91btdh.net Open in urlscan Pro
45.78.28.107  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

• https://cililian.cc/static/favicon.ico HTTP 302
• https://www.cll45.top/

Request Chain 113

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&google_cver=1&google_push=AaAOQGHpWxRiRIF5v5dqRjd3sCtcCcXJCfdXu21eRY7ru9Jl465RtsG4_xcQbXuZ58nRIh3xyQjdw7rBhCI9XaBF2yu_cXNi5aFA HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&google_cver=1&google_push=AaAOQGHpWxRiRIF5v5dqRjd3sCtcCcXJCfdXu21eRY7ru9Jl465RtsG4_xcQbXuZ58nRIh3xyQjdw7rBhCI9XaBF2yu_cXNi5aFA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWFZbzlUU3MxUW01aE81&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&google_cver=1&google_push=AaAOQGHpWxRiRIF5v5dqRjd3sCtcCcXJCfdXu21eRY7ru9Jl465RtsG4_xcQbXuZ58nRIh3xyQjdw7rBhCI9XaBF2yu_cXNi5aFA

Request Chain 114

• https://um.simpli.fi/gp_match?google_gid=CAESEMV6fF3iepW60r0qX1RmGgo&google_cver=1&google_push=AaAOQGFRLcWHlaGXtbBGgTQKVtNayeRnOnoQ6F9PeEpsmNW1LTYwCLKeiVh866K1_e7hHe4imgxotWr25Z0XJJx7mwtAUwtLCrQA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9262D77EB4A041FE8EB75622F4DAFC29&google_push=AaAOQGFRLcWHlaGXtbBGgTQKVtNayeRnOnoQ6F9PeEpsmNW1LTYwCLKeiVh866K1_e7hHe4imgxotWr25Z0XJJx7mwtAUwtLCrQA

Request Chain 115

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAz62tN6HY5Qe5K1iN9Hjsw&google_cver=1&google_push=AaAOQGGXfAR0Jk7mDCKi8rLaKBrf0PhaJCGDLhm_Kg210kCa8SKylYz0ifMkJXLbm0DeU0vWfweQ23JE0JPg_H4cvo_GiMnm0VKzVg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGXfAR0Jk7mDCKi8rLaKBrf0PhaJCGDLhm_Kg210kCa8SKylYz0ifMkJXLbm0DeU0vWfweQ23JE0JPg_H4cvo_GiMnm0VKzVg&google_hm=cbvjt00RSvqVG_jt8TKV9mk

Request Chain 116

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEED9UFuRfdtRhUVd6BGR9tQ&google_cver=1&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tkfPNM5G9SXAzFLUkA HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEED9UFuRfdtRhUVd6BGR9tQ&google_cver=1&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tkfPNM5G9SXAzFLUkA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tkfPNM5G9SXAzFLUkA&google_hm=hINW1acfRqmuP2V7dUJoQQ==

Request Chain 117

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKF4q_e5-PNp1GHFI0x28Sw&google_cver=1&google_push=AaAOQGEx5eUcq2hDzDjXZDolJWXkRwVD0sYIFvDW2j_E0oVNahoB86t0unGXdUiKm5XIcqGZZfJp2yMRzoE6oML7fpJbDhxGX-cljg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEx5eUcq2hDzDjXZDolJWXkRwVD0sYIFvDW2j_E0oVNahoB86t0unGXdUiKm5XIcqGZZfJp2yMRzoE6oML7fpJbDhxGX-cljg&google_hm=eS1vQVV4NmdoRTJwRkNMMlE4b0JCUXVYeTBWeEc0dkl1YX5B

Request Chain 118

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECWfRg_iKJy87FmhQVL4yes&google_cver=1&google_push=AaAOQGFfyHnbzyT2zE549BWqU04gM5MKmMC2N06t3q3Oa6RnqkkS31Qy5X5JKSLZvtGliv_tDtE6ecrVd828WIAv4OuVv4g03xqXK2c HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFfyHnbzyT2zE549BWqU04gM5MKmMC2N06t3q3Oa6RnqkkS31Qy5X5JKSLZvtGliv_tDtE6ecrVd828WIAv4OuVv4g03xqXK2c HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 124

• https://gcdn.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6C59210A01D6794C989E3D97C9EAA11452338FEB.25F6B30304AF4DDFCBD0DDA1A42840093CF9A6D5/key/ck2/file/file.mp4 HTTP 302
• https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F543221715C98F5AB2107EE1DB656F117E7CDCC.6FE0C4577C028DC87B8A821C65BBFFC43A26724E/key/cms1/cms_redirect/yes/mh/94/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1689763777/mv/u/mvi/3/pl/36/file/file.mp4

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 1436.html Show response 91btdh.net/post/	22 KB 7 KB	872ms 396ms	Document text/html	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 46039da9920a4b481fb96109901f58bfc18d90a891201d79e5ab8b9bffa38e36 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Wed, 19 Jul 2023 11:24:00 GMT product Z-BlogPHP 1.7.3 server nginx strict-transport-security max-age=31536000 upgrade-insecure-requests 1 vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	index.css 91btdh.net/zb_users/theme/hnysweb/style/	18 KB 5 KB	250ms 248ms	Stylesheet text/css	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/theme/hnysweb/style/index.css Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 636a4b9ab4134ae5ea58eecba3ac696badd23fe2167754cc64a68077aefae6db Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 12 Jul 2023 03:27:40 GMT server nginx etag W/"64ae1dac-476f" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	jquery-2.2.4.min.js Show response 91btdh.net/zb_system/script/	84 KB 33 KB	347ms 345ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_system/script/jquery-2.2.4.min.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Fri, 17 Jun 2016 06:54:42 GMT server nginx etag W/"57639eb2-14e4e" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	zblogphp.js Show response 91btdh.net/zb_system/script/	7 KB 3 KB	514ms 512ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_system/script/zblogphp.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 11b10a45b9fc3622b9a8eaf5181e0bd403af74ecfbbc9541cdce396a8e47b332 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 18 Jun 2020 03:57:21 GMT server nginx etag W/"5eeae621-1c24" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	c_html_js_add.php Show response 91btdh.net/zb_system/script/	5 KB 2 KB	611ms 609ms	Script application/x-javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_system/script/c_html_js_add.php Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 503f0afbc6557551cffd934b4c884271aab3b05b17f40a5c35bd00d67d5b3405 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx product Z-BlogPHP 1.7.3 etag W/3a8c33663d02960b11cb1c75f84c9093 vary Accept-Encoding content-type application/x-javascript; charset=utf-8
GET H2	200	hnysnet.js Show response 91btdh.net/zb_users/theme/hnysweb/style/js/	2 KB 815 B	514ms 513ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/theme/hnysweb/style/js/hnysnet.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 3a01e0fd7cf735ce0a4b57d61d08df036565f99024974c9bbef382117ee10fb1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 12 Jul 2023 03:27:40 GMT server nginx etag W/"64ae1dac-66c" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	UmMsg.css 91btdh.net/zb_users/plugin/UmMsg/	5 KB 2 KB	250ms 249ms	Stylesheet text/css	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/UmMsg/UmMsg.css Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash f3616e813005d51c4d3a561c7382f296f5182dea596cb3a9db13839f4d774fc0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 13 Nov 2022 03:48:24 GMT server nginx etag W/"63706908-1456" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	wind.js Show response 91btdh.net/zb_users/plugin/dayuser/style/js/	43 KB 13 KB	599ms 597ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/dayuser/style/js/wind.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash dec4ccafea60ce10efe719da1ebe8f8825a11d1c9a72317424d6a2f88eb478b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 12 Apr 2023 08:35:23 GMT server nginx etag W/"64366d4b-aa27" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	txcstx.css 91btdh.net/zb_users/plugin/txtop/style/	1 KB 731 B	257ms 256ms	Stylesheet text/css	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/txtop/style/txcstx.css Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 703ed94178bfef4379d20f188be41f22f7e60ad056712a48bceb09ddfd300d3f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 23 Sep 2021 13:34:54 GMT server nginx etag W/"614c827e-487" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	jquery.reveal.js Show response 91btdh.net/zb_users/plugin/XF_DS/js/	882 B 1 KB	599ms 598ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/XF_DS/js/jquery.reveal.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash e0dcf3d2edba66d4b545d6ea09060e146cad204d22d03963df6fa3de6ace6789 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 last-modified Wed, 01 Jan 2020 14:25:11 GMT server nginx etag "5e0cabc7-372" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 882 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	iconfont.css 91btdh.net/zb_users/plugin/XF_DS/css/	4 KB 2 KB	258ms 257ms	Stylesheet text/css	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.css Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash ca89a0afdacaf559e706d55a723dc9252786928a758aa74fdea86588a0f5805c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 01 Jan 2020 14:25:11 GMT server nginx etag W/"5e0cabc7-1007" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	202110051633399963299418.png 91btdh.net/zb_users/upload/2021/10/	7 KB 7 KB	278ms 276ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/upload/2021/10/202110051633399963299418.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash f31f559dba6373fd722481e3e854d72026344666ff279b64028b0b3504baec7c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Tue, 05 Oct 2021 02:12:43 GMT server nginx etag "615bb49b-1c15" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 7189 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	200	202305061683309168285273.jpeg 91btdh.net/zb_users/upload/2023/05/	191 KB 192 KB	316ms 314ms	Image image/jpeg	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/upload/2023/05/202305061683309168285273.jpeg Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 35eec3a9eb6cb92e34f484b76f631bf2f2956f7fcf4d2bca914c0628c0cf9abb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Fri, 05 May 2023 17:52:48 GMT server nginx etag "64554270-2fcd9" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 195801 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	225ms 93ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3488987404829368 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e9b7587e7617795e9c06ca5d69d199027223a3511e8efab513d2bd6277e82e75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91btdh.net/ Origin https://91btdh.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50569 x-xss-protection 0 server cafe etag 17540821519412405910 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Wed, 19 Jul 2023 11:24:01 GMT
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 13 KB	577ms 99ms	Script application/javascript	47.246.46.206 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.46.206 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Sat, 08 Jul 2023 16:07:26 GMT via cache15.l2de2[864,352,304-0,C], cache2.l2de2[353,0], cache1.it2[0,0,200-0,H], cache5.it2[5,0] content-encoding gzip x-oss-request-id 64A989BE2612B03038434929 content-md5 JLtSDpUX8u0+2Ye0aur3Iw== age 933395 x-swift-cachetime 1296000 x-cache HIT TCP_MEM_HIT dirn:11:427564009 x-oss-cdn-auth success x-swift-savetime Sat, 08 Jul 2023 16:07:26 GMT content-length 12846 x-oss-object-type Normal last-modified Thu, 08 Jun 2023 02:24:34 GMT server Tengine etag "24BB520E9517F2ED3ED987B46AEAF723" vary Accept-Encoding ali-swift-global-savetime 1688832446 content-type application/javascript access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 5143829838470429443 eagleid 2ff62e9916897658413843335e x-oss-server-time 3
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	278ms 146ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 51088477062d713add706a5d6f39112416e23bc3b1bbbaa2ead4b12708d03ef6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50645 x-xss-protection 0 server cafe etag 3480440375303434686 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Wed, 19 Jul 2023 11:24:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	227 KB 80 KB	207ms 75ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-63XQHXHW69 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3979eeb8676bc76ad7dbb59c3eaf0e6aa595844149d0bf16456bf785a2daedf4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81373 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 19 Jul 2023 11:24:01 GMT
GET H2	200	js-sdk-perf.min.js Show response sdk.51.la/perf/	34 KB 12 KB	559ms 93ms	Script application/javascript	47.246.46.206 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/perf/js-sdk-perf.min.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.46.206 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash d3016ff54f8e4330e2206e805401c5db32091aff1ec4fe4663e7436cd262423e Request headers Referer https://91btdh.net/ Origin https://91btdh.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Sat, 08 Jul 2023 13:38:39 GMT via cache19.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache6.it2[0,0,200-0,H], cache6.it2[1,0] content-encoding gzip x-oss-request-id 64A966DFEAA5E2343280E580 content-md5 s8NHADlMxkRP2CI+TvPilQ== age 942322 x-swift-cachetime 1295926 x-cache HIT TCP_MEM_HIT dirn:11:167368736 x-oss-cdn-auth success x-swift-savetime Sat, 08 Jul 2023 13:39:53 GMT content-length 11317 x-oss-object-type Normal last-modified Thu, 08 Jun 2023 02:25:02 GMT server Tengine etag "B3C34700394CC6444FD8223E4EF3E295" vary Accept-Encoding ali-swift-global-savetime 1688823519 content-type application/javascript access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 17785010825271957679 eagleid 2ff62e9a16897658413765615e x-oss-server-time 7
GET H2	200	jquery.lazyload.js Show response 91btdh.net/zb_users/theme/hnysweb/style/js/	9 KB 3 KB	224ms 222ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.3 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 93f992927d16d7f6437ff50f0a6ee05f0e4bd82e8b869af4463b6d3462ca419c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 12 Jul 2023 03:27:40 GMT server nginx etag W/"64ae1dac-2360" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:01 GMT
GET H2	200	sf_praise_sdk.js Show response 91btdh.net/zb_users/plugin/sf_praise_sdk/js/	1 KB 831 B	224ms 222ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 1348987fdcb6628f4a30123640d18f3b7b97fc5bd43a6ab44f63a21d5e311cfb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 01 Jan 2020 14:24:18 GMT server nginx etag W/"5e0cab92-58c" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:01 GMT
GET H2	200	UmMsg.js Show response 91btdh.net/zb_users/plugin/UmMsg/js/	12 KB 5 KB	229ms 227ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/UmMsg/js/UmMsg.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash ea907043013b1dce2c9390c92b206e6904e1cff946e7d73f99563b06ca3d1afd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 13 Nov 2022 03:48:24 GMT server nginx etag W/"63706908-3059" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:01 GMT
GET H2	200	frontend.js Show response 91btdh.net/zb_users/plugin/dayuser/style/js/	52 KB 10 KB	254ms 252ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/dayuser/style/js/frontend.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 32274fb3c8cf12d5190af36fd6916f70759725aefe1b17e1d3bfbd7fcd21362d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 12 Apr 2023 08:35:23 GMT server nginx etag W/"64366d4b-d165" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:01 GMT
GET H2	200	txtop.js Show response 91btdh.net/zb_users/plugin/txtop/js/	814 B 1 KB	259ms 257ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/txtop/js/txtop.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 128e52d620b090749bdcfc157c016180684de8fb17f7461df611995ee8f3c9cf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Thu, 23 Sep 2021 13:34:54 GMT server nginx etag "614c827e-32e" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 814 expires Wed, 19 Jul 2023 23:24:01 GMT
GET H2	200	zfb.png 91btdh.net/zb_users/plugin/XF_DS/image/	913 KB 914 KB	682ms 681ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/plugin/XF_DS/image/zfb.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash fb5b95d1087863ca1701ce991a39f8b153e11592200fcea4322a1efa78831223 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Thu, 17 Jun 2021 07:56:36 GMT server nginx etag "60cb0034-e441c" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 934940 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	200	wx.png 91btdh.net/zb_users/plugin/XF_DS/image/	492 KB 492 KB	682ms 681ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/plugin/XF_DS/image/wx.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash be870166bacd8cb5ec99117f9c99201590530b16dbc57a1ba5cbcdc0e41a0565 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Thu, 17 Jun 2021 07:53:28 GMT server nginx etag "60caff78-7aef3" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 503539 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	200	prism.js Show response 91btdh.net/zb_users/plugin/UEditor/third-party/prism/	60 KB 25 KB	258ms 258ms	Script application/javascript	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/UEditor/third-party/prism/prism.js Requested by Host: 91btdh.net URL: https://91btdh.net/zb_system/script/c_html_js_add.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 5867cef615756cb75b523c11e29d88f770ddb40fd51bc39cd60e3ba86d004fdc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 18 Sep 2022 02:40:53 GMT server nginx etag W/"63268535-eecb" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	prism.css 91btdh.net/zb_users/plugin/UEditor/third-party/prism/	4 KB 2 KB	276ms 276ms	Stylesheet text/css	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/UEditor/third-party/prism/prism.css Requested by Host: 91btdh.net URL: https://91btdh.net/zb_system/script/c_html_js_add.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash e82e0b58f5c11f55f08603ea35e2aa7612d4e5986e5cb6bc2d4c53e3c1c9c149 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:00 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sun, 18 Sep 2022 02:40:53 GMT server nginx etag W/"63268535-1039" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Wed, 19 Jul 2023 23:24:00 GMT
GET H2	200	iconfont.woff 91btdh.net/zb_users/plugin/XF_DS/css/	3 KB 4 KB	679ms 679ms	Font font/woff	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.woff?t=1459669414 Requested by Host: 91btdh.net URL: https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 2f6a160e17a315d3486a25ffea950ae347d095fef179b0632c63dc6f65136c9b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://91btdh.net/zb_users/plugin/XF_DS/css/iconfont.css Origin https://91btdh.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Wed, 01 Jan 2020 14:25:11 GMT server nginx etag "5e0cabc7-d78" content-type font/woff accept-ranges bytes content-length 3448
POST H/1.1	403	collect Show response collect-v6.51.la/v6/	0 510 B	994ms 355ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Access-Control-Allow-Origin https://91btdh.net Date Wed, 19 Jul 2023 11:24:02 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1472ms 377ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?cc89cb642da27ec01f796f483d41558b Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 757ae15b52887da0ff647d76133c6cdad0b05e8d71e271cadd2ab985a321f97d Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Date Wed, 19 Jul 2023 11:24:02 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 23a387829dc327e3f1adb3a011427127 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11258
POST H/1.1	403	collect Show response collect-v6.51.la/v6/	0 510 B	1059ms 312ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Access-Control-Allow-Origin https://91btdh.net Date Wed, 19 Jul 2023 11:24:02 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H/1.1	200	collect Show response collect-v6.51.la/v6/	0 510 B	1466ms 493ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Access-Control-Allow-Origin https://91btdh.net Date Wed, 19 Jul 2023 11:24:02 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET		share.js bdimg.share.baidu.com/static/api/js/	0 0
GET H2	200	top.png 91btdh.net/zb_users/plugin/txtop/img/	2 KB 3 KB	610ms 610ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/plugin/txtop/img/top.png Requested by Host: 91btdh.net URL: https://91btdh.net/zb_users/plugin/txtop/style/txcstx.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 06717e5b34d53990e28deb7097b3d7fcc063ee780a6ce31675745dd4820de81a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/zb_users/plugin/txtop/style/txcstx.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Thu, 23 Sep 2021 13:34:54 GMT server nginx etag "614c827e-989" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2441 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	200	load.gif 91btdh.net/zb_users/theme/hnysweb/style/images/	19 KB 19 KB	605ms 605ms	Image image/gif	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/theme/hnysweb/style/images/load.gif Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash fbcfb01b43c06622da482bb5ca2590d49e2b8e3da9555dc7d2703010e8d8ac26 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Wed, 12 Jul 2023 03:27:40 GMT server nginx etag "64ae1dac-4ba3" content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 19363 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	200	get.php 91btdh.net/zb_users/theme/hnysweb/functions/	1 KB 1 KB	606ms 604ms	Image image/x-icon	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://199234.xyz/ Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash daebb3d5a30c97e41864788d8514c6a9ea60ad6dd771148c98ebc99b31d343dd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 server nginx content-type image/x-icon
GET H2	200	favicon.ico www.sokk9.one/assets/bc51d864/images/	4 KB 2 KB	248ms 136ms	Image image/x-icon	2606:4700:3032::6815:3d25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.sokk9.one/assets/bc51d864/images/favicon.ico Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3d25 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 678c79c4a4d7ddd075629d31fbe0d93512f60c35a33eae5a7d47c8bfbe5a82d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status REVALIDATED last-modified Tue, 15 Mar 2022 20:03:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6230f104-10be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chWF7rkGMoR0rGCqPEJL9sVheAzSfH9pDuD6qUCSLwmfAK0h3TPONOi%2FTN5M9iDG%2BDbPg47ojmIOGvjJ99s7sWCqDoKxN1qSMLQ9bEWPdoK3jG0ddCHhZjQQQRAC6YwFwO7oh%2BG7oczL3f6G"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 7e92987e4eb218d9-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	favicon.ico www.fbobo2.pw/	0 0	1281ms 220ms	Image text/html	2.59.155.28 HDTIDCCLOUD-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://www.fbobo2.pw/favicon.ico Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.59.155.28 , Hong Kong, ASN136038 (HDTIDCCLOUD-AS-AP HDTIDC LIMITED, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers
GET H/1.1	404 Not Found	favicon.ico www.sv20.pw/	0 0	1022ms 222ms	Image text/html	2.59.155.28 HDTIDCCLOUD-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sv20.pw/favicon.ico Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2.59.155.28 , Hong Kong, ASN136038 (HDTIDCCLOUD-AS-AP HDTIDC LIMITED, HK), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers
GET H2	200	get.php 91btdh.net/zb_users/theme/hnysweb/functions/	9 KB 10 KB	606ms 603ms	Image image/x-icon	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://www.cilipa223.shop/ Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 5a19f2390772b3f6380fbf22504b5cbc680dd784f4b780410409c20740931cd3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 server nginx content-type image/x-icon
GET H2	200	get.php 91btdh.net/zb_users/theme/hnysweb/functions/	6 KB 6 KB	606ms 603ms	Image image/x-icon	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://github.com/yuhuage/dizhi/ Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 2ee43237d196100210f1786e7b73b57cd140f6013c072c70dbdffd9e9bc695f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 server nginx content-type image/x-icon
GET H2	200	get.php 91btdh.net/zb_users/theme/hnysweb/functions/	824 B 916 B	606ms 604ms	Image image/x-icon	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://xccl.live/ Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash ea6bc6bd34add18f4c196d80639c15fc7ef30b20743284517d941ad69a5b1758 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 server nginx content-type image/x-icon
GET H2	200	get.php 91btdh.net/zb_users/theme/hnysweb/functions/	492 B 584 B	983ms 981ms	Image image/x-icon	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/theme/hnysweb/functions/get.php?url=https://xn--tfr036ez7d.com/ Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:02 GMT strict-transport-security max-age=31536000 server nginx content-type image/x-icon
GET H2	200	favicon.ico btmulu8.com/assets/1dbbdf40/images/	4 KB 2 KB	390ms 138ms	Image image/x-icon	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://btmulu8.com/assets/1dbbdf40/images/favicon.ico Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 678c79c4a4d7ddd075629d31fbe0d93512f60c35a33eae5a7d47c8bfbe5a82d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status REVALIDATED last-modified Thu, 01 Apr 2021 17:12:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6065fee3-10be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAUUO3rvL0ED2TIy7yovfEZKi6DOL4WvF8GoyazoET%2Bt0VDCS1RmdXQvTEuATr3xqVeJK2XhoYvhxkSgiHsiuSxf85GboNI17vYfXN2I8XiQ9YKKUYPZfwWptgh%2FzPSwaJKZqrp9vra7gg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 7e92987f2c466993-FRA alt-svc h3=":443"; ma=86400
GET H2	200	favicon.ico tellme.pw/app/bts/View/img/	1 KB 1 KB	587ms 269ms	Image image/x-icon	159.253.120.252 ALEXHOST
General Check archive.org Show headers Download Go to Show image Full URL https://tellme.pw/app/bts/View/img/favicon.ico Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.253.120.252 , Moldova, ASN200019 (ALEXHOST, MD), Reverse DNS mdcdn002 Software nginx / Resource Hash 5fae8a8cd4295ebaaf3bf9015a3612d679cc12c15d9911865009c1da597dfb23 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma cache date Wed, 19 Jul 2023 11:24:02 GMT strict-transport-security max-age=31536000; preload last-modified Thu, 31 Oct 2019 01:40:59 GMT server nginx age 0 etag "5dba3bab-47e" x-cache MISS content-type image/x-icon cache-control public, max-age=31536000 accept-ranges bytes content-length 1150 expires Fri, 18 Aug 2023 11:22:31 GMT
GET H2	200	favicon.png cdn.anyshare.icu/img/skrbt/	553 B 857 B	527ms 170ms	Image image/png	64.64.253.246 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.anyshare.icu/img/skrbt/favicon.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 64.64.253.246 Los Angeles, United States, ASN25820 (IT7NET, CA), Reverse DNS 64.64.253.246.16clouds.com Software nginx / Resource Hash db5a7469a044258a1383a9b023447d23b6efbd65806cfbf97480410036c0f417 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT last-modified Wed, 12 Jul 2023 07:34:15 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 553 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	403	favicons www.google.cn/s2/	0 0	10087ms 9980ms	Image text/html	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.cn/s2/favicons?domain=https://btsososo.com/ Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers
GET H2	200	4d6bcefe4a827e9b03d6337dd6f07863-160-160-0.png 91btdh.net/zb_users/cache/thumbs/	16 KB 16 KB	604ms 602ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/cache/thumbs/4d6bcefe4a827e9b03d6337dd6f07863-160-160-0.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash a2a4b8a6d148c0c1f53a7819a63382b2215e351f5af3491fa643688775c83569 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Wed, 12 Apr 2023 08:57:11 GMT server nginx etag "64367267-3f43" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 16195 expires Fri, 18 Aug 2023 11:24:01 GMT
GET		favicons www.google.cn/s2/	0 0
GET H2	200	be361d2811f2c7b92210b39b35c32c2f-160-160-0.png 91btdh.net/zb_users/cache/thumbs/	4 KB 4 KB	604ms 602ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/cache/thumbs/be361d2811f2c7b92210b39b35c32c2f-160-160-0.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 95b6829be7cfcf975391eb91d22ed5be9b21b8bdfb42e27edd25a9502331151e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Wed, 12 Apr 2023 08:57:11 GMT server nginx etag "64367267-1126" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4390 expires Fri, 18 Aug 2023 11:24:01 GMT
GET		favicons www.google.cn/s2/	0 0
GET H2	200	/ www.cll45.top/ Redirect Chain https://cililian.cc/static/favicon.ico https://www.cll45.top/	0 0	1986ms 1385ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.cll45.top/ Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Redirect headers date Wed, 19 Jul 2023 11:24:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdQXBhiVpFSsYOBsO3Qgn2rlpsZr27BKsFDXTCvtARZudMMda%2FOpGUoXTXyCv1Z9LYqiJU074A0c2zEeDHIQyz2NX0bIWKvAV86tkgSQXx3PkjoX64wMK0pDOQ2qz2aJlFrjwhMshiHiaA%3D%3D"}],"group":"cf-nel","max_age":604800} location https://www.cll45.top cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7e92987fef5618af-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	798821e7b6fce5c59f3384b3c1197346-160-160-0.png 91btdh.net/zb_users/cache/thumbs/	6 KB 6 KB	604ms 603ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/cache/thumbs/798821e7b6fce5c59f3384b3c1197346-160-160-0.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash c5f5a6de23efa2f6be2d4b6003d87133bb3b5fdf88d76ff44573a5aa7f66d97d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Wed, 12 Apr 2023 10:17:58 GMT server nginx etag "64368556-1638" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 5688 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H/1.1	404 Not Found	favicon.ico clm0.net/	0 0	986ms 146ms	Image text/html	64.91.249.20 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://clm0.net/favicon.ico Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.91.249.20 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS tiger.parklogic.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers
GET H2	200	66b3a00dc1f58fcfcaac8f2fc116c9e6-160-160-0.png 91btdh.net/zb_users/cache/thumbs/	2 KB 2 KB	604ms 603ms	Image image/png	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://91btdh.net/zb_users/cache/thumbs/66b3a00dc1f58fcfcaac8f2fc116c9e6-160-160-0.png Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash a856e88295ea62e066be8db1f7832f8e8a8890ea60f09e0be1b7a40bebad1dc3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/post/1436.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT strict-transport-security max-age=31536000 last-modified Wed, 12 Apr 2023 10:17:58 GMT server nginx etag "64368556-731" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1841 expires Fri, 18 Aug 2023 11:24:01 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/	357 KB 123 KB	108ms 107ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3488987404829368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5e0d9a702691f6bbb6ce2939fb7ee100032569ed46cb14efe847d1a4376408dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 125719 x-xss-protection 0 server cafe etag 2703983930019588225 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 19 Jul 2023 11:24:01 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/ Frame 4D42	10 KB 5 KB	128ms 40ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3488987404829368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91btdh.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 57496 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 18 Jul 2023 19:25:45 GMT etag 12368291122986407432 expires Tue, 01 Aug 2023 19:25:45 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect region1.google-analytics.com/g/	0 250 B	137ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-63XQHXHW69&gtm=45je37h0&_p=535174640&cid=1775437216.1689765842&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689765841&sct=1&seg=0&dl=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&dt=%E7%A3%81%E5%8A%9B%E7%8C%AB_%E7%A3%81%E5%8A%9B%E6%90%9C%E7%B4%A2_91BT-%E7%A3%81%E5%8A%9B%E5%BC%95%E6%93%8E%E5%A4%A9%E5%A0%82%EF%BC%8D%E8%B5%84%E6%BA%90%E5%A4%A9%E5%A0%82&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-63XQHXHW69 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://91btdh.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	387 B 601 B	148ms 49ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=91btdh.net&callback=_gfp_s_&client=ca-pub-3488987404829368 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2ef98b756ee0363697ef4d8aff12c7481b81668dfe6775a350c3ceb65dae3feb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:02 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	143ms 48ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=91btdh.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:01 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	74ms 74ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left-bar&ign=false&pw=1600&ph=1200&x=0&y=1060.8 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	75ms 75ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left-bar&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 98A5	229 KB 57 KB	910ms 906ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&adk=4221289539&adf=3358385598&lmt=1689765841&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841540&bpp=7&bdt=1268&idt=263&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8732232239318&frm=20&pv=2&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=285 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a6f4d12f06a54a7de3fd06626f2cf3151bd21c22aff96e5c315733f60dddeaf1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91btdh.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 57937 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 19 Jul 2023 11:24:02 GMT expires Wed, 19 Jul 2023 11:24:02 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 12D5	138 KB 42 KB	982ms 982ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7e37894e777438cad59f1462e7153880f96ab69db718897edc97559117b71f85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91btdh.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 43133 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 19 Jul 2023 11:24:02 GMT expires Wed, 19 Jul 2023 11:24:02 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	iconfont.woff2 91btdh.net/zb_users/theme/hnysweb/style/iconfont/	39 KB 40 KB	550ms 549ms	Font font/woff2	45.78.28.107 IT7NET
General Check archive.org Show headers Download Go to Full URL https://91btdh.net/zb_users/theme/hnysweb/style/iconfont/iconfont.woff2 Requested by Host: 91btdh.net URL: https://91btdh.net/zb_users/theme/hnysweb/style/index.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.28.107 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.28.107.16clouds.com Software nginx / Resource Hash 29449c53f2d0046c97d703b1aed7c86e637989322c75f6cde5dd3bb761c9edf8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://91btdh.net/zb_users/theme/hnysweb/style/index.css Origin https://91btdh.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:02 GMT strict-transport-security max-age=31536000 last-modified Wed, 12 Jul 2023 03:27:40 GMT server nginx etag "64ae1dac-9d54" content-type font/woff2 accept-ranges bytes content-length 40276
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/	154 KB 52 KB	92ms 91ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36af97c867ef684ab7261a5f56e4f1ef4bfd68528c0516c88361398d67960886 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:02 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53469 x-xss-protection 0 server cafe etag 13401985812250537968 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 11:24:02 GMT
GET H2	200	css fonts.googleapis.com/ Frame 12D5	14 KB 2 KB	138ms 48ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 19 Jul 2023 11:24:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 19 Jul 2023 11:15:43 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 19 Jul 2023 11:24:02 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	50ms 49ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=91btdh.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:02 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame AAAA	85 KB 28 KB	763ms 762ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6b0fe852cb44f1e8faaf7b099c9cff5238c18fe8ef47e2afb754a70822fc9b38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91btdh.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 28610 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 19 Jul 2023 11:24:03 GMT expires Wed, 19 Jul 2023 11:24:03 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 12D5	2 KB 973 B	139ms 47ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:11:18 GMT content-encoding br x-content-type-options nosniff age 65564 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:11:18 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 12D5	23 KB 9 KB	137ms 47ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:04:50 GMT content-encoding br x-content-type-options nosniff age 65952 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9071 x-xss-protection 0 server cafe etag 17378926570389699705 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:04:50 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 12D5	3 KB 1 KB	142ms 53ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 09:28:00 GMT content-encoding br x-content-type-options nosniff age 6962 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 02 Aug 2023 09:28:00 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 12D5	20 KB 9 KB	130ms 41ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:06:22 GMT content-encoding br x-content-type-options nosniff age 65860 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8291 x-xss-protection 0 server cafe etag 17061476539903440100 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:06:22 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 12D5	179 KB 57 KB	213ms 122ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:03 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57311 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1689594152080714" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Jul 2023 11:24:03 GMT
GET H2	200	db0cdd5d6449829815370f69ba3f47bd.js Show response www.gstatic.com/mysidia/ Frame 12D5	33 KB 14 KB	132ms 41ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Fri, 14 Jul 2023 17:24:21 GMT content-encoding gzip x-content-type-options nosniff age 410381 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14165 x-xss-protection 0 last-modified Fri, 14 Jul 2023 17:15:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 12 Oct 2023 17:24:21 GMT
GET H2	200	data=1DBiY93iSRsY4A2SzzYfQhWq0H7tsMISP2h6Mp7j_dQC7YQFlKof7rjmIOVMy5gJAZxa5DSdi86PZHFs3EGGUA mts0.google.com/vt/ Frame 12D5	39 KB 40 KB	289ms 154ms	Image image/png	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://mts0.google.com/vt/data=1DBiY93iSRsY4A2SzzYfQhWq0H7tsMISP2h6Mp7j_dQC7YQFlKof7rjmIOVMy5gJAZxa5DSdi86PZHFs3EGGUA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash fe79afca833e891a5b36cf6cd5b790c411415d560b1ee351af49b1b82ed24c7a Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:03 GMT content-security-policy script-src 'none'; object-src 'none'; base-uri 'none' x-content-type-options nosniff cross-origin-resource-policy cross-origin server-timing gfet4t7; dur=114 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40024 x-xss-protection 0 x-server-version-bin CggIBBC1ztilBg== server scaffolding on HTTPServer2 etag 08a866a4eaf645920 x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control public, max-age=3600 expires Wed, 19 Jul 2023 12:24:03 GMT
GET DATA	200 OK	truncated / Frame 12D5	297 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 12D5	465 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 12D5	333 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 12D5	336 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	48ms 48ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=91btdh.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:02 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/ Frame 7F7A	10 KB 4 KB	41ms 40ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488987404829368&plah=91btdh.net Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://91btdh.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 49898 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4544 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 18 Jul 2023 21:32:24 GMT etag 12368291122986407432 expires Tue, 01 Aug 2023 21:32:24 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame 7F7A	4 KB 767 B	52ms 51ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 19 Jul 2023 11:24:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 19 Jul 2023 09:41:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 19 Jul 2023 11:24:03 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 7F7A	205 B 520 B	46ms 45ms	Image image/png	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Fri, 14 Jul 2023 09:18:57 GMT x-content-type-options nosniff age 439506 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Wed, 28 Jun 2023 17:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 13 Jul 2024 09:18:57 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 7F7A	604 B 695 B	47ms 46ms	Image image/png	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 07:56:08 GMT x-content-type-options nosniff age 98875 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Wed, 28 Jun 2023 17:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 17 Jul 2024 07:56:08 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 7F7A	20 KB 9 KB	47ms 47ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:19:25 GMT content-encoding br x-content-type-options nosniff age 65078 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8597 x-xss-protection 0 server cafe etag 17435004113268094812 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:19:25 GMT
GET DATA	200 OK	truncated / Frame 12D5	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1d3e539370f3ed1f1146c13179e7a3b2732f3c75d0c5082e8fecd46f488fec6b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css fonts.googleapis.com/ Frame 281A	14 KB 1 KB	56ms 56ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 19 Jul 2023 11:24:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 19 Jul 2023 11:16:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 19 Jul 2023 11:24:03 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 281A	2 KB 931 B	41ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:11:18 GMT content-encoding br x-content-type-options nosniff age 65565 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:11:18 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 281A	23 KB 9 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:04:50 GMT content-encoding br x-content-type-options nosniff age 65953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9071 x-xss-protection 0 server cafe etag 17378926570389699705 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:04:50 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 281A	3 KB 1 KB	51ms 50ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 09:28:00 GMT content-encoding br x-content-type-options nosniff age 6963 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 02 Aug 2023 09:28:00 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 281A	20 KB 8 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:06:22 GMT content-encoding br x-content-type-options nosniff age 65861 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8291 x-xss-protection 0 server cafe etag 17061476539903440100 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:06:22 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 281A	179 KB 56 KB	76ms 75ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:03 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57311 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1689594152080714" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Jul 2023 11:24:03 GMT
GET H2	200	db0cdd5d6449829815370f69ba3f47bd.js Show response www.gstatic.com/mysidia/ Frame 281A	33 KB 14 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Fri, 14 Jul 2023 17:24:21 GMT content-encoding gzip x-content-type-options nosniff age 410382 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14165 x-xss-protection 0 last-modified Fri, 14 Jul 2023 17:15:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 12 Oct 2023 17:24:21 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 12D5	33 KB 34 KB	226ms 125ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Sun, 16 Jul 2023 02:43:59 GMT x-content-type-options nosniff age 290404 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 15 Jul 2024 02:43:59 GMT
GET H3	200	z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response pagead2.googlesyndication.com/bg/ Frame 85A0	37 KB 14 KB	44ms 43ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 10:57:13 GMT content-encoding br x-content-type-options nosniff age 1610 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14789 x-xss-protection 0 last-modified Mon, 03 Jul 2023 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 18 Jul 2024 10:57:13 GMT
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	375ms 374ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1138634782&si=cc89cb642da27ec01f796f483d41558b&v=1.3.0&lv=1&sn=11404&r=0&ww=1600&u=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&tt=%E7%A3%81%E5%8A%9B%E7%8C%AB_%E7%A3%81%E5%8A%9B%E6%90%9C%E7%B4%A2_91BT-%E7%A3%81%E5%8A%9B%E5%BC%95%E6%93%8E%E5%A4%A9%E5%A0%82%EF%BC%8D%E8%B5%84%E6%BA%90%E5%A4%A9%E5%A0%82 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://91btdh.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jul 2023 11:24:03 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 12D5	0 23 B	84ms 84ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CyxU20ce3ZLiNNvCZiM0Pv92k2AusncWnZb61x_X3ENqQsbzPARABIPSY71ZglYKAgJQHoAGOyv6RAsgBCakC191gEpTTsj6oAwHIA8sEqgTmAU_Q01XsFHhq-u5ZdxnAyl2doKjZXK2HZjTNnmI0R8qIN1Edh0w2jsaVmEyP3IXq6HT2hvMey5tA-5ydcc1-4sgHTOIEU-R4uvviRu9tgF1HILi04vshACecDbDFuIvk-z0XmY2GDWOQleZneE2BqG_hT-RnX1Dd5_xgnt6ONy_LJ_1y8yKdMdti36TPE1Kos4PyqcyjDJy5nSGugLHHCfx96_yglPl5ZDf_AuDkFzMqrqg_GNAN7JfeZwNuVNOV4tu3oTnpAMB-wQvxgMuJJSFHCrX0i9UezIKgzmBA7p4TTp2L70ojwASdx5vJrwOSBQQIBBgBkgUECAUYBKAGLoAH2rWB7gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCa1cUC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLECuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi0zNDg4OTg3NDA0ODI5MzY4GAA&sigh=-UitZ2uIDU8&uach_m=[UACH]&cid=CAQSGwBpAlJW_G60SxWTaVfuEV8qk_3DpI0_tRXmQBgB&template_id=520&cbvp=2&vis=1 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 19 Jul 2023 11:24:03 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Wed, 19 Jul 2023 11:24:03 GMT
GET H3	200	z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response pagead2.googlesyndication.com/bg/ Frame 02E2	37 KB 14 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=1874786855&adf=4010674275&pi=t.aa~a.910666955~rp.1&w=930&fwrn=4&fwrnh=100&lmt=1689765841&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765841547&bpp=2&bdt=1275&idt=280&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7AUZgSfre1&p=https%3A//91btdh.net&dtd=283 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 10:57:13 GMT content-encoding br x-content-type-options nosniff age 1610 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14789 x-xss-protection 0 last-modified Mon, 03 Jul 2023 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 18 Jul 2024 10:57:13 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame AAAA	23 KB 9 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:04:50 GMT content-encoding br x-content-type-options nosniff age 65954 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9071 x-xss-protection 0 server cafe etag 17378926570389699705 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:04:50 GMT
GET H3	200	css fonts.googleapis.com/ Frame AAAA	8 KB 750 B	52ms 51ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 19 Jul 2023 11:24:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 19 Jul 2023 11:21:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 19 Jul 2023 11:24:04 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame AAAA	15 KB 3 KB	151ms 40ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Mon, 17 Jul 2023 19:15:17 GMT content-encoding gzip x-content-type-options nosniff age 144527 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2920 x-xss-protection 0 last-modified Mon, 10 Jul 2023 17:29:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 16 Jul 2024 19:15:17 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame AAAA	375 KB 129 KB	152ms 42ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Mon, 17 Jul 2023 19:15:17 GMT content-encoding gzip x-content-type-options nosniff age 144527 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131779 x-xss-protection 0 last-modified Mon, 10 Jul 2023 17:29:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 16 Jul 2024 19:15:17 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame AAAA	20 KB 8 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 17:06:22 GMT content-encoding br x-content-type-options nosniff age 65862 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8291 x-xss-protection 0 server cafe etag 17061476539903440100 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 01 Aug 2023 17:06:22 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame AAAA	0 0	138ms 47ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMv7JPfH4FmNQeWXBd34te3hqx347qfxZeFQGAoxEYJb5YD0xTmfxpXYEZltjesEjx_Bp0tm0luV5xrivbjHriAHFHJw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers
POST H2	204	csi csi.gstatic.com/ Frame AAAA	0 54 B	168ms 52ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lk9mye0x&c=1355930359413&slotId=677965179706.5&qqid=CJKLyKbUmoADFXcQogMdfIMGcw&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame AAAA	15 KB 16 KB	40ms 39ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Mon, 17 Jul 2023 22:23:32 GMT x-content-type-options nosniff age 133232 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 16 Jul 2024 22:23:32 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame AAAA	15 KB 15 KB	43ms 42ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Thu, 13 Jul 2023 22:16:07 GMT x-content-type-options nosniff age 479277 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 12 Jul 2024 22:16:07 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AAAA	0 20 B	75ms 75ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CRraa0se3ZJLaN_egiM0P_IaamAeqkpu9ccK8ooHsEZ64iLaDAxABIPSY71ZglYKAgJQHoAGcg_uHA8gBBakCCAiMCanUsj6oAwHIA5sEqgTtAU_QuErFfIfG9w0FPdKd2YoY14ilfg9eArhZn0RcB81H3hlbDmyem98D18MgWcDTuw6S0-wDW4OG5mRknYikn4KohRCJpy9sPKND2KHOHrJ1HP3rF2mtjmLG0ZIcx2zKTFKsOzgYkejY0gj9Q3D9Og9v1rX8iP2UujT8XwO4PoZCZHTNHuOes-PF_kBpRUIT9HdHmHcj8HyLph0OT2TgpV9Ny7vSE0nIlVjcKK5w_PWaDzx0goqW6G99It2VCjj-dlEDt8Uk6oK3rjEDVWW4YbRsBA_8R875fTd65j7iNV5LjNVxkxqmsOoDOl2B8cAE482toscE4AQDkAYBoAZOgAfM_IR4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGwE7zEgBTIE4m0qeMD0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1689765844367&ai=CRraa0se3ZJLaN_egiM0P_IaamAeqkpu9ccK8ooHsEZ64iLaDAxABIPSY71ZglYKAgJQHoAGcg_uHA8gBBakCCAiMCanUsj6oAwHIA5sEqgTtAU_QuErFfIfG9w0FPdKd2YoY14ilfg9eArhZn0RcB81H3hlbDmyem98D18MgWcDTuw6S0-wDW4OG5mRknYikn4KohRCJpy9sPKND2KHOHrJ1HP3rF2mtjmLG0ZIcx2zKTFKsOzgYkejY0gj9Q3D9Og9v1rX8iP2UujT8XwO4PoZCZHTNHuOes-PF_kBpRUIT9HdHmHcj8HyLph0OT2TgpV9Ny7vSE0nIlVjcKK5w_PWaDzx0goqW6G99It2VCjj-dlEDt8Uk6oK3rjEDVWW4YbRsBA_8R875fTd65j7iNV5LjNVxkxqmsOoDOl2B8cAE482toscE4AQDkAYBoAZOgAfM_IR4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGwE7zEgBTIE4m0qeMD0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcF Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame AAAA	0 234 B	143ms 51ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lk9mye1c&c=1355930359413&slotId=677965179706.5&qqid=CJKLyKbUmoADFXcQogMdfIMGcw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.16g&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame AAAA	28 KB 17 KB	202ms 79ms	XHR text/xml	142.251.5.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BShR1HfGdH4lku7bYQtPFd7PG4o4zTvDYlc_sEyT8Jw1fhTlmWg7dm0jeSR6HSaerpevmYRzArG5UV8rnj2X5_HCoaPg&cry=1&dbm_d=AKAmf-C6uzFN-L31HbKPG5YgtbHFfCHPgA-8XEhtyW5VlHH_WBlRA9DS6UIaIlcPZHB6m8m6Um6ANnEwhhEBBooWT6BV3pAuMR6nvz1bfX9-HmN82cjBTRphg5gjt4Q9m3HeYWgoencTyAwfE1PkMI9gz4TrWb1D55Gkh1wTcmpxbAdcn3nqR2tw9QNsULXny0B5tK5d5x-ICv-OBHPva0Jln1Q9HVoOo62vDg1dKxL2soaTXDhr-1Aqk2IXMPHZwwARxDyloQ7pQi4RQz5ZdiKciXiCioTVGM30tsRTReWDgenAJG8SpAKNlj1fSRB02Q0-w_OOvco2ZkU7FhCLYICrQJlFYHUQyf6VA_dZyNIE2Dme5meo5EllVeUXn1NbHozVEWczW8EjPnAU-aXjwSOq1vkv0LytxbE-pMsfmzPi03BpocvUNSooiCl4wCpJXAqqQvgS3xBvkUPhlFxTlmH-lPvvkH8SF3U2WUZp3JQXsdLrBC53wOrDc0_G8Ta3yuc5_vmrTQC1b390NpbHrpUppSk-tqPi8ECwrnEH3NBZspRw6TAEevffx4q3H_U9Nroy6BwNLUKX3MVXlIS-YJxApj-I09OPjfgPH4nvH89dGgu5H770JQqftBS48biERpbcr1r5hno_3b5u2iQaGIoOzxM1EwZ8SCpGeEzUcTQs4nfyJLUq_GYRwFUDfi_Ksbd0sQu52QIu_xvS2yzC_qyhYHB5GRHvupCEjiClrKaBxP-KjXOiDDB11uFbJRgYAyONkBwT_lkrv5n68zNHItzONUsjtpx-nHPuxvOXUm75zHLxbwRy-JQzyP-k0Yslgfg7l3P_Ww3JUa5oIVqGfOX5Z-coCZMmyVgRWhPHi47zVBqEuamapL_kNwo4nT1oN9GUr8n9I5ua8no9QN0hEa38ecsTpi6wg8QSsfaptY6S6AZm8mW9gS7mOqo4WKG58k6797L2_7Zhd7kTuZZ1GNVpJl_88M3nkMRhP7jcJ2YKVhbxGlIF8buX9KymvucKqMBybblNkqtQUS5IH_aWkzFwmGrqB_QQPz53xPujEdAil8nRhrClouYUeFoRmzmZYur26zfUmdDHh3iU6ByqzbP6uGavpOOr4yI3rFAUyFv0KZe2t3TzgPGf8pyj1yTjenXHA5fboefbSgMZB6A28rjfyRCnJMR3CzWWMSeTHv4CUY10lvxgOWAw6GXxumyWNymncPc-xTRHxKjSB7UcvJCenbrg44c8E-Obim3VXO9rC_p0XVnYNjA2eY1XIMeazDBRjdikSi2qpRn-m1uMO6PD5EzraxXumV54SaOoAjpK91t7OBL05bDWY2ZwLFzVcYvsN5Bc7IKXbY2pjjO9cL48mBy-yFSU48v4muPMphnodckp1NEV_EvAyYa6wRA9FiKyc4odXKER4v2_bfrWBZoIW7JRRAVj9ZK4-gTxnuCq7jidrhHOoKn4vSdig7y_8TwzP0ryknx0nVXfZjTm06mlFyKHaDhxq8g2WE2nmY7HPUQ8gc-cTWQIgHUqWV2Y83NBN_g_sfXzI_jR-3YRUMrodfWcf_3P9GnyVh6NbO7ErDtohhecobW-RmGEld5BlWbb8c6z09iRSNwfIC3LERZGi4yGJnX1YdjPvt7qf9rcVCI_Mq4uSR2MJppTgGdbOJbzaT1L3U8lFOu1f1mNKeSBTHk_nHtRQQBD0WjUnamQ2jshwiJBCn9fr1I7cPKXUAo_TP7kCjJD5Y3cqZ_2yOVURGmAFPyutYUcbIos2dLc9sAtalxeZC4hSsL3K72kvXBw2esdfBo1ok_-uOOvjKSkP_S5ZhlhYcbo0HO2vFLdV6y_RSv03AWukIkHEw0kt00RZmoJ84yOM0UpKhcAdCEA2XuGtHLGw3TSC4MtydlM26LBI-FxGVdftKY3Gw36sSC0Bda3AcUVQpG5LjkTzT64_I_qZnZkZhZcF5H1OI6R5NwSLDZtbg9-ODt1IvId8HcaNbDhZcNilzS-RbRr9mYBZ5NwfcutOIHoas6rvdU1HlRs8V8PcNbL_XO9XSZLXBumiIpNZo-tmbIXxmZGESzXZHN7kyd_oFrKksd1H5gVSkZu7bdLBbVZTxyWJd5HV45rCMKA3wzqyAr9A38RdXBAxohS-kgpipWJ-CzZLFzCkBgm6ZpdV1BkjKpiCUc37RH2MEtv-98sRBUgUm-mc9Suw9uhhktJFF8drHw0N_7Uf6cRaG1qCS8wfOR6i3fE32SI7wiJD6Z5Zz9SeqsBXzSOBDG_9FBsWIz9EEd16lUrfIn_pfnFQAqYhcSRHysCOQ_mwHIYAGEPfGUUE6kge6bmVBPJtNIQcgCzOqsh8THucsyuqRCqZwAwkf03RtElaJWVUCug6vYXqutgKLtigVGbgy2pXTm76-ieWDa4dezs1sYNcrzO2eiA5JpK3AY41bhraJBp1r3OoT_OHv5Eav4kaFJizNBHjxLc-jGpNoGoXw_qk1ov9ofLxqAQtjD3a_qEonCxbTJ6HrmNXSNMM2fAiTXnHyh74UDi9BIaks8wTZqud78pZ7CSzS-2JFT4MHlVxmayCtd4vebtJBIMG5OLDqYXJk51WkQpS6A_MmwXfCKOy2OGH_abfohP9gqztA1nvoUl5ufJ7tb_Lm9X0CzT5nKS0Q_ad7SUJza7uK_YWQrhsKp9lwdIjGj2NwnmIUc0IYR3IWZhHtA0NYAQZmizy85SM3pnp2RkovDBymQNcqAjwzAHGJTLRGhDZovk39mArlTyu4kBo7nYdaIHlmlv3KYEfHuu2rDpRnaDNcx6xKhIWeiXjK98HnspIA8Hx95nV5i5oJO18W5yWGR6_nODHd_f-NeEiOQhdnFbn_1SdiSIYiAGG_AYzNibZ1lT403gaLeopR0WP6XVEVIk750E1yCpOIlF8RAuqpPsP1fFMTUguhtB-QwKO_9JBSWxKgycd-XySDNx6zmtjVJVZTNldPFKprjvtPiEBfSi3Xn8MJeVTz6O8SRKkrTs7apgJT0V4YoQniz2JIEO2ijoftbe_BcjPeyAqZHlfZ3ZEl79Xls5oRDM3MHegkkmgj4x6b7hcqkpw-xU57Z0bnvTH2mEDRc46g5I6P-Hmds_3pT9MzGLdNNJReIjTht_5LiS82pZISL9A4T3AHdUdLqIRh9yHGx0y__g8DU_hbifLSf6e6nroOT4EH8Dy84D-MH0Xo-qSJt-j3LG-4Xl15My9MmPRnjBSkFvS3I0m3Sjc-TBSpGTtlbUdggkxZ70V0Nle0b_wBlzfEQaD0aYRyeE8Iv7IsCjjnzXk9oHrp5qkv8jRp9T4GDaeAN3Ju6aqfWAdcbbR3YV_YoGujVKoL3VnVRNpuwbgyPAyXQFs9qApXUaymzDoh2OTm4&cid=CAQSOwBpAlJW6TVEtuNJ0YdDgqJhcvaCKZBD4Huj5kpDPWbkITZ5Bv7RAtO-2KdpuhnpYPyQOgR9dRsygDU0GAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.5.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wg-in-f154.1e100.net Software cafe / Resource Hash 944e5ed9271e77090458962b9e56a49bd19762b5ec990b1649ff010b92703593 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16392 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FE48	1 KB 643 B	40ms 40ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 83990 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 18 Jul 2023 12:04:14 GMT etag 48472445140208031 expires Wed, 19 Jul 2023 12:04:14 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame AAAA	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2f004329a341a2f3d3745aa999f469916b7383fdd4b40f227c9529feb12332f2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Content-Type image/png
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame FE48	0 104 B	222ms 82ms	Image text/plain	2a02:fa8:8806:13::1370 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOniVWAw2FQD20ynHlQzJ5s&google_cver=1&google_push=AaAOQGFBuHqWkbknp3bMX4v9OgPxelvVkfwo-gnV6R7-j7SeD-geZiGSPTrbsDTOtIShj6UwgeFvmBqC4r1LEy6IKwzdMdXWwKQKwA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame FE48 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWFZbzlUU3MxUW01aE81&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&google_cver=1&google_push=AaAOQGHpWxRiRIF5v5dqRjd3sCtcCcXJCfdXu21eRY7ru9J...	170 B 232 B	50ms 50ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWFZbzlUU3MxUW01aE81&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&google_cver=1&google_push=AaAOQGHpWxRiRIF5v5dqRjd3sCtcCcXJCfdXu21eRY7ru9Jl465RtsG4_xcQbXuZ58nRIh3xyQjdw7rBhCI9XaBF2yu_cXNi5aFA Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 19 Jul 2023 11:24:04 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VWFZbzlUU3MxUW01aE81&google_gid=CAESED1vq37myrGM8PsY3uh7Ne8&google_cver=1&google_push=AaAOQGHpWxRiRIF5v5dqRjd3sCtcCcXJCfdXu21eRY7ru9Jl465RtsG4_xcQbXuZ58nRIh3xyQjdw7rBhCI9XaBF2yu_cXNi5aFA Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame FE48 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEMV6fF3iepW60r0qX1RmGgo&google_cver=1&google_push=AaAOQGFRLcWHlaGXtbBGgTQKVtNayeRnOnoQ6F9PeEpsmNW1LTYwCLKeiVh866K1_e7hHe4imgxotWr25Z0XJJx7mwtAUwtLCrQA https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9262D77EB4A041FE8EB75622F4DAFC29&google_push=AaAOQGFRLcWHlaGXtbBGgTQKVtNayeRnOnoQ6F9PeEpsmNW1LTYwCLKeiVh866K1_e7hHe4imgxotWr25Z0XJJx...	170 B 232 B	56ms 55ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9262D77EB4A041FE8EB75622F4DAFC29&google_push=AaAOQGFRLcWHlaGXtbBGgTQKVtNayeRnOnoQ6F9PeEpsmNW1LTYwCLKeiVh866K1_e7hHe4imgxotWr25Z0XJJx7mwtAUwtLCrQA Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Wed, 19 Jul 2023 11:24:04 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9262D77EB4A041FE8EB75622F4DAFC29&google_push=AaAOQGFRLcWHlaGXtbBGgTQKVtNayeRnOnoQ6F9PeEpsmNW1LTYwCLKeiVh866K1_e7hHe4imgxotWr25Z0XJJx7mwtAUwtLCrQA access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 18 Jul 2023 11:24:04 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame FE48 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAz62tN6HY5Qe5K1iN9Hjsw&google_cver=1&google_push=AaAOQGGXfAR0Jk7mDCKi8rLaKBrf0PhaJCGDLhm_Kg210kCa8SKylYz0ifMkJXLbm0DeU0vWfweQ23JE0JP... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGXfAR0Jk7mDCKi8rLaKBrf0PhaJCGDLhm_Kg210kCa8SKylYz0ifMkJXLbm0DeU0vWfweQ23JE0JPg_H4cvo_GiMnm0VKzVg&google_hm=cbvjt00RSvqVG_jt8T...	170 B 329 B	52ms 51ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGXfAR0Jk7mDCKi8rLaKBrf0PhaJCGDLhm_Kg210kCa8SKylYz0ifMkJXLbm0DeU0vWfweQ23JE0JPg_H4cvo_GiMnm0VKzVg&google_hm=cbvjt00RSvqVG_jt8TKV9mk Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGXfAR0Jk7mDCKi8rLaKBrf0PhaJCGDLhm_Kg210kCa8SKylYz0ifMkJXLbm0DeU0vWfweQ23JE0JPg_H4cvo_GiMnm0VKzVg&google_hm=cbvjt00RSvqVG_jt8TKV9mk content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FE48 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEED9UFuRfdtRhUVd6BGR9tQ&google_cver=1&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tkfPNM5G... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEED9UFuRfdtRhUVd6BGR9tQ&google_cver=1&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tk... https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tkfPNM5G9SXAzFLUkA&google_hm=hINW1acfRqmuP2V7dUJoQQ==	170 B 188 B	52ms 52ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tkfPNM5G9SXAzFLUkA&google_hm=hINW1acfRqmuP2V7dUJoQQ== Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2Ysw6DpO9_5TZ4lR-hd3rPtLbQ6cFpwVrhC-MKf6kpnBJUfXx8EeissprV-g5faJknAIjhZ3YO_q9tkfPNM5G9SXAzFLUkA&google_hm=hINW1acfRqmuP2V7dUJoQQ== date Wed, 19 Jul 2023 11:24:04 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame FE48 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKF4q_e5-PNp1GHFI0x28Sw&google_cver=1&google_push=AaAOQGEx5eUcq2hDzDjXZDolJWXkRwVD0sYIFvDW2j_E0oVNahoB86t0unGXdUiKm5XIcqGZZfJp2yMRzoE6oML7fpJbDhx... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEx5eUcq2hDzDjXZDolJWXkRwVD0sYIFvDW2j_E0oVNahoB86t0unGXdUiKm5XIcqGZZfJp2yMRzoE6oML7fpJbDhxGX-cljg&google_hm=eS1vQVV4NmdoRTJwRkNM...	170 B 232 B	53ms 52ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEx5eUcq2hDzDjXZDolJWXkRwVD0sYIFvDW2j_E0oVNahoB86t0unGXdUiKm5XIcqGZZfJp2yMRzoE6oML7fpJbDhxGX-cljg&google_hm=eS1vQVV4NmdoRTJwRkNMMlE4b0JCUXVYeTBWeEc0dkl1YX5B Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Wed, 19 Jul 2023 11:24:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEx5eUcq2hDzDjXZDolJWXkRwVD0sYIFvDW2j_E0oVNahoB86t0unGXdUiKm5XIcqGZZfJp2yMRzoE6oML7fpJbDhxGX-cljg&google_hm=eS1vQVV4NmdoRTJwRkNMMlE4b0JCUXVYeTBWeEc0dkl1YX5B content-length 0
GET H2	200	report sync.teads.tv/um/ Frame FE48 Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECWfRg_iKJy8... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFfyHnbzyT2zE549BWqU04gM5MKmMC2N06t3q3Oa6RnqkkS31Qy5X5JKSLZvtGliv_tDtE6ecrVd828WIAv4OuVv4g03xqXK2c https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	66ms 65ms	Image image/gif	104.75.89.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H2 Server 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-75.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers expires Wed, 19 Jul 2023 11:24:04 GMT pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif Redirect headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame FE48	0 130 B	167ms 52ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtIszXQnsMx70rcGZvUJgaOTDtK_Dz232_tEot0MPKbMCQXlcpeGztxNpxNQVgguVHizTXyQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 11:24:04 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame AAAA	0 19 B	82ms 81ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cncwf0se3ZJLaN_egiM0P_IaamAeqkpu9ccK8ooHsEZ64iLaDAxABIPSY71ZglYKAgJQHoAGcg_uHA8gBBakCCAiMCanUsj6oAwGqBOoBT9C4SsV8h8b3DQU90p3ZihjXiKV-D14CuFmfRFwHzUfeGVsObJ6b3wPXwyBZwNO7DpLT7ANbg4bmZGSdiKSfgqiFEImnL2w8o0PYoc4esnUc_esXaa2OYsbRkhzHbMpMUqw7OBiR6NjSCP1DcP06D2_WtfyI_ZS6NPxfA7g-hkJkdM0e456z48X-QGlFQhP0d0eYdyPwfIumHQ5PZOClX03Lu9ITSciVWIQpDGz0zww9rrZsJf8mwBbBYfTehOGMjRxNMSTMiBSkGBvpuHx-TpKnI9JfDA3ZVq54nc4ZRotXYhhdQBDYWDl7wATjza2ixwTgBAOIBdbyiuJLkgUNCCIQAxgDSJSKgQJQAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHzPyEeKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEKSqBhiiqKDpAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGwE7zEgBTIE4m0qeMD0BMA2BMKiBQB2BQB0BUBgBcBshccChoIABIUcHViLTM0ODg5ODc0MDQ4MjkzNjgYAOgXBQ&sigh=SE9ush_jxg8&uach_m=[UACH]&cid=CAQSOwBpAlJW6TVEtuNJ0YdDgqJhcvaCKZBD4Huj5kpDPWbkITZ5Bv7RAtO-2KdpuhnpYPyQOgR9dRsygDU0GAE&vt=10&cbvp=2&vis=1 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488987404829368&output=html&h=280&adk=3610654802&adf=3268517841&pi=t.aa~a.8508095~rp.3&daaos=1689705225254&w=930&fwrn=4&fwrnh=100&lmt=1689765842&rafmt=1&to=qs&pwprc=8854495146&format=930x280&url=https%3A%2F%2F91btdh.net%2Fpost%2F1436.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689765842844&bpp=2&bdt=2572&idt=2&shv=r20230717&mjsv=m202307120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c73e09d76e82d05-222f803c30de00cb%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZjoTpT3CuFGe3CXbGLeQdzP5KrsQ&gpic=UID%3D00000c40054d4ea3%3AT%3D1689765842%3ART%3D1689765842%3AS%3DALNI_MZH1vB1mOODrwCiEc5Ku5c3fi8hgg&prev_fmts=0x0%2C930x280&nras=3&correlator=8732232239318&frm=20&pv=1&ga_vid=1775437216.1689765842&ga_sid=1689765842&ga_hid=535174640&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=455&ady=1974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C42531705%2C44788441%2C44796700&oid=2&pvsid=4121876119093294&tmod=12268107&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=UTtrPqg8J6&p=https%3A//91btdh.net&dtd=17 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Wed, 19 Jul 2023 11:24:04 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 12D5	42 B 174 B	81ms 80ms	Fetch image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhIPNGPA6HW46wBG2s0eBk4qiIca-_2SC0cWinjOScvfW_FErvq-_wh7CEsWuPcdun1Ruwl3gpjcq34I2nexv2kxtZH1WemoWMFPuxngJ7huT8DGjOha_LRN0_1nQh_e9C07qZi7gBR4eV&sai=AMfl-YRpK-Uf7q5JmIwoonfAuqWEdbzWANdfWyEv5rMn_hpzOnqsBrLIHirxd0Tt1A6P_LhFWuoo0YrXAyk6&sig=Cg0ArKJSzHb0XbSe362ZEAE&cid=CAQSGwBpAlJW_G60SxWTaVfuEV8qk_3DpI0_tRXmQBgB&id=lidar2&mcvt=1017&p=0,0,280,930&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1874786855&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689765841832&rpt=1690&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame AAAA	0 54 B	54ms 53ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lk9mye21&c=1355930359413&slotId=677965179706.5&qqid=CJKLyKbUmoADFXcQogMdfIMGcw&fb=outstream-lima&vast_v=2.0&vmfc=8&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame AAAA	41 KB 15 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Fri, 14 Jul 2023 17:15:18 GMT content-encoding gzip x-content-type-options nosniff age 410926 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 13 Jul 2024 17:15:18 GMT
HEAD H/1.1	200 OK	file.mp4 r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AAAA Redirect Chain https://gcdn.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa... https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	173ms 40ms	Fetch video/mp4	2a00:1450:4001:65::8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F543221715C98F5AB2107EE1DB656F117E7CDCC.6FE0C4577C028DC87B8A821C65BBFFC43A26724E/key/cms1/cms_redirect/yes/mh/94/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1689763777/mv/u/mvi/3/pl/36/file/file.mp4 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol HTTP/1.1 Server 2a00:1450:4001:65::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers Date Wed, 19 Jul 2023 11:24:04 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2811537 Last-Modified Mon, 08 May 2023 16:26:50 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Wed, 19 Jul 2023 11:24:04 GMT Redirect headers date Wed, 19 Jul 2023 11:24:04 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 650 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net location https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F543221715C98F5AB2107EE1DB656F117E7CDCC.6FE0C4577C028DC87B8A821C65BBFFC43A26724E/key/cms1/cms_redirect/yes/mh/94/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1689763777/mv/u/mvi/3/pl/36/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://googleads.g.doubleclick.net expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame 41F3	23 KB 8 KB	45ms 40ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 575900 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 7799 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 12 Jul 2023 19:25:44 GMT expires Thu, 11 Jul 2024 19:25:44 GMT last-modified Sun, 25 Jun 2023 02:58:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js Show response pagead2.googlesyndication.com/bg/ Frame 41F3	37 KB 14 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 08:02:33 GMT content-encoding br x-content-type-options nosniff age 12091 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14507 x-xss-protection 0 last-modified Mon, 03 Jul 2023 10:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 18 Jul 2024 08:02:33 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 41F3	0 20 B	77ms 77ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BO-FQ1Me3ZKXjIfCO9fgPk8eJ4AEAAAAAOAHgBAI&bg=!-Pul-6_NAAa3SiIRl0o7ADkAdvg8Wseaz7QdFancViv75HLEnAk3_mYAOcMeGLdv42a3lE86YW0Q5gJRqOlDxN0heCplsRE4oK4CAAAAX1IAAAAIaAEHmQLNlurUwS26rNM2fUGbTYOjQTwXeh6zifabq3jSHfdol9bO5JaCzOuTk66audYpTysHJSXkOln5NOQuKbukYL-QlyZWjjnOBySkgYpEZk7VKXs-ermIYA1SISowEp9nE9OrxrpLvH5tMqYWARfSKcZUllJnP5Q3F_LE7OCUg5fSZyH2gleI9fclKEfcr8dk7SreI-bPthiA3AGN51E1c_FUuGTJbfM-HgGRnE9AfQIQkNiM3g0ejl3HxgOQOQYNpp5BAR895y9ORVwJ4vhVzvEBdUvJ8ZE7kyjXUCTYF3T9dB8LsK8_N-sum6ovURjIlwaWbkrZSUNMyizRFfKqBVksjfzFbsJpZ0d03eLRvpxwZeBqpwsa-Kb0tcJUPU-18TEvk_pDfUhvP73100vhpuuXzhYXwH3Ywdex87koCx8bjndQxzmAQuk6NEUd2ZmQZ08cudo8YCUSlkCu3PkAZ9QW7FR-CfEueOA-yXnqf7eCIqFlsiU09g-wMlIpwuncQQ50A47zd55uaszdgHxeTg8mrUw8KLkmvr6Ssq1BzYI8J0dHzl76hJlPHKqbGqPYUz6VdN3opcXBuYJ3BpqRFmgnRLG7it2HHNDEpZsyWKSYWC0lMTK-gLI5rLLK4HO4vBAaD4BqMsRbu9bgfAIf7K91ALuOImfAbiUvzAC2bKS-_TWS3VbL5YC5parhAF67IXYLNHSItiVEYbFWTcfkmo_8OwAwmJ2ZKjheqJfcTB_dNy49Q6fKObm_s2h5vz8oc43tBir5Om2Y6GBv_Ni15H2snGOguRJLJMH0Wa6WhyHngPX5LG8YT2xCd0IzwcvbQXPsf36ntrcuDNftdMr3E0Y5PzOiXlLZRecrVFpInfOrxnKwc-waIHf0eRGGFLN3H4Pal6RDJpaSSjd7Y3_wKYtfMatdsrtr7nj8Fh0NR4PmVDGwxziNRIb1g2Qao4Rz Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	206	file.mp4 r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AAAA	98 KB 0	86ms 42ms	Media video/mp4	2a00:1450:4001:65::8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r3---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/694a45c9c24c1d2e/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828011254/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F543221715C98F5AB2107EE1DB656F117E7CDCC.6FE0C4577C028DC87B8A821C65BBFFC43A26724E/key/cms1/cms_redirect/yes/mh/94/mip/2a01:4a0:1338:92::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1689763777/mv/u/mvi/3/pl/36/file/file.mp4 Requested by Host: 91btdh.net URL: https://91btdh.net/post/1436.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:65::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://googleads.g.doubleclick.net/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Range bytes=0- Response headers expires Wed, 19 Jul 2023 11:24:05 GMT date Wed, 19 Jul 2023 11:24:05 GMT x-content-type-options nosniff Content-Range bytes 0-2811536/2811537 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2811537 last-modified Mon, 08 May 2023 16:26:50 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://googleads.g.doubleclick.net access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://googleads.g.doubleclick.net client-protocol quic
POST H3	204	csi csi.gstatic.com/ Frame AAAA	0 17 B	47ms 46ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lk9mye88&c=1355930359413&slotId=677965179706.5&qqid=CJKLyKbUmoADFXcQogMdfIMGcw&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=927&mt=video%2Fmp4&vs=640x360&msm=1&aits=18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ct~vil.1q1&ape=1&ple=0&umsem=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jul 2023 11:24:05 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bdimg.share.baidu.com

URL

http://bdimg.share.baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=469378

Domain

www.google.cn

URL

https://www.google.cn/s2/favicons?domain=https://btmirror.neocities.org/

Domain

www.google.cn

URL

https://www.google.cn/s2/favicons?domain=https://katcr.to/