urlscan.io logo urlscan.io
SecurityTrails logo

www.mac-gm.com Open in urlscan Pro
119.96.52.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.mac-gm.com/
Effective URL: https://www.mac-gm.com/index.html
Submission: On November 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 119.96.52.35, located in Wuhan, China and belongs to CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN. The main domain is www.mac-gm.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on September 28th 2023. Valid for: a year.
This is the only time www.mac-gm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 119.96.52.35 58563 (CHINATELE...)
6 2a00:1450:400... 15169 (GOOGLE)
1 47.94.253.28 37963 (ALIBABA-C...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2402:4e00:183... 45090 (TENCENT-N...)
2 103.235.46.191 55967 (BAIDU Bei...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 9
8    119.96.52.35 (Wuhan, China)

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)
www.mac-gm.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    47.94.253.28 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
tianqiapi.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2402:4e00:1830:12fc:0:93c1:d63f:7ba9 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
q1.qlogo.cn
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
3    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
226 KB
8 mac-gm.com
www.mac-gm.com
467 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9830
12 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 qlogo.cn
q1.qlogo.cn — Cisco Umbrella Rank: 148829
38 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
534 B
1 tianqiapi.com
tianqiapi.com
1 KB
22 7
Domain Requested by
8 www.mac-gm.com 1 redirects www.mac-gm.com
6 pagead2.googlesyndication.com www.mac-gm.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 hm.baidu.com tianqiapi.com
1 www.google.com tpc.googlesyndication.com
1 q1.qlogo.cn www.mac-gm.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 tianqiapi.com www.mac-gm.com
22 8

This site contains links to these domains. Also see Links.

Domain
github.com
gitee.com
beian.miit.gov.cn
www.beian.gov.cn
Subject Issuer Validity Valid
mac-gm.com
TrustAsia RSA DV TLS CA G2		 2023-09-28 -
2024-10-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tianqiapi.com
TrustAsia RSA DV TLS CA G2		 2023-04-04 -
2024-04-03		 a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-04-12 -
2024-05-13		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.mac-gm.com/index.html
Frame ID: 507C739B6CCA6734AEBF0EACAB4E61D4
Requests: 14 HTTP requests in this frame

Frame: https://tianqiapi.com/api.php?style=tc&skin=pitaya
Frame ID: 6651B4C0FC29285B9CDD898BEB04FA21
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043337540686196&output=html&adk=1812271804&adf=3025194257&lmt=1662206594&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.mac-gm.com%2Findex.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700826015365&bpp=3&bdt=175&idt=225&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1454360316348&frm=20&pv=2&ga_vid=802647427.1700826016&ga_sid=1700826016&ga_hid=624626218&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079653%2C44807406%2C44807749%2C44807764%2C44808148%2C44808284%2C44809056%2C44809072&oid=2&pvsid=2672187583184205&tmod=610532647&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249
Frame ID: B0664C668E8D016ECFEF78E1AF63CFB2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 41661D03ED19C81C17893B323F518147
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EC6EC74CFD82CCE1CDBD5A76A70FEC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

移花接木

Page URL History Show full URLs

  1. https://www.mac-gm.com/ HTTP 302
    https://www.mac-gm.com/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

22
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

836 kB
Transfer

1341 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.mac-gm.com/ HTTP 302
    https://www.mac-gm.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
www.mac-gm.com/
Redirect Chain
  • https://www.mac-gm.com/
  • https://www.mac-gm.com/index.html
8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mac-gm.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.96.52.35 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
51d87f16aa8e98bc952524c87817fa401de8398849d59495e0250eb1f4978761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 24 Nov 2023 11:40:14 GMT
etag
W/"63134282-21f7"
last-modified
Sat, 03 Sep 2022 12:03:14 GMT
ohc-cache-hit
wh4ct54 [1], bdix239 [1]
server
JSP3/2.0.14
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache-status
MISS

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 11:40:14 GMT
location
https://www.mac-gm.com/index.html
ohc-cache-hit
wh4ct54 [1], xiangyix74 [1]
server
JSP3/2.0.14
strict-transport-security
max-age=31536000
x-cache-status
MISS
FiraCode.css
www.mac-gm.com/css/ 		292 KB
221 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mac-gm.com/css/FiraCode.css
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.96.52.35 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
b78621e06ab76350a9e243e147b6aa38540f75a3655cd700844ec74feba28511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ohc-file-size
298748
date
Fri, 24 Nov 2023 11:40:15 GMT
content-encoding
gzip
ohc-cache-hit
wh4ct54 [1], bdix239 [1]
strict-transport-security
max-age=31536000
last-modified
Tue, 24 Aug 2021 14:01:24 GMT
server
JSP3/2.0.14
etag
W/"6124fbb4-48efc"
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 24 Dec 2023 11:40:15 GMT
nutssss.css
www.mac-gm.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mac-gm.com/css/nutssss.css
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.96.52.35 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
895a18fad4ade650c4f8e4b87f52411a58d8f5035d41cb40860704836022eb74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ohc-file-size
6528
date
Fri, 24 Nov 2023 11:40:15 GMT
content-encoding
gzip
ohc-cache-hit
wh4ct54 [1], xiangyix74 [1]
strict-transport-security
max-age=31536000
last-modified
Fri, 27 Aug 2021 13:57:58 GMT
server
JSP3/2.0.14
etag
W/"6128ef66-1980"
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 24 Dec 2023 11:40:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4043337540686196
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a788153f7e87a3c54c8c45d3be1aab1756f8a381ca27603eeacc1b328dbfdc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mac-gm.com/
Origin
https://www.mac-gm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:40:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52718
x-xss-protection
0
server
cafe
etag
911226668904547562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 11:40:15 GMT
fish.png
www.mac-gm.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mac-gm.com/img/fish.png
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.96.52.35 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 / BCH_WAF
Resource Hash
5cc4c5e3755f824e5a07d3a7886f15b249900c506b4494df75698766bc16d417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ohc-file-size
7220
date
Fri, 24 Nov 2023 11:40:15 GMT
ohc-cache-hit
wh4ct67 [4], suzix225 [4]
last-modified
Tue, 24 Aug 2021 14:01:22 GMT
server
JSP3/2.0.14
age
17646
etag
"6124fbb2-1c34"
x-powered-by
BCH_WAF
x-cache-status
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Tue, 21 Nov 2023 20:09:47 GMT
content-length
7220
expires
Thu, 21 Dec 2023 20:09:47 GMT
002.png
www.mac-gm.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mac-gm.com/img/002.png
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.96.52.35 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 / BCH_WAF
Resource Hash
d07e3d181c8140847fe0b68ad32aff1d3a7a56a95a46a1455b01c92850768ea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ohc-file-size
7661
date
Fri, 24 Nov 2023 11:40:15 GMT
ohc-cache-hit
wh4ct64 [4], suzix133 [2]
last-modified
Tue, 24 Aug 2021 14:01:22 GMT
server
JSP3/2.0.14
age
17646
etag
"6124fbb2-1ded"
x-powered-by
BCH_WAF
x-cache-status
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Tue, 31 Oct 2023 01:47:51 GMT
content-length
7661
expires
Thu, 30 Nov 2023 01:47:51 GMT
ba.png
www.mac-gm.com/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mac-gm.com/img/ba.png
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.96.52.35 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 / BCH_WAF
Resource Hash
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ohc-file-size
19256
date
Fri, 24 Nov 2023 11:40:15 GMT
ohc-cache-hit
wh4ct50 [4], suzix179 [2]
last-modified
Fri, 27 Aug 2021 03:32:49 GMT
server
JSP3/2.0.14
age
17646
etag
"61285ce1-4b38"
x-powered-by
BCH_WAF
x-cache-status
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Fri, 27 Oct 2023 19:33:33 GMT
content-length
19256
expires
Sun, 26 Nov 2023 19:33:33 GMT
api.php
tianqiapi.com/ Frame 6651 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tianqiapi.com/api.php?style=tc&skin=pitaya
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.94.253.28 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
890dc030203529b831d83d0d9564c0d6fb11e8e7c0dccfe8a4674fa2fb75694f

Request headers

Referer
https://www.mac-gm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Nov 2023 11:40:16 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4043337540686196&plah=www.mac-gm.com&bust=31079653
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4043337540686196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f45e63720231531928bc543a7b8296da45c4e4e4a48acc6691614724466ae787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:40:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138529
x-xss-protection
0
server
cafe
etag
10733128686705577382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 11:40:15 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B066 		603 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4043337540686196&output=html&adk=1812271804&adf=3025194257&lmt=1662206594&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.mac-gm.com%2Findex.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700826015365&bpp=3&bdt=175&idt=225&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1454360316348&frm=20&pv=2&ga_vid=802647427.1700826016&ga_sid=1700826016&ga_hid=624626218&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079653%2C44807406%2C44807749%2C44807764%2C44808148%2C44808284%2C44809056%2C44809072&oid=2&pvsid=2672187583184205&tmod=610532647&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4043337540686196&plah=www.mac-gm.com&bust=31079653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mac-gm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 11:40:15 GMT
expires
Fri, 24 Nov 2023 11:40:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bg.jpg
www.mac-gm.com/img/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mac-gm.com/img/bg.jpg
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/css/nutssss.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.96.52.35 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 / BCH_WAF
Resource Hash
b9c3e385aa15714bb92d4963fa3e8031a425d90d9edd4ce2957e3061a3b0b272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/css/nutssss.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ohc-file-size
212078
date
Fri, 24 Nov 2023 11:40:16 GMT
ohc-cache-hit
wh4ct60 [4], bdix211 [2]
last-modified
Tue, 24 Aug 2021 16:58:08 GMT
server
JSP3/2.0.14
age
113966
etag
"61252520-33c6e"
x-powered-by
BCH_WAF
x-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Thu, 26 Oct 2023 06:13:05 GMT
content-length
212078
expires
Sat, 25 Nov 2023 06:13:05 GMT
g
q1.qlogo.cn/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q1.qlogo.cn/g?b=qq&nk=693019470&s=640
Requested by
Host: www.mac-gm.com
URL: https://www.mac-gm.com/css/nutssss.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2402:4e00:1830:12fc:0:93c1:d63f:7ba9 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
NWSs /
Resource Hash
1324a4432e80c1a85be24f3f27717afafcea9996f75a2a56bcf0a2f9650b4f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

X-DataSrc
0
Date
Fri, 24 Nov 2023 11:40:18 GMT
Size
38115
Connection
keep-alive
Content-Length
38115
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Wed, 17 Jun 2020 18:25:42 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Accept,Origin
Content-Type
image/jpeg
X-Delay
18988 us
chid
0
Cache-Control
max-age=2592000
X-BCheck
1592389542_0
X-NWS-LOG-UUID
d920f861-7331-4e91-a5a8-810d9c586ba0
truncated
/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e782567efa244ef1df0da76c2eea03710b40eb9e26d50d91e1546b08a95be9

Request headers

Referer
Origin
https://www.mac-gm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
hm.js
hm.baidu.com/ Frame 6651 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?9c221af010a163bdd2a5ae2cde8b62dc
Requested by
Host: tianqiapi.com
URL: https://tianqiapi.com/api.php?style=tc&skin=pitaya
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
9e0d1f9b5e259fe40c656ef52fd882bcc71f892518a8e921df08936471a28792
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tianqiapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 11:40:17 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
30e8f5bef1027c3e08df130421210760
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11261
hm.gif
hm.baidu.com/ Frame 6651 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=24&et=0&ja=0&ln=en-us&lo=0&rnd=354448838&si=9c221af010a163bdd2a5ae2cde8b62dc&su=https%3A%2F%2Fwww.mac-gm.com%2F&v=1.3.0&lv=1&sn=61698&r=0&ww=350&u=https%3A%2F%2Ftianqiapi.com%2Fapi.php%3Fstyle%3Dtc%26skin%3Dpitaya&tt=%E5%8C%97%E4%BA%AC%E5%A4%A9%E6%B0%94%E9%A2%84%E6%8A%A5%20-%20TianqiAPI.com
Requested by
Host: tianqiapi.com
URL: https://tianqiapi.com/api.php?style=tc&skin=pitaya
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tianqiapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 11:40:18 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4043337540686196&plah=www.mac-gm.com&bust=31079653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e69c5b66970b11e95ae803b9bc4f8e04f24dc72265b6b6c7aa8ce968f2643d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:40:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12266
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4043337540686196&plah=www.mac-gm.com&bust=31079653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 11:40:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4166 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mac-gm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 08:58:25 GMT
expires
Sat, 23 Nov 2024 08:58:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2EC6 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8850ed730f3938713483e64e3d705f0704d6f6367a17107e57406fea96e580d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-umMoMR7fiFOKSqgBaehg1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mac-gm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-umMoMR7fiFOKSqgBaehg1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 11:40:19 GMT
expires
Fri, 24 Nov 2023 11:40:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 4166 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 08:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
9754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 08:57:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2EC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2672187583184205&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4166 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kuV39g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 11:40:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2672187583184205&bg=!U1ClUB_NAAZxrfrxUa07ADQBe5WfONbAcBWgiUjgX5ivpXVcaGTDZI53sUINoPkB1BgSDXt2lyjF_pKU7SZv3b1wfODYAgAAAFNSAAAAA2gBB5kCu_Ta_KWe9NExW6VX2yv6vygCNLD1u8dYxWJMrcF8tKeZBWcnMPNhltMx45yLFeUwqjMzyIWI60hprTDOzXsYLyGj53oZc5JyYnjRMbLklDD4qD_vQrdwvHpzV8nusVAJQn6FFugDBtInpN5978DKunPysxDWaeFenpZSlp13QsXKT3u2WwGi586z3LeiM6TztdzbJI7g5Lu95K48yH0CtTRb_DrSxyUBAkytdyQJha_DdMnfaT8EMjGn9Y7_zb0ET02rRd6njhI2zUMNUuNn19Z3_AzETjAQxeLkZHqVpAKxYQvDr0YnntCAxDJbVZ-JDE2h_kwvl94gTmizYxnL-XWVsmDRLr56Nuzcc_KT8MId-dlUTlTF5CQzPqlXeC6mZftdNravdShM2Bnc62ZwlUUV4A854UvAWO5W6lIWX1cG-o9MOjjm6R9jH-GrInYQa364SpkFjuS_SGRVeCQoPXhiXNEYWKw18XrXN9yPrmucZ2eUR2TgEbC_0S2U0xq6V1cUbD5RrAWvKBFTabApMgJlqW4vffHir8-axbbbRQOMmxen-NcK1-dFOtW5WQWPcNSB_bwIh2OjyV2GGWckZj2rL4m1bM3YG1DHAlFvIIGOhGczZKSnmRzQpVkMadkeR0mbphBpSmpaOdbhTdbLKIUH7qG4nDrWKfDfiEljBDrwgBHYkOVAwCHVvXFt-bg9xME9ctFNH_4Jq1vnkgHLcE8TKVwG85F2OJiBtITcZX8KFxHc3gEThaXcswtf_N9FNVNkf7gKcrC-5y4vN1pzACRtnC-rSJnUF2i42ZCRl-VNtQmuhSdTUyq9tgtnf1WgDfbwLtSLhi82-mFlfe0VhxKeawAP2l1z6KNW9Y4Q-kyEIlj41em89nHOzHGN2qb4nwWF5fOimShudCeroQA29BZ7ii2ovTYLEGt7mg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mac-gm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 1E0D9A0FFFFA1B15

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
hm.baidu.com
pagead2.googlesyndication.com
q1.qlogo.cn
tianqiapi.com
tpc.googlesyndication.com
www.google.com
www.mac-gm.com
103.235.46.191
119.96.52.35
2402:4e00:1830:12fc:0:93c1:d63f:7ba9
2a00:1450:4001:813::2001
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2002
2a00:1450:4001:830::2002
47.94.253.28
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
1324a4432e80c1a85be24f3f27717afafcea9996f75a2a56bcf0a2f9650b4f5a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
51d87f16aa8e98bc952524c87817fa401de8398849d59495e0250eb1f4978761
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5cc4c5e3755f824e5a07d3a7886f15b249900c506b4494df75698766bc16d417
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8850ed730f3938713483e64e3d705f0704d6f6367a17107e57406fea96e580d0
890dc030203529b831d83d0d9564c0d6fb11e8e7c0dccfe8a4674fa2fb75694f
895a18fad4ade650c4f8e4b87f52411a58d8f5035d41cb40860704836022eb74
8a788153f7e87a3c54c8c45d3be1aab1756f8a381ca27603eeacc1b328dbfdc9
9e0d1f9b5e259fe40c656ef52fd882bcc71f892518a8e921df08936471a28792
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513
b78621e06ab76350a9e243e147b6aa38540f75a3655cd700844ec74feba28511
b9c3e385aa15714bb92d4963fa3e8031a425d90d9edd4ce2957e3061a3b0b272
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07e3d181c8140847fe0b68ad32aff1d3a7a56a95a46a1455b01c92850768ea6
e0e782567efa244ef1df0da76c2eea03710b40eb9e26d50d91e1546b08a95be9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69c5b66970b11e95ae803b9bc4f8e04f24dc72265b6b6c7aa8ce968f2643d49
f45e63720231531928bc543a7b8296da45c4e4e4a48acc6691614724466ae787