisco Umbrella Rank: 1377 r.clarity.ms — Cisco Umbrella Rank: 7434	28 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316	48 KB
3	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10115 sp0.baidu.com	12 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 72682 collect-v6.51.la	13 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	387 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	586 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	174 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	718 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	toutiao.com zhanzhang.toutiao.com — Cisco Umbrella Rank: 64550	647 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	765 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	90 KB
1	qhres2.com s.ssl.qhres2.com — Cisco Umbrella Rank: 112974	930 B
1	bytegoofy.com lf1-cdn-tos.bytegoofy.com — Cisco Umbrella Rank: 36239	1 KB
1	bdstatic.com zz.bdstatic.com — Cisco Umbrella Rank: 37134	552 B
1	alicdn.com img.alicdn.com — Cisco Umbrella Rank: 13309	46 KB
1	hdslb.com static.hdslb.com — Cisco Umbrella Rank: 54126	34 KB
89	26

	Domain	Requested by
11	pagead2.googlesyndication.com	iqqoz.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	iqqoz.com	iqqoz.com static.hdslb.com
7	static.criteo.net	ads.eu.criteo.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	cse.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
5	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	img.iqqoz.com	iqqoz.com
3	r.clarity.ms	www.clarity.ms
2	csm.eu.criteo.net	ads.eu.criteo.com
2	imageproxy.eu.criteo.net	ads.eu.criteo.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	iqqoz.com www.clarity.ms
2	cse.google.com	iqqoz.com www.google.com
2	hm.baidu.com	iqqoz.com
1	collect-v6.51.la	sdk.51.la
1	sp0.baidu.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	onetag-sys.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	zhanzhang.toutiao.com
1	c.bing.com	1 redirects
1	clients1.google.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	iqqoz.com
1	s.ssl.qhres2.com	iqqoz.com
1	sdk.51.la	iqqoz.com
1	lf1-cdn-tos.bytegoofy.com	iqqoz.com
1	zz.bdstatic.com	iqqoz.com
1	img.alicdn.com
1	static.hdslb.com	iqqoz.com
89	41

This site contains links to these domains. Also see Links.

Domain
qm.qq.com
dl.iqqoz.com
beian.miit.gov.cn
www.zblogcn.com
app.zblogcn.com

Subject Issuer	Validity	Valid
iqqoz.com R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.hdslb.com GlobalSign GCC R3 DV TLS CA 2020	`2023-08-08` - `2024-09-08`	a year	crt.sh
img.iqqoz.com TrustAsia RSA DV TLS CA G2	`2022-12-24` - `2023-12-24`	a year	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2023-06-29` - `2024-07-30`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.bytegoofy.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.ssl.qhres2.com WoTrus DV Server CA [Run by the Issuer]	`2023-02-28` - `2024-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.toutiao.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://iqqoz.com/post-2293.html
Frame ID: 66E46E3926C3D04424E5D1F2A69E69AA
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: A06BF34FEA55C2AEE33AF14AE095F708
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&adk=1812271804&adf=3025194257&lmt=1701610724&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313018&bpp=7&bdt=4250&idt=240&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3038317008569&frm=20&pv=2&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=261
Frame ID: 789D88C357DADD9401398321405EE22D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&slotname=4560496076&adk=3703191144&adf=3550883014&pi=t.ma~as.4560496076&w=862&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&format=862x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313027&bpp=1&bdt=4258&idt=264&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=317&ady=4062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=268
Frame ID: D741AFAC0077A069ADF9452A170485F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE57F2CF9FA0BF210BA09DBC5A47F598
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D8B1152AEE830B8CEBFBC9480077014
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.3491522272~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5029&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280&nras=2&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=30
Frame ID: E7C94685AC491E9548CFDDD3E88B57C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34
Frame ID: 6BEA3B46EEB189679C012B2B4A8899FD
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWyauQANLr0IFVlBAAXlV0Bj0wgFHrRHLuLmZg&u=%7CiVZY%2F0JVK5hgZszB0azzVa8JnSV136trRT5NjVFzqw4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8650JqtNWEEg09WZ4vTQSmsaWSKfpBSJy0qTgHij28l4T0U4NMbRKW6bV-BtyMevfIZdQbbfDmsG1_G45NyEcbiPPZD-jr8ycqa0k5gqM057aLZmt-5ue1rdA2cn19fzoAPQiyIhtuKHayPmnouR65FjalfiiIsj9rDlWNiKbuyy08fNDKbuFmYIKMQGD6HJqlOYewVQjiTHfOZUCKNNd4AKKoqT2sFm3Fn21LWL8iA34l1W4WIbePvQ9DQL6QKwgGepjPsCSdrVKj73P8KilOXA8EffcyQLz2sdj52Y1SXTUBkXXR3flg2hkUCrpxnMsKBsUZZROwtf1uWRhlvv52_L4JHviHkpc3K_mMNZzL41uy0pDJQPD0m-45OkOtoxlfxArVewHyJtV0R5fHsDp98sloeR-eFZc4cQs6Wx9e3KevYYHrM1Ha86Isohz7EqDX_-aNhuo6mX_Hi-zfTc11ol2_t3md09uZVnXq40DBEG5TB32LhAZwFtPmj94Uix-aMQB1JbtVvzsd4nAQn5BfO44A-LlDOfYFm_mEpRwb8B6wN_05E0x5Xo1i6sJ8ZAi9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9-5cuZpsZb3dNMGy1fAP18qXoAzJntKxXKX8k_dwwI23ARABIABglfKLgpgHggEXY2EtcHViLTIyNzEyODcwNTk2NDU4MTnIAQmpAocWcjmKQrI-qAMByAMCqgT6AU_QEQVfd9PoeWzR1Xt48vIu1QhjGPWVprsUBhjsJL33DAtwoz3AW5w2tv_lo1jlOANBzyHZYXjnOjVds-55E5tnV7cZe8CV8DkiryaEeIYAt2oZLe29FHJ6G5JObr23IEpxkKNoziTwq3X8-ZsGOMGanGbCCSUbI0-lPBpGnVUGzHE2djU4TgWvfa8iRzq0RIALNmSY0p563UVYbzuX0_7Rts9lrUBtXpFhZV_pjaX7J6IoOWAvFPNF-EsfB80Bb3D_NdeNwXd2Wf0-SVjNlt9nWqc4cDenC_ekuvlLHIClaazlVJQf_OctTFhAr2Y6QLb2rxJpuwYUjoaABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlik67nfxvOCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1PuG6CquvWd7mUvioqYxiDvDxIKA%26client%3Dca-pub-2271287059645819%26adurl%3D
Frame ID: 699D1623CA3D90EF686128069CBC234E
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19F2EF1EEAD2319BD1CCD53C5F2C835F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

在Proxmox VE上运行OpenWrt/LEDE虚拟机——5.PVE的网络设置(3)CLI配置网络 - 爱刷机suchen

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

96 %
HTTPS

60 %
IPv6

26
Domains

41
Subdomains

37
IPs

10
Countries

1002 kB
Transfer

2505 kB
Size

27
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://qm.qq.com/cgi-bin/qm/qr?_wv=1027&k=UkX_cEoQmXiF0cK6-Hk-vUF-AqDycwuk&authKey=CqkLw7rBqzHLwvSx4p9SiPfdvECwLlCm6fbqSw8069cppOrafLqCdxoBfVcvd7TO&noverify=0&group_code=376877156
Title: 二群：376877156

Search URL Search Domain Scan URL

URL: http://qm.qq.com/cgi-bin/qm/qr?_wv=1027&k=DsKQdvjmHQ95K-3saKmPvlOHg4rM1vjy&authKey=WuvN%2Fx4hdJ17prtlKvw8k4ZW36b%2BO8aU2BV4lMH%2BD3cYgzK1e6oOYGmUZwv4Ukj1&noverify=0&group_code=622891808
Title: 【路由器交流群：622891808已满】

Search URL Search Domain Scan URL

URL: http://dl.iqqoz.com/d/1397394-32237339-57dde9
Title: 诚通网盘附件

Search URL Search Domain Scan URL

URL: http://dl.iqqoz.com/d/1397394-41615776-561b85
Title: 百度网盘附件

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 豫ICP备2021009954号-2

Search URL Search Domain Scan URL

URL: https://www.zblogcn.com/
Title: Z-BlogPHP

Search URL Search Domain Scan URL

URL: https://app.zblogcn.com/?id=18277
Title: xunm_jizhicms

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BC5B2B9A71B4430AB5F55B28725B4F8D&RedC=c.clarity.ms&MXFR=35BDB02B18176F2E37DDA3F71C1761D2 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BC5B2B9A71B4430AB5F55B28725B4F8D&MUID=293A7EB1E2E666B71F546D6DE36D6720

Request Chain 64

https://um.simpli.fi/gp_match?google_gid=CAESENcOoft9AI_9KeI9HOxzrFw&google_cver=1&google_push=AXcoOmSPjEltOqoUL-b5UnH3jkpYXHddLLV3OkNAZjVad8ArhEdfwsdkluWuZoqGGyCEuLtoHynYDCJr1Qr2C9X6ykZPnJpDWpoU7w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B39F5FA9755D46A8BF0E17FB576FB47D&google_push=AXcoOmSPjEltOqoUL-b5UnH3jkpYXHddLLV3OkNAZjVad8ArhEdfwsdkluWuZoqGGyCEuLtoHynYDCJr1Qr2C9X6ykZPnJpDWpoU7w

Request Chain 66

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESED0UQ512V0fUG2GbaYwey0E&google_cver=1&google_push=AXcoOmT9J33gkAu6LU2QNhDfIYKenSWeH-zBz_Qp1W73T0N4baAymVPFzTxh0-54-AAzH0EPq7AWpRKUt3c0YQFi15gSMs880_tooA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODM4NjQxODk3NDE5MzgxOQ%3D%3D&google_push=AXcoOmT9J33gkAu6LU2QNhDfIYKenSWeH-zBz_Qp1W73T0N4baAymVPFzTxh0-54-AAzH0EPq7AWpRKUt3c0YQFi15gSMs880_tooA

Request Chain 68

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF9aQgbrXkbSiNVB-wmqh-U&google_cver=1&google_push=AXcoOmTXXgECNSbqXBOKpaHg1RgLIRg2GskFANusdKDv0XPD9-zHdTWie7Z2np5tSEHzvcLDSBZ-1wGIz-xK3JxtS_PGizOLN-pUSw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTXXgECNSbqXBOKpaHg1RgLIRg2GskFANusdKDv0XPD9-zHdTWie7Z2np5tSEHzvcLDSBZ-1wGIz-xK3JxtS_PGizOLN-pUSw

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request post-2293.html Show response
iqqoz.com/ 48 KB
14 KB 1565ms
263ms Document
text/html 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/post-2293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

63baa2b3496ee30df8314d004c0f0dab0dfb3748f1dd42ee0b16a54e075e27f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 03 Dec 2023 15:11:48 GMT
etag: W/"656c84e4-c10e"
last-modified: Sun, 03 Dec 2023 13:38:44 GMT
server: Tengine
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 jquery-1.11.3.min.js Show response
static.hdslb.com/live-static/libs/jquery/ 94 KB
34 KB 1703ms
23ms Script
application/x-javascript 163.181.56.211
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hdslb.com/live-static/libs/jquery/jquery-1.11.3.min.js
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.181.56.211 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 14:50:35 GMT
content-encoding: gzip
via: cache10.l2de2[0,0,200-0,H], cache23.l2de2[1,0], ens-cache3.de4[12,13,200-0,M], ens-cache1.de4[15,0]
age: 1274
x-swift-cachetime: 85126
x-cache: MISS TCP_MISS dirn:-2:-2
cross-origin-resource-policy: cross-origin
x-swift-savetime: Sun, 03 Dec 2023 15:11:50 GMT
content-length: 34527
last-modified: Thu, 08 Sep 2022 05:55:52 GMT
server: Tengine
etag: "631983e8-176f8"
ali-swift-global-savetime: 1701615036
content-type: application/x-javascript
cache-control: max-age=86400
timing-allow-origin: *
eagleid: 2ff62b1917016163106831123e
x-cache-webcdn: AL
expires: Mon, 04 Dec 2023 14:50:35 GMT

GET
H/1.1 200
OK 202311298967_9055.png
img.iqqoz.com/2023/11/ 11 KB
12 KB 1533ms
437ms Image
image/jpeg 240e:97d:10:1401::40f
CT-DONGGUAN-IDC C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.iqqoz.com/2023/11/202311298967_9055.png?imageMogr2/thumbnail/x400/blur/1x0/quality/50
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97d:10:1401::40f , China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 608a3a1b98c1ffce1fcb3058ec7f5b7487045ce6f82b14d863f98444e849db97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Log: X-Log
Date: Sun, 03 Dec 2023 15:11:50 GMT
X-Svr: IO
Age: 364437
X-Reqid: INIAAAD5ib2QD5wX
Content-Transfer-Encoding: binary
Connection: keep-alive
Content-Length: 11671
X-M-Reqid: ytrbeh7QS
X-M-Log: QNM:cdn-cache-dls-gddg1-dg-7;QNM3
Last-Modified: Wed, 29 Nov 2023 09:49:54 GMT
Server: openresty
Etag: "AImwSJtXBBf6EzuB72LqxMg-RP4x"
Access-Control-Max-Age: 2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
X-Resp-Code: 290

GET
H/1.1 200
OK 202308276758_7195.png
img.iqqoz.com/2023/08/ 16 KB
16 KB 1753ms
663ms Image
image/jpeg 240e:97d:10:1401::40f
CT-DONGGUAN-IDC C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.iqqoz.com/2023/08/202308276758_7195.png?imageMogr2/thumbnail/x400/blur/1x0/quality/50
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97d:10:1401::40f , China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: openresty /
Resource Hash: f1a7008f85f9afd06344e5e63a5a8347a536b76d95344f700917f966bf7811d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Log: X-Log
Date: Sun, 03 Dec 2023 15:11:50 GMT
X-Svr: IO
Age: 8502081
X-Reqid: sEAAAABIc8NrJn8X
Content-Transfer-Encoding: binary
Connection: keep-alive
Content-Length: 16146
X-M-Reqid: QhTMXkAIy
X-M-Log: QNM:cdn-cache-dls-gddg1-dg-5;QNM3:2
Last-Modified: Sun, 27 Aug 2023 04:17:39 GMT
Server: openresty
Etag: "AIh7gNtu0amojvgR83m7d2mellow"
Access-Control-Max-Age: 2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit

GET
H/1.1 200
OK 201811038746_5071.jpg
img.iqqoz.com/2018/11/ 32 KB
32 KB 467ms
467ms Image
image/jpeg 240e:97d:10:1401::40f
CT-DONGGUAN-IDC C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.iqqoz.com/2018/11/201811038746_5071.jpg?imageMogr2/thumbnail/x400/blur/1x0/quality/50
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97d:10:1401::40f , China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: openresty /
Resource Hash: b440ecbf3faa20148fa0fc61c400a9a016cc788f7c186c13abde1b5e7291c00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Log: X-Log
Date: Sun, 03 Dec 2023 15:11:50 GMT
X-Svr: IO
Age: 10892077
X-Reqid: 6w8AAABKYJm7qHYX
Content-Transfer-Encoding: binary
Connection: keep-alive
Content-Length: 32603
X-M-Reqid: AVuMwmRKA
X-M-Log: QNM:cdn-cache-dls-gddg1-dg-5;QNM3
Last-Modified: Sat, 03 Nov 2018 14:48:16 GMT
Server: openresty
Etag: "ADgHbWjpCSKhdqIhWJy3zyaGxakE"
Access-Control-Max-Age: 2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
X-Resp-Code: 290

GET
H2 200 js.js Show response
iqqoz.com/zb_users/plugin/ly_tk/ 6 KB
3 KB 263ms
262ms Script
application/javascript 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/zb_users/plugin/ly_tk/js.js?ver=0701

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

4fc9711c4019c602a56f33aafaacde6f9eff5a63b076cafd8e1a00c5a5cf74e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 15:47:59 GMT
server: Tengine
etag: W/"64df92af-18d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Tue, 02 Jan 2024 15:11:50 GMT

GET
H2 200 pintuer.min.js Show response
iqqoz.com/zb_users/theme/iqqoz/js/ 64 KB
20 KB 525ms
525ms Script
application/javascript 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/zb_users/theme/iqqoz/js/pintuer.min.js?v=0.1.6

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

21975f42f0732dfb49b91dd0dacc09bb26840346e29f4961393208d43fa068a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 02:44:51 GMT
server: Tengine
etag: W/"62f46d23-fed2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Tue, 02 Jan 2024 15:11:50 GMT

GET
H2 200 style.css
iqqoz.com/zb_users/theme/iqqoz/style/ 56 KB
14 KB 786ms
786ms Stylesheet
text/css 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/zb_users/theme/iqqoz/style/style.css?v=1.4.3

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

5209bceab7c6a6f542796c38a2ca5e35cb7b077bee1a08d003e474e72a858e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 08 Aug 2023 04:50:42 GMT
server: Tengine
etag: W/"64d1c9a2-df9d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 02 Jan 2024 15:11:50 GMT

GET
DATA 200
OK truncated
/ 420 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80c91178161b842bbae800265678cf56ba0cd14a11b3fc58418de0e63667bd8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 cmd.php Show response
iqqoz.com/zb_system/ 4 B
182 B 784ms
783ms XHR
text/html 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/zb_system/cmd.php?act=ajax&src=fastcache_viewnums

Requested by

Host: static.hdslb.com
URL: https://static.hdslb.com/live-static/libs/jquery/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

b9102e884eb1d49c328fbaa4b130e043a74a8749e573a4b6c68aa875f2e5e9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://iqqoz.com/post-2293.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 03 Dec 2023 15:11:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Tengine
product: Z-BlogPHP 1.6.7 Valyria
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 css.css
iqqoz.com/zb_users/plugin/ly_tk/ 8 KB
2 KB 262ms
262ms Stylesheet
text/css 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/zb_users/plugin/ly_tk/css.css?ver=0627

Requested by

Host: static.hdslb.com
URL: https://static.hdslb.com/live-static/libs/jquery/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

a92e1979c4a78659b4176239525d614ea8036a4e4d2b5858a721666781ff0480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 15:47:59 GMT
server: Tengine
etag: W/"64df92af-1ec6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 02 Jan 2024 15:11:51 GMT

GET
H2 500 main.php Show response
iqqoz.com/zb_users/plugin/ly_tk/ 2 KB
2 KB 334ms
334ms XHR
text/html 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL: https://iqqoz.com/zb_users/plugin/ly_tk/main.php?plugin=ly_tk&iid=&num=2&page=1&kid=2&tag=lede&callback=jQuery1113008364035312926821_1701616310749&_=1701616310750
Requested by: Host: static.hdslb.com
URL: https://static.hdslb.com/live-static/libs/jquery/jquery-1.11.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 1d87abcfa7638f6c0b34dc51b69b4731c35b341ff6e92b709ed6ea329e61bd82

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://iqqoz.com/post-2293.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:51 GMT
server: Tengine
product: Z-BlogPHP 1.6.7 Valyria
content-type: text/html; charset=utf-8

GET
H2 200 style.css
iqqoz.com/zb_users/theme/iqqoz/style/ 56 KB
14 KB 263ms
263ms Stylesheet
text/css 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/zb_users/theme/iqqoz/style/style.css?v=1.4.3

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

5209bceab7c6a6f542796c38a2ca5e35cb7b077bee1a08d003e474e72a858e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 08 Aug 2023 04:50:42 GMT
server: Tengine
etag: W/"64d1c9a2-df9d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 02 Jan 2024 15:11:51 GMT

GET
H/1.1 200
OK 201903233197_1721.jpg
img.iqqoz.com/2019/03/ 884 B
1 KB 330ms
329ms Image
image/jpeg 240e:97d:10:1401::40f
CT-DONGGUAN-IDC C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.iqqoz.com/2019/03/201903233197_1721.jpg?imageView2/1/w/80/h/60/q/50
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97d:10:1401::40f , China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 32fbd2a37f4262eb49f1b557c3c17033edfcc05b5b01222cd19fd95a8c83d1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-Log: X-Log
Date: Sun, 03 Dec 2023 15:11:52 GMT
X-Svr: IO
Age: 5714708
X-Reqid: pNsAAAA7IwyGDYkX
Content-Transfer-Encoding: binary
Connection: keep-alive
Content-Length: 884
X-M-Reqid: 2xeGZrZao
X-M-Log: QNM:cdn-cache-dls-gddg1-dg-9;QNM3
Last-Modified: Sat, 23 Mar 2019 11:32:31 GMT
Server: openresty
Etag: "ABxh5uOI_xc_R9Y7teNxQcnWJk43"
Access-Control-Max-Age: 2592000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
X-Resp-Code: 290

GET
H2 200 O1CN01S0VApj1LS4XedVJ3c_!!2200798601297.jpg
img.alicdn.com/i1/2200798601297/ 46 KB
46 KB 1638ms
645ms Image
image/avif 163.181.92.173
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.alicdn.com/i1/2200798601297/O1CN01S0VApj1LS4XedVJ3c_!!2200798601297.jpg?imageView2/1/w/80/h/60/q/50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.173 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 626c1b947b039cb1409396b2d9100cdeb0c02a67ae1ee419bf5496062a5d888b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
via: cache32.l2us1[533,532,200-0,M], cache20.l2us1[541,0], ens-cache2.de5[628,627,200-0,M], ens-cache16.de5[633,0]
picasso-cache-info: HIT
age: 0
x-swift-cachetime: 31536000
request-time: 0.004
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sun, 03 Dec 2023 15:11:53 GMT
s-rt: 633
content-length: 46839
server: Tengine
vary: Accept
picasso-image-type: normal
content-type: image/avif
traceid: a3b55ca417016163128707293e
ali-swift-global-savetime: 1701616313
cache-control: max-age=31536000
picasso-ret-code: SUCCESS
access-control-allow-origin: *
timing-allow-origin: *
eagleid: a3b55ca417016163128707293e

GET
H2 200 hb1.jpg
iqqoz.com/iqq/img/ 11 KB
11 KB 262ms
262ms Image
image/jpeg 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iqqoz.com/iqq/img/hb1.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

56011249c163dbbbabef32061fbfa140d9275b8c9ca92ee47b504216a243b86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Dec 2023 09:42:36 GMT
server: Tengine
etag: "6569aa8c-2ae7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10983
expires: Tue, 02 Jan 2024 15:11:51 GMT

GET
H2 200 custom.js Show response
iqqoz.com/zb_users/theme/iqqoz/js/ 3 KB
1 KB 262ms
262ms Script
application/javascript 2407:c080:801:fffe::7c47:a6f7
HWCSNET Huawei Cl...

General

Check archive.org

Show headers Download Go to

Full URL

https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/post-2293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2407:c080:801:fffe::7c47:a6f7 Shanghai, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6599b2bd89bf3b548b169273adaf41f13480f8229d1f03adfac91e2bffce7156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 12 Aug 2023 15:40:24 GMT
server: Tengine
etag: W/"64d7a7e8-a57"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Tue, 02 Jan 2024 15:11:52 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1684ms
295ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?e0fdfb13b380d11ac20161f7e53038da

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

942f7a8adb5f01866d59ddba97c6d4a6c015f47674d7e8dcf7668eaf71bbdd1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 15:11:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 1f4bf3efb5b4e6fa891055dda49f86a5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11410

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 119ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2271287059645819

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97482892d1bfe1a6bf2ff37ea3fecb130f466d9c059e341b1df696a89fc8339d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53090
x-xss-protection: 0
server: cafe
etag: 15856203604606679801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 15:11:52 GMT

GET
H2 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
552 B 1663ms
363ms Script
application/x-javascript 58.254.150.48
UNICOM-GUANGZHOU-...

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.254.150.48 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
content-encoding: br
tracecode: 03711043590667914250120311
ohc-response-time: 1 0 0 0 0 0
last-modified: Fri, 30 Dec 2022 21:48:54 GMT
server: JSP3/2.0.14
age: 43543
etag: "63af5cc6-134"
ohc-cache-hit: gz3un61 [2], zhuzuncache61 [2]
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
ohc-global-saved-time: Sun, 03 Dec 2023 03:06:11 GMT

GET
H2 200 push.js Show response
lf1-cdn-tos.bytegoofy.com/goofy/ttzz/ 357 B
1 KB 710ms
198ms Script
application/javascript 2602:ffe4:c49:0:3::3fa
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://lf1-cdn-tos.bytegoofy.com/goofy/ttzz/push.js?d25aed518ba45ab0f3df7ef404fe0cea666dba9b870cab6c286b98cb684b76c44a4d40de0dd5fa9b5c2c10f69a3b501dc430e831103b45ce33654fb9f95b006c
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2602:ffe4:c49:0:3::3fa , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Tengine /
Resource Hash: 76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:15:54 GMT
content-encoding: br
via: cache24.l2vn1[0,0,200-0,H], cache7.l2vn1[1,0], cache10.vn15[0,0,200-0,H], cache11.vn15[2,0]
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
content-md5: LqvsFUPQ989nqVgaBGwKgA==
age: 8394959
x-swift-cachetime: 31535352
x-cache: HIT TCP_MEM_HIT dirn:12:391437430
x-tos-storage-class: STANDARD
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-swift-savetime: Mon, 28 Aug 2023 11:26:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-tos-request-id: f7d435ec81eaf05e64ec81ea-a92e6c2
x-tos-response-time: Mon, 28 Aug 2023 11:15:54 GMT
last-modified: Tue, 01 Mar 2022 02:59:26 GMT
server: Tengine
x-tt-logid: 20230828191554625B6565263B212E6C63
etag: W/"2eabec1543d0f7cf67a9581a046c0a80"
vary: Accept-Encoding
ali-swift-global-savetime: 1693221354
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: goofy
x-tt-trace-host: 01e6312024f5fc852ffa75a6ea54cf7b2c54440283d0feed2d48803cf7b45a99c81756fff529ee14b7bd96b9399924b0d5f834eb612cd9e58acef73427e4057aaec1739d710085095f8678c7b6dce607553b3a4ed76a785b84041330668afca9e6
access-control-request-methods: OPTIONS, HEAD, GET
x-response-cache: edge_hit
timing-allow-origin: *
eagleid: 6b9b3e1f17016163135546581e

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 2675ms
1888ms Script
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js?id=JXitKTm4TnXfy4BI&ck=JXitKTm4TnXfy4BI
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 15:11:55 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres2.com/ssl/ 478 B
930 B 1170ms
7ms Script
application/javascript 2600:9000:2251:4e00:12:30a1:de00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4e00:12:30a1:de00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 09:01:01 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA60-P3
age: 6156653
x-cache: Hit from cloudfront
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: VgTxxKGOEax0o9m4p4ROUkkdCRa79eM51c7c9q6aQMwTQlaouSNxgA==
expires: Tue, 20 Sep 2033 09:01:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
90 KB 67ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P14GH8VMS1

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ec59ccacc048f94587b1f323f5d01f22ab57a9cc98def37f91c9077b029dcfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 15:11:52 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 86ms
50ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=ac2bdc327c634cbe2

Requested by

Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0c35639bcbe2abe910b0bedda1980644e431abd0b9402564a963177fb6c280fe

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-ViOTC8vCc1YRfirGi6jYXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ViOTC8vCc1YRfirGi6jYXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Sun, 03 Dec 2023 15:11:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3162
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Sun, 03 Dec 2023 15:11:52 GMT

GET
H2 200 9vcbnu0l1c Show response
www.clarity.ms/tag/ 682 B
1 KB 197ms
159ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9vcbnu0l1c?ref=bwt
Requested by: Host: iqqoz.com
URL: https://iqqoz.com/zb_users/theme/iqqoz/js/custom.js?v=1.1.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ae5bc2af0608634a48b38271e70f698f6234793a41b2d8c00ef540fd8687c794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Sun, 03 Dec 2023 15:11:53 GMT
x-azure-ref: 20231203T151152Z-7931xr3eg97zb3h7zzckaa91gn000000051g00000002tupu
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 682
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/2b35e7a15e0e30e2/ 315 KB
105 KB 60ms
25ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/2b35e7a15e0e30e2/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac2bdc327c634cbe2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e260f7bf27b297a1d3047abad69b757e87d9d85769f33a49b5a80e8e6e196310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107159
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 03 Dec 2023 15:11:52 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/2b35e7a15e0e30e2/ 41 KB
9 KB 57ms
22ms Stylesheet
text/css 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/2b35e7a15e0e30e2/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac2bdc327c634cbe2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 03 Dec 2023 15:11:52 GMT

GET
H2 200 greensky.css
www.google.com/cse/static/style/look/v4/ 5 KB
6 KB 49ms
14ms Stylesheet
text/css 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/greensky.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac2bdc327c634cbe2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e75d9252582697a1b7a8cab4307bf877c4749655ccf731c148c44c3b519108b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 14:30:58 GMT
x-content-type-options: nosniff
age: 2454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5404
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 03 Dec 2023 15:20:58 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 45ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P14GH8VMS1&gtm=45je3bt0v877280292&_p=1701616312861&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=782452427.1701616313&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701616312&sct=1&seg=0&dl=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html&dt=%E5%9C%A8Proxmox%20VE%E4%B8%8A%E8%BF%90%E8%A1%8COpenWrt%2FLEDE%E8%99%9A%E6%8B%9F%E6%9C%BA%E2%80%94%E2%80%945.PVE%E7%9A%84%E7%BD%91%E7%BB%9C%E8%AE%BE%E7%BD%AE(3)CLI%E9%85%8D%E7%BD%AE%E7%BD%91%E7%BB%9C%20-%20%E7%88%B1%E5%88%B7%E6%9C%BA&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1&tfd=5795
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P14GH8VMS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iqqoz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 61ms
21ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P14GH8VMS1&cid=782452427.1701616313&gtm=45je3bt0v877280292&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P14GH8VMS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iqqoz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 73ms
38ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P14GH8VMS1&cid=782452427.1701616313&gtm=45je3bt0v877280292&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=286401121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2271287059645819&plah=iqqoz.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2271287059645819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9a478064ed1e9e6f12ce523b5a1cff13e74d62771f9b7e804f394ae912cdce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137678
x-xss-protection: 0
server: cafe
etag: 160773951652724441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 15:11:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame A06B 9 KB
4 KB 151ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2271287059645819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iqqoz.com/post-2293.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
52 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/2b35e7a15e0e30e2/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fe95955a57b68b2ca6b5fc3f50ebca2eceab8f4dfec8164a04c2c27eb60236b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "17348395402651671750"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sun, 03 Dec 2023 15:11:53 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 08:00:41 GMT
x-content-type-options: nosniff
age: 544272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 26 Nov 2024 08:00:41 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 104ms
14ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 32ms
31ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9vcbnu0l1c?ref=bwt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231203T151153Z-7931xr3eg97zb3h7zzckaa91gn000000051g00000002tur3
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 977c8097-b01e-001e-69de-21c203000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BC5B2B9A71B4430AB5F55B28725B4F8D&RedC=c.clarity.ms&MXFR=35BDB02B18176F2E37DDA3F71C1761D2
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BC5B2B9A71B4430AB5F55B28725B4F8D&MUID=293A7EB1E2E666B71F546D6DE36D6720

42 B
444 B

28ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BC5B2B9A71B4430AB5F55B28725B4F8D&MUID=293A7EB1E2E666B71F546D6DE36D6720
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:52 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25DFAC5C6E1E413CB0849D67CAF4433D Ref B: FRA31EDGE0509 Ref C: 2023-12-03T15:11:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BC5B2B9A71B4430AB5F55B28725B4F8D&MUID=293A7EB1E2E666B71F546D6DE36D6720
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 76ms
48ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2271287059645819
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://iqqoz.com/post-2293.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 789D 19 KB
6 KB 471ms
470ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&adk=1812271804&adf=3025194257&lmt=1701610724&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313018&bpp=7&bdt=4250&idt=240&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3038317008569&frm=20&pv=2&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=261

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2271287059645819&plah=iqqoz.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf3dd4e1420d38d880cfbe3b2e8abf130d7069dae63becec8fc086f4138680c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iqqoz.com/post-2293.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 15:11:53 GMT
expires: Sun, 03 Dec 2023 15:11:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
63ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9687d5d352ecccb81e2f3bd8cd7d3315063ac4e89d17033cc486689df7e72a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12448
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D741 714 B
579 B 437ms
436ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&slotname=4560496076&adk=3703191144&adf=3550883014&pi=t.ma~as.4560496076&w=862&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&format=862x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313027&bpp=1&bdt=4258&idt=264&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=317&ady=4062&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=268

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5234a8092a40dd5e098e6d954df502e7106cc1d4d5d6e002d4cddf9fc2eecf60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iqqoz.com/post-2293.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 15:11:53 GMT
expires: Sun, 03 Dec 2023 15:11:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
289 B 419ms
215ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://iqqoz.com/post-2293.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://iqqoz.com
Date: Sun, 03 Dec 2023 15:11:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 107ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 15:11:53 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2271287059645819&plah=iqqoz.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://iqqoz.com/post-2293.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE57 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iqqoz.com/post-2293.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 12:58:52 GMT
expires: Mon, 02 Dec 2024 12:58:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D8B 829 B
560 B 23ms
23ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

096f9fd8c6e707061c2c1da7fdbe8fa73a34ce7f747ee7e5f8926219d45d6139

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zFL7J8HxCvoxLkaeifwbzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iqqoz.com/post-2293.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zFL7J8HxCvoxLkaeifwbzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 15:11:53 GMT
expires: Sun, 03 Dec 2023 15:11:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FE57 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D8B 0
0 48ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1199007024312336&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE57 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OVzkcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 s.gif
zhanzhang.toutiao.com/ 0
647 B 1311ms
812ms Image
text/plain 163.181.92.235
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhanzhang.toutiao.com/s.gif?url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&token=d25aed518ba45ab0f3df7ef404fe0cea666dba9b870cab6c286b98cb684b76c44a4d40de0dd5fa9b5c2c10f69a3b501dc430e831103b45ce33654fb9f95b006c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.235 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
via: cache19.l2de2[799,799,200-0,M], cache26.l2de2[801,0], ens-cache11.de5[803,802,200-0,M], ens-cache3.de5[805,0]
x-tt-trace-tag: id=03;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231203231154EBFAA4D4871905F545E0-0711BCA36E0C5BEE-00
x-swift-cachetime: 43200
x-cache: MISS TCP_MISS dirn:-2:-2
server-timing: inner; dur=3, cdn-cache;desc=MISS,edge;dur=4,origin;dur=801
x-swift-savetime: Sun, 03 Dec 2023 15:11:54 GMT
content-length: 0
server: Tengine
x-tt-logid: 20231203231154EBFAA4D4871905F545E0
ali-swift-global-savetime: 1701616314
content-type: text/plain; charset=utf-8
x-tt-trace-host: 0172886fe873796103a6b2b68949a7221f67468c28485e7beaab13f459b7fb616508b2f829da81a42357911e80000786a6a0a174fd549b316337333fdca6b782297a798039cccf009a4fe3ffb13441c9f3be452a5c00e6b0f88e626d09bb906dd5
timing-allow-origin: *
eagleid: a3b55c9717016163140816630e

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7C9 436 B
238 B 484ms
483ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.3491522272~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5029&idt=-M&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280&nras=2&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5053&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f23ffd1ae80fab239f3579e6622a845f7d5f13a50f37155c674ff440fc72094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iqqoz.com/post-2293.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 15:11:54 GMT
expires: Sun, 03 Dec 2023 15:11:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BEA 38 KB
16 KB 214ms
214ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

313867b9f27bb0c6f6a653ec4e2a3187a11d7592c7befdf00a93fb00240f09d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iqqoz.com/post-2293.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 15:11:54 GMT
expires: Sun, 03 Dec 2023 15:11:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&hl=zh-CN&pvc=1199007024312336

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2271287059645819&plah=iqqoz.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://iqqoz.com/post-2293.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6BEA 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:58:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6BEA 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6BEA 0
0 21ms
20ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTthpOWYiiC2JNg_ODn0YpPczJQ48HzV0Bn6bcUcwdSyFbG3Svhz7zSW2uUQ3jWcktWWZDWKQTGBrQbLBbwANd-CTkqnA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BEA 202 KB
64 KB 78ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 15:11:54 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 699D 135 KB
47 KB 127ms
84ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWyauQANLr0IFVlBAAXlV0Bj0wgFHrRHLuLmZg&u=%7CiVZY%2F0JVK5hgZszB0azzVa8JnSV136trRT5NjVFzqw4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8650JqtNWEEg09WZ4vTQSmsaWSKfpBSJy0qTgHij28l4T0U4NMbRKW6bV-BtyMevfIZdQbbfDmsG1_G45NyEcbiPPZD-jr8ycqa0k5gqM057aLZmt-5ue1rdA2cn19fzoAPQiyIhtuKHayPmnouR65FjalfiiIsj9rDlWNiKbuyy08fNDKbuFmYIKMQGD6HJqlOYewVQjiTHfOZUCKNNd4AKKoqT2sFm3Fn21LWL8iA34l1W4WIbePvQ9DQL6QKwgGepjPsCSdrVKj73P8KilOXA8EffcyQLz2sdj52Y1SXTUBkXXR3flg2hkUCrpxnMsKBsUZZROwtf1uWRhlvv52_L4JHviHkpc3K_mMNZzL41uy0pDJQPD0m-45OkOtoxlfxArVewHyJtV0R5fHsDp98sloeR-eFZc4cQs6Wx9e3KevYYHrM1Ha86Isohz7EqDX_-aNhuo6mX_Hi-zfTc11ol2_t3md09uZVnXq40DBEG5TB32LhAZwFtPmj94Uix-aMQB1JbtVvzsd4nAQn5BfO44A-LlDOfYFm_mEpRwb8B6wN_05E0x5Xo1i6sJ8ZAi9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9-5cuZpsZb3dNMGy1fAP18qXoAzJntKxXKX8k_dwwI23ARABIABglfKLgpgHggEXY2EtcHViLTIyNzEyODcwNTk2NDU4MTnIAQmpAocWcjmKQrI-qAMByAMCqgT6AU_QEQVfd9PoeWzR1Xt48vIu1QhjGPWVprsUBhjsJL33DAtwoz3AW5w2tv_lo1jlOANBzyHZYXjnOjVds-55E5tnV7cZe8CV8DkiryaEeIYAt2oZLe29FHJ6G5JObr23IEpxkKNoziTwq3X8-ZsGOMGanGbCCSUbI0-lPBpGnVUGzHE2djU4TgWvfa8iRzq0RIALNmSY0p563UVYbzuX0_7Rts9lrUBtXpFhZV_pjaX7J6IoOWAvFPNF-EsfB80Bb3D_NdeNwXd2Wf0-SVjNlt9nWqc4cDenC_ekuvlLHIClaazlVJQf_OctTFhAr2Y6QLb2rxJpuwYUjoaABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlik67nfxvOCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1PuG6CquvWd7mUvioqYxiDvDxIKA%26client%3Dca-pub-2271287059645819%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cdaed92050b2779a8142ad58c74fe301730d852c168a8614a0e3045d5f98d415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 15:11:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GpDe0O6a-pEFOcgck_1vYxl5bsAplBDjjSX-vsYXaJbUbZAzVIlJMNSd5_m7w3vKn-P-Lyegh6fnumyudKtwD5c6KPeLj5tsCRjKBHBTPWXWxzy5eXfJDhSUUspim72VaOi4rtYm8yEVNKe6sDfr-GB4DuZEN-CDWCc-5cMgjpzJ4x5rmlW-q3OYit6bQ92kCbQzHZIBDi8Fu5wQAfthHXfXpkhJy_ieMd_pST36FNxNRxVNpXcqhJCAF1I5s6W-Tl9y2Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59865913
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 19F2 1 KB
643 B 13ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BEA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc9bae9d73d7705a0cd590d8cea186205ca5a50161ff9e7da53749e864d238f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 19F2 35 B
463 B 60ms
15ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJZJ1YX7uaSOt39WU_HUTSY&google_cver=1&google_push=AXcoOmRLS2sjqwXGUZ_dRMIi4uojGCAG0T5yzLcjycjV8ueRK4qvSImS1JtLX_6K2-_5nQS1YXjGenOEb2LJlH8f2Jp1Z1-U0nSroQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 19F2 0
104 B 91ms
27ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBbvqFAVT79LSyUFBAx10yo&google_cver=1&google_push=AXcoOmS7lOBlWWm6o1UZ5uCoZor4e4_A5cePu2POexx2CEdCUfnL9faq_YgXoeBRx0uFn31UOTwUfsfokkMif9nfvW4Rhrk3B7ye
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 19F2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENcOoft9AI_9KeI9HOxzrFw&google_cver=1&google_push=AXcoOmSPjEltOqoUL-b5UnH3jkpYXHddLLV3OkNAZjVad8ArhEdfwsdkluWuZoqGGyCEuLtoHynYDCJr1Qr2C9X6ykZPnJpDWpoU7w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B39F5FA9755D46A8BF0E17FB576FB47D&google_push=AXcoOmSPjEltOqoUL-b5UnH3jkpYXHddLLV3OkNAZjVad8ArhEdfwsdkluWuZoqGGyCEuLtoHynYDCJr1Qr2C9X...

170 B
232 B

28ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B39F5FA9755D46A8BF0E17FB576FB47D&google_push=AXcoOmSPjEltOqoUL-b5UnH3jkpYXHddLLV3OkNAZjVad8ArhEdfwsdkluWuZoqGGyCEuLtoHynYDCJr1Qr2C9X6ykZPnJpDWpoU7w

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 15:11:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B39F5FA9755D46A8BF0E17FB576FB47D&google_push=AXcoOmSPjEltOqoUL-b5UnH3jkpYXHddLLV3OkNAZjVad8ArhEdfwsdkluWuZoqGGyCEuLtoHynYDCJr1Qr2C9X6ykZPnJpDWpoU7w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 02 Dec 2023 15:11:54 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 19F2 0
174 B 56ms
21ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJAsiFJQwl-Pv0_GLA18EUM&google_cver=1&google_push=AXcoOmQWXuMEXSSoZ9fFbuVIs4ZlCdGnwM0JpD7QcYbnMSFZnHbF0N5xd9YocmXF7zQ0d83fJ-TDt2cdPw3Mb71dzyohRRY6gJmVpA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 19F2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESED0UQ512V0fUG2GbaYwey0E&google_cver=1&google_push=AXcoOmT9J33gkAu6LU2QNhDfIYKenSWeH-zBz_Qp1W73T0N4baAymVPFzTxh0-54-AAzH0EPq7AWpRKUt3c0YQ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODM4NjQxODk3NDE5MzgxOQ%3D%3D&google_push=AXcoOmT9J33gkAu6LU2QNhDfIYKenSWeH-zBz_Qp1W73T0N4baAymVPFzTxh0-54-AAzH0EPq7AWpRKUt3c0YQFi15...

170 B
329 B

29ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODM4NjQxODk3NDE5MzgxOQ%3D%3D&google_push=AXcoOmT9J33gkAu6LU2QNhDfIYKenSWeH-zBz_Qp1W73T0N4baAymVPFzTxh0-54-AAzH0EPq7AWpRKUt3c0YQFi15gSMs880_tooA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODM4NjQxODk3NDE5MzgxOQ%3D%3D&google_push=AXcoOmT9J33gkAu6LU2QNhDfIYKenSWeH-zBz_Qp1W73T0N4baAymVPFzTxh0-54-AAzH0EPq7AWpRKUt3c0YQFi15gSMs880_tooA
Date: Sun, 03 Dec 2023 15:11:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 19F2 43 B
146 B 54ms
14ms Image
image/gif 35.157.73.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBIvdB5GhMO8Q-8v8k3PJn0&google_cver=1&google_push=AXcoOmTPrPfviJrjmSVWHK0oUjG1FaaVmiV1PQ1hLWIcKmhtcY1zAa_uezedak-9lCEfFrCj1FQa_3HhzEksDa842F7yvK_mtjPvig
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.73.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-73-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 19F2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF9aQgbrXkbSiNVB-wmqh-U&google_cver=1&google_push=AXcoOmTXXgECNSbqXBOKpaHg1RgLIRg2GskFANusdKDv0XPD9-zHdTWie7Z2np5tSEHzvcLDSBZ-1wGIz-xK...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTXXgECNSbqXBOKpaHg1RgLIRg2GskFANusdKDv0XPD9-zHdTWie7Z2np5tSEHzvcLDSBZ-1wGIz-xK3JxtS_PGizOLN-pUSw

170 B
232 B

24ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTXXgECNSbqXBOKpaHg1RgLIRg2GskFANusdKDv0XPD9-zHdTWie7Z2np5tSEHzvcLDSBZ-1wGIz-xK3JxtS_PGizOLN-pUSw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTXXgECNSbqXBOKpaHg1RgLIRg2GskFANusdKDv0XPD9-zHdTWie7Z2np5tSEHzvcLDSBZ-1wGIz-xK3JxtS_PGizOLN-pUSw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 19F2 0
130 B 75ms
22ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlrZY9YWTyg6_x7eL4v6KciZGH-N39U1GVJJ5eg1KZYJGnitkDW3lhDPd1tSC3DdWv2qU9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
50ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1199007024312336&bg=!HB-lH1DNAAY3kmNgF5I7ADQBe5WfONdWfwGuj6HxuWh0dbFzcyY2ZqN9GuPYqHAyfGwbxBTvwEnPKqIs8yL_w1dYuoCDAgAAAExSAAAAAmgBBwoAnZClOTZO-829E9HG4omFpnGVkejSmaZHX3FNm_O8wTwvqTxLemNt710Wj5OKl3MGjRPM8z5V3jol_jYgoA5jor3FGDv3FSOLLjizbRCs4iVDoaUfK-OgoGdEhdXakdxmrZpls18XtOwSA60pY7tvDcaaJYYE3AEYcLyuWPhCENmLvKF18yNevQgPf6OT5ZZIAvBkEINBs-X5whmplPuZArCWmFONB-deu_KlB7If22njHi02lo6GS8eCpr9V_iqC_kcBJpWvE82vWbDL2zqdUh65LTK_DWz4BFWmYTB-Iof2dDV7as77wnM-ajEmtVX9tOMw1qGTC5L1zzu-hpxjt-YGU4jZn2De73Kia266znms1Y039Fxn5Sb7VmhPn-6ejNioTugJVQKpl7gVs6F_JzG_OTPe_yp1lfz5h6-oxlZUOeP1oZdihfiSIZLJ8R0JHMxMhA1Tz8Bce4YUyVpaKq12gaswjprCc0qvccHCz7N0sMU372jqhdyBtZOK9XhKCxZ5rMLxkGv-ZX3Ae9dYURxPxe__D_x0-jeGt7L_UKslnmYWDyoYO1xhBGdmPsfGZ0H60jV3S4p9e5pYw2EOnJxUgLJRsnE3Xkm6VlYLd6GUEcBRJg7T_i1lSuDXb7bRJiv62dsqFhyi9bhHroKpps8406Isn-eEacXYZ-MMWg-DDgpOPm96pVHAZNyl7qO0rOES9Vd6DniCrJmLcZiqFNiEp00nc1U6sqgzMIqQf42XZzWNqXqVPmErKRr1kesA51yn-zNHqLnkS9Q_bMmtAuCbzE40W1njVquiPYQzoJqbAfKe_Z6INA8D4glSqP1TBSGJDzDPcfTuAfXwYEP9wyG3CxBTUf2hT2hesqEauYjAVkHT3brTs14UVNWA_2ghHIevt3YAcZWvctvtvqkVJO3vv_2EpF7hJ1dvZs9ZhcNu1n_TFGVOFfolvmRpZmgEpAIDwBFuxjzhR381WGd04qpggrqAFECzb40xy56lE6N2_lVDvPJmsnn0ph1-JG6DYkmD2Uk_h0f1FQP4UiLJg1KmdvcujWJRUP3M85plhsFItwZsbBzGwrGV7vPQxvtv0fAxxrs3-hxsJ9iSYXXAGvXLLmYmCyXmtxpfEuNzk82q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 699D 2 KB
1 KB 43ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWyauQANLr0IFVlBAAXlV0Bj0wgFHrRHLuLmZg&u=%7CiVZY%2F0JVK5hgZszB0azzVa8JnSV136trRT5NjVFzqw4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC8650JqtNWEEg09WZ4vTQSmsaWSKfpBSJy0qTgHij28l4T0U4NMbRKW6bV-BtyMevfIZdQbbfDmsG1_G45NyEcbiPPZD-jr8ycqa0k5gqM057aLZmt-5ue1rdA2cn19fzoAPQiyIhtuKHayPmnouR65FjalfiiIsj9rDlWNiKbuyy08fNDKbuFmYIKMQGD6HJqlOYewVQjiTHfOZUCKNNd4AKKoqT2sFm3Fn21LWL8iA34l1W4WIbePvQ9DQL6QKwgGepjPsCSdrVKj73P8KilOXA8EffcyQLz2sdj52Y1SXTUBkXXR3flg2hkUCrpxnMsKBsUZZROwtf1uWRhlvv52_L4JHviHkpc3K_mMNZzL41uy0pDJQPD0m-45OkOtoxlfxArVewHyJtV0R5fHsDp98sloeR-eFZc4cQs6Wx9e3KevYYHrM1Ha86Isohz7EqDX_-aNhuo6mX_Hi-zfTc11ol2_t3md09uZVnXq40DBEG5TB32LhAZwFtPmj94Uix-aMQB1JbtVvzsd4nAQn5BfO44A-LlDOfYFm_mEpRwb8B6wN_05E0x5Xo1i6sJ8ZAi9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9-5cuZpsZb3dNMGy1fAP18qXoAzJntKxXKX8k_dwwI23ARABIABglfKLgpgHggEXY2EtcHViLTIyNzEyODcwNTk2NDU4MTnIAQmpAocWcjmKQrI-qAMByAMCqgT6AU_QEQVfd9PoeWzR1Xt48vIu1QhjGPWVprsUBhjsJL33DAtwoz3AW5w2tv_lo1jlOANBzyHZYXjnOjVds-55E5tnV7cZe8CV8DkiryaEeIYAt2oZLe29FHJ6G5JObr23IEpxkKNoziTwq3X8-ZsGOMGanGbCCSUbI0-lPBpGnVUGzHE2djU4TgWvfa8iRzq0RIALNmSY0p563UVYbzuX0_7Rts9lrUBtXpFhZV_pjaX7J6IoOWAvFPNF-EsfB80Bb3D_NdeNwXd2Wf0-SVjNlt9nWqc4cDenC_ekuvlLHIClaazlVJQf_OctTFhAr2Y6QLb2rxJpuwYUjoaABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlik67nfxvOCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1PuG6CquvWd7mUvioqYxiDvDxIKA%26client%3Dca-pub-2271287059645819%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 15:11:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 699D 2 KB
1 KB 44ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 15:11:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 699D 308 B
637 B 37ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Nov 2024 15:11:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 699D 293 B
621 B 39ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Nov 2024 15:11:54 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 699D 43 B
348 B 60ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=E50dpt6CE6D-1zVCyUDLT1rTLHRZR0Z6iiwnohS8GdEE9tyjr8eu4RglgpDRjb4T27NFTJL5fKe47K_hmvF9QD0DZzt52f7jFP4v0_Z92gBpRAALfsPLdyEZwj71MARMKVmcdrrYlhpiAqrlSLxwwDIEygG32GdQT9l2zT9AP6nhwtn7bM3wAsKfOIOFZqyqzt1LlT58lCiz0sjhLmt4EDrJaVSotYZoVYjWVO8mjxly73aISedhMIlnxJDZ9OwFgDqPnqP0uy0F7WchVQvyyH-pzNBf1h4DUX48_PkSHW_Ft-714RZW3pq0yYBliWC0IxQ5YnyYZ1SalYNyfRAcMf5yyiyhhnRNsqoSP40qGSzgioBLoGW4J8Uju_GIZibi8N2ZEoEvoPGIy6RoVnrrk6SbY2x9eVD2CB_Esj9eiDfgFNmCfbF3b63wEXEHUr46WWOZ1A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 15:11:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1626703
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 699D 12 KB
6 KB 39ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 15:11:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 699D 54 KB
54 KB 64ms
29ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Sun, 03 Nov 2024 06:07:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 699D 10 KB
11 KB 51ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F4123_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=EMf7Q7icODySE6pGeqSq5Vg9&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

68af3635b0864e3ca5567570ace0d6bbd54e363290e31f5ad4d821b8ad1ebb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 10566
expires: Mon, 04 Dec 2023 21:55:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 699D 0
128 B 45ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=GpDe0O6a-pEFOcgck_1vYxl5bsAplBDjjSX-vsYXaJbUbZAzVIlJMNSd5_m7w3vKn-P-Lyegh6fnumyudKtwD5c6KPeLj5tsCRjKBHBTPWXWxzy5eXfJDhSUUspim72VaOi4rtYm8yEVNKe6sDfr-GB4DuZEN-CDWCc-5cMgjpzJ4x5rmlW-q3OYit6bQ92kCbQzHZIBDi8Fu5wQAfthHXfXpkhJy_ieMd_pST36FNxNRxVNpXcqhJCAF1I5s6W-Tl9y2Q&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 15:11:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 699D 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 15:11:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 699D 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Nov 2024 15:11:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BEA 0
19 B 70ms
70ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBMi_uZpsZb3dNMGy1fAP18qXoAzJntKxXKX8k_dwwI23ARABIABglfKLgpgHggEXY2EtcHViLTIyNzEyODcwNTk2NDU4MTnIAQmpAocWcjmKQrI-qAMByAMCqgT3AU_QEQVfd9PoeWzR1Xt48vIu1QhjGPWVprsUBhjsJL33DAtwoz3AW5w2tv_lo1jlOANBzyHZYXjnOjVds-55E5tnV7cZe8CV8DkiryaEeIYAt2oZLe29FHJ6G5JObr23IEpxkKNoziTwq3X8-ZsGOMGanGbCCSUbI0-lPBpGnVUGzHE2djU4TgWvfa8iRzq0RIALNmSY0p563UVYbzuX0_7Rts9lrUBtXpFhZV_pjaX7J6IoOWAvFPNF-EsfB80Bb3D_NdeNwXd2Wf0-SVjNlt9nGKUZ4rc028oCat6RkKBMzaLCXiIV0v-v-JB9CZSFXpruN9j9m--ABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlik67nfxvOCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjcxMjg3MDU5NjQ1ODE5GAA&sigh=ewcBRm0EFIA&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNqXCap2dQwIRL9vl_ueGgaIaPAiSVzIkIYFrkajIXAAhPcxvRMcaKObb4besU2eGnFBfdcdhqGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 15:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 6BEA 0
126 B 61ms
23ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMz6RLAJmAKdg2ICAgAAABcBvshSx4iPNuLbYncxUT0QuZpsZfa6Ao4_0SkCsN0AABIAAAoKQVFVQkR3RUJEdw&wp=ZWyauQANLr0IFVlBAAXlV0Bj0wgFHrRHLuLmZg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 15:11:53 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 185345
server: Kestrel
content-length: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
289 B 97ms
97ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://iqqoz.com/post-2293.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://iqqoz.com
Date: Sun, 03 Dec 2023 15:11:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 2185ms
291ms Image
text/plain 103.235.47.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://iqqoz.com/post-2293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.47.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 15:11:56 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 299ms
299ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=349640895&si=e0fdfb13b380d11ac20161f7e53038da&v=1.3.0&lv=1&sn=40&r=0&ww=1600&u=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&tt=%E5%9C%A8Proxmox%20VE%E4%B8%8A%E8%BF%90%E8%A1%8COpenWrt%2FLEDE%E8%99%9A%E6%8B%9F%E6%9C%BA%E2%80%94%E2%80%945.PVE%E7%9A%84%E7%BD%91%E7%BB%9C%E8%AE%BE%E7%BD%AE(3)CLI%E9%85%8D%E7%BD%AE%E7%BD%91%E7%BB%9C%20-%20%E7%88%B1%E5%88%B7%E6%9C%BA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 03 Dec 2023 15:11:54 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
509 B 1207ms
443ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js?id=JXitKTm4TnXfy4BI&ck=JXitKTm4TnXfy4BI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqqoz.com/post-2293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://iqqoz.com
Date: Sun, 03 Dec 2023 15:11:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 699D 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 03 Dec 2023 15:11:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
289 B 132ms
131ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://iqqoz.com/post-2293.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://iqqoz.com
Date: Sun, 03 Dec 2023 15:11:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iqqoz.com/	1970-01-21 02:16:16	Name: _ga Value: GA1.1.782452427.1701616313
www.clarity.ms/	1970-01-21 01:25:52	Name: CLID Value: 25b689d8bcfa42ab90b6f4f0b52ec48e.20231203.20241202
.iqqoz.com/	1970-01-21 01:25:52	Name: _clck Value: 16goh7d%7C2%7Cfh8%7C0%7C1432
.bing.com/	1970-01-21 02:01:52	Name: MUID Value: 293A7EB1E2E666B71F546D6DE36D6720
.c.bing.com/	1970-01-20 16:50:21	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:01:52	Name: SRM_B Value: 293A7EB1E2E666B71F546D6DE36D6720
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:01:52	Name: MUID Value: 293A7EB1E2E666B71F546D6DE36D6720
.c.clarity.ms/	1970-01-20 16:50:21	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:40:16	Name: ANONCHK Value: 0
.iqqoz.com/	1970-01-20 16:41:42	Name: _clsk Value: 17rzfor%7C1701616313734%7C1%7C1%7Cr.clarity.ms%2Fcollect
.iqqoz.com/	1970-01-21 02:01:52	Name: __gads Value: ID=7d41e21773075fc0:T=1701616313:RT=1701616313:S=ALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg
.iqqoz.com/	1970-01-21 02:01:52	Name: __gpi Value: UID=00000ce290a68185:T=1701616313:RT=1701616313:S=ALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA
.iqqoz.com/	1970-01-21 02:16:16	Name: _ga_P14GH8VMS1 Value: GS1.1.1701616312.1.0.1701616314.58.0.0
.adfarm1.adition.com/	1970-01-20 18:49:52	Name: UserID1 Value: 7308386418974193819
.blismedia.com/	1970-01-21 01:25:56	Name: b Value: 656C9ABA375FCC0DCDF90FF6BLIS
.quantserve.com/	1970-01-20 18:49:52	Name: d Value: EHsBCQHJKoEA
.quantserve.com/	1970-01-21 02:10:30	Name: mc Value: 656c9aba-21d26-ba3c8-082d2
.simpli.fi/	1970-01-21 01:27:18	Name: suid Value: B39F5FA9755D46A8BF0E17FB576FB47D
.doubleclick.net/	1970-01-21 02:01:52	Name: IDE Value: AHWqTUk6JRX3LHL3AjcgYgcmcIS93DYycByb4rBXqNLpHwGMToyO5oEqZbT7fivGptk
.hm.baidu.com/	1970-01-21 02:16:16	Name: HMACCOUNT_BFESS Value: 83ED6F6237360B6C
.iqqoz.com/	1970-01-21 01:25:52	Name: Hm_lvt_e0fdfb13b380d11ac20161f7e53038da Value: 1701616315
.iqqoz.com/	1969-12-31 23:59:59	Name: Hm_lpvt_e0fdfb13b380d11ac20161f7e53038da Value: 1701616315
iqqoz.com/	1969-12-31 23:59:59	Name: __vtins__JXitKTm4TnXfy4BI Value: %7B%22sid%22%3A%20%22a6ec7d26-2d59-5c3e-b469-90df6bfa65dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201701618115542%2C%20%22ct%22%3A%201701616315542%7D
iqqoz.com/	1970-01-21 02:16:16	Name: __51uvsct__JXitKTm4TnXfy4BI Value: 1
iqqoz.com/	1970-01-21 02:16:16	Name: __51vcke__JXitKTm4TnXfy4BI Value: 0d2174a2-ca35-5437-976b-1cd53dd34f97
iqqoz.com/	1970-01-21 02:16:16	Name: __51vuft__JXitKTm4TnXfy4BI Value: 1701616315544

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://iqqoz.com/zb_users/plugin/ly_tk/main.php?plugin=ly_tk&iid=&num=2&page=1&kid=2&tag=lede&callback=jQuery1113008364035312926821_1701616310749&_=1701616310750 Message: Failed to load resource: the server responded with a status of 500 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2271287059645819&output=html&h=280&adk=1213588912&adf=3588316316&pi=t.aa~a.4189411786~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701610724&rafmt=1&to=qs&pwprc=4504194161&format=1200x280&url=https%3A%2F%2Fiqqoz.com%2Fpost-2293.html%23gsc.tab%3D0&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701616313797&bpp=1&bdt=5028&idt=1&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7d41e21773075fc0%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MbTGWKbEr4ePDr8ERsVZwuw6pplxg&gpic=UID%3D00000ce290a68185%3AT%3D1701616313%3ART%3D1701616313%3AS%3DALNI_MYiZatYqQKrzXRfdNpORQ_LLSVbjA&prev_fmts=0x0%2C862x280%2C1200x280&nras=3&correlator=3038317008569&frm=20&pv=1&ga_vid=782452427.1701616313&ga_sid=1701616313&ga_hid=1134654523&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4763&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C31078301%2C44807753%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1199007024312336&tmod=1200930823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=34 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
c.bing.com
c.clarity.ms
cat.nl3.eu.criteo.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
collect-v6.51.la
cse.google.com
csm.eu.criteo.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
googleads.g.doubleclick.net
hm.baidu.com
imageproxy.eu.criteo.net
img.alicdn.com
img.iqqoz.com
iqqoz.com
lf1-cdn-tos.bytegoofy.com
onetag-sys.com
pagead2.googlesyndication.com
r.clarity.ms
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s.ssl.qhres2.com
sdk.51.la
sp0.baidu.com
static.criteo.net
static.hdslb.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.clarity.ms
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
zhanzhang.toutiao.com
zz.bdstatic.com
103.235.46.191
103.235.47.103
142.250.184.226
163.181.56.211
163.181.92.173
163.181.92.235
178.250.1.6
20.119.174.243
2001:4860:4802:34::36
203.107.86.226
2407:c080:801:fffe::7c47:a6f7
240e:97d:10:1401::40f
2600:9000:2251:4e00:12:30a1:de00:93a1
2602:ffe4:c49:0:3::3fa
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2004
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:fa8:8806:13::1400
34.96.105.8
35.157.73.176
35.204.158.49
51.89.9.252
58.254.150.48
68.219.88.97
85.114.159.118
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096f9fd8c6e707061c2c1da7fdbe8fa73a34ce7f747ee7e5f8926219d45d6139
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c35639bcbe2abe910b0bedda1980644e431abd0b9402564a963177fb6c280fe
0cf3dd4e1420d38d880cfbe3b2e8abf130d7069dae63becec8fc086f4138680c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1d87abcfa7638f6c0b34dc51b69b4731c35b341ff6e92b709ed6ea329e61bd82
1ec59ccacc048f94587b1f323f5d01f22ab57a9cc98def37f91c9077b029dcfe
21975f42f0732dfb49b91dd0dacc09bb26840346e29f4961393208d43fa068a7
313867b9f27bb0c6f6a653ec4e2a3187a11d7592c7befdf00a93fb00240f09d0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
32fbd2a37f4262eb49f1b557c3c17033edfcc05b5b01222cd19fd95a8c83d1d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc9711c4019c602a56f33aafaacde6f9eff5a63b076cafd8e1a00c5a5cf74e8
5209bceab7c6a6f542796c38a2ca5e35cb7b077bee1a08d003e474e72a858e75
5234a8092a40dd5e098e6d954df502e7106cc1d4d5d6e002d4cddf9fc2eecf60
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56011249c163dbbbabef32061fbfa140d9275b8c9ca92ee47b504216a243b86d
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
5f23ffd1ae80fab239f3579e6622a845f7d5f13a50f37155c674ff440fc72094
608a3a1b98c1ffce1fcb3058ec7f5b7487045ce6f82b14d863f98444e849db97
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c1b947b039cb1409396b2d9100cdeb0c02a67ae1ee419bf5496062a5d888b
63baa2b3496ee30df8314d004c0f0dab0dfb3748f1dd42ee0b16a54e075e27f8
6599b2bd89bf3b548b169273adaf41f13480f8229d1f03adfac91e2bffce7156
68af3635b0864e3ca5567570ace0d6bbd54e363290e31f5ad4d821b8ad1ebb41
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54
80c91178161b842bbae800265678cf56ba0cd14a11b3fc58418de0e63667bd8a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fe95955a57b68b2ca6b5fc3f50ebca2eceab8f4dfec8164a04c2c27eb60236b
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
942f7a8adb5f01866d59ddba97c6d4a6c015f47674d7e8dcf7668eaf71bbdd1c
9687d5d352ecccb81e2f3bd8cd7d3315063ac4e89d17033cc486689df7e72a25
97482892d1bfe1a6bf2ff37ea3fecb130f466d9c059e341b1df696a89fc8339d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a92e1979c4a78659b4176239525d614ea8036a4e4d2b5858a721666781ff0480
ae5bc2af0608634a48b38271e70f698f6234793a41b2d8c00ef540fd8687c794
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b440ecbf3faa20148fa0fc61c400a9a016cc788f7c186c13abde1b5e7291c00f
b9102e884eb1d49c328fbaa4b130e043a74a8749e573a4b6c68aa875f2e5e9e8
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
cdaed92050b2779a8142ad58c74fe301730d852c168a8614a0e3045d5f98d415
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc9bae9d73d7705a0cd590d8cea186205ca5a50161ff9e7da53749e864d238f2
e260f7bf27b297a1d3047abad69b757e87d9d85769f33a49b5a80e8e6e196310
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75d9252582697a1b7a8cab4307bf877c4749655ccf731c148c44c3b519108b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a7008f85f9afd06344e5e63a5a8347a536b76d95344f700917f966bf7811d0
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9a478064ed1e9e6f12ce523b5a1cff13e74d62771f9b7e804f394ae912cdce5

iqqoz.com Open in urlscan Pro 2407:c080:801:fffe::7c47:a6f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

96 %HTTPS

60 %IPv6

26 Domains

41 Subdomains

37 IPs

10 Countries

1002 kBTransfer

2505 kBSize

27 Cookies

7 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

iqqoz.com Open in urlscan Pro
2407:c080:801:fffe::7c47:a6f7 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

96 %
HTTPS

60 %
IPv6

26
Domains

41
Subdomains

37
IPs

10
Countries

1002 kB
Transfer

2505 kB
Size

27
Cookies

89 HTTP transactions
2 data transactions