wolicheng.com Open in urlscan Pro
143.204.98.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wolicheng.com/womic/
Submission: On November 17 via manual (November 17th 2023, 5:28:17 pm UTC) from SA — Scanned from DE

Summary HTTP 85 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 85 HTTP transactions. The main IP is 143.204.98.2, located in United States and belongs to AMAZON-02, US. The main domain is wolicheng.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 22nd 2023. Valid for: a year.

This is the only time wolicheng.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	143.204.98.2 143.204.98.2	16509 (AMAZON-02) (AMAZON-02)
22	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	172.217.23.106 172.217.23.106	() ()
3	172.217.18.3 172.217.18.3	() ()
14	142.250.186.97 142.250.186.97	() ()
3	142.250.184.194 142.250.184.194	() ()
6 13	142.250.186.162 142.250.186.162	() ()
5 9	172.64.151.101 172.64.151.101	() ()
6 8	37.252.172.123 37.252.172.123	() ()
2 4	54.171.253.83 54.171.253.83	() ()
2	172.217.18.6 172.217.18.6	() ()
4	18.239.50.76 18.239.50.76	() ()
1	54.148.135.54 54.148.135.54	() ()
85	15

3 143.204.98.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-2.fra50.r.cloudfront.net

wolicheng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.106 (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.97 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.162 (None, ) 6 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.151.101 (None, ) 5 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.123 (None, ) 6 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.171.253.83 (None, ) 2 redirects

ASN- ()

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.50.76 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.135.54 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com	490 KB
22	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net googleads4.g.doubleclick.net	164 KB
9	adsafeprotected.com 2 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com Failed	201 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com	5 KB
8	adnxs.com 6 redirects ib.adnxs.com	6 KB
3	googletagservices.com www.googletagservices.com	192 KB
3	gstatic.com www.gstatic.com	17 KB
3	wolicheng.com wolicheng.com	34 KB
2	2mdn.net s0.2mdn.net	64 KB
2	googleapis.com fonts.googleapis.com	2 KB
85	10

	Domain	Requested by
22	pagead2.googlesyndication.com	wolicheng.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net wolicheng.com tpc.googlesyndication.com
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com wolicheng.com googleads.g.doubleclick.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
5	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net
4	fw.adsafeprotected.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	wolicheng.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	wolicheng.com	wolicheng.com
2	s0.2mdn.net	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	dt.adsafeprotected.com	googleads.g.doubleclick.net
85	15

This site contains no links.

Subject Issuer	Validity	Valid
*.wolicheng.com Amazon RSA 2048 M01	`2023-06-22` - `2024-07-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://wolicheng.com/womic/
Frame ID: 719BC0AD127AFDBB119A2E02F3897790
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 259DF5AE61F20910A7E94BB26C17BAE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&adk=1812271804&adf=3025194257&lmt=1654514423&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090133&bpp=7&bdt=702&idt=748&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1454033576460&frm=20&pv=2&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=814
Frame ID: 56B3BB7944977C56C69C709EDB7C9ADB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823
Frame ID: 39028BA6C11225288421FC02F9F165D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 84B5F32004C408E450468FF4DC2A3981
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B4639728AB1CDABB1001A7BDB41BAD59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNWnvPYpVaTj7_rirBsvL_NDbyTFtL_y7CuL3aDUVvFcvvNOp91UVPonR2Rl1iFlDxfoUH7vwWkQ8x1ELEPvSbEry5L8uR0Gv-asiOkcmDPNl3MlDDR94AeRPXDn5ioT6UeQg0j5UeuVAl6Fa-C_zAEhUY_cBwJ0GgsxOMFDpe_oN_v909M
Frame ID: AFE5ACC888F79C08E82BA9BD1B4F2C7C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 07B2809BD80501AFFB133E1EEB02B308
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJjmnv4BMAE&v=APEucNUoRcy2Rm_-VxOS_uCE3YTRu4vJE8sKRA_sLhM8lgmjwt7uvUh-EMyuCxhANmHZA5LYqy8R1o9aF0mqTH_lJKNnTesHajGDTrqwyU21ojeAwj70I90bFkLhbWH5H5KW00pY4YcG9e_pUZsVMS_t3PcJnmKZjM3DOvoBDvYBZzRSZHnlz_Q
Frame ID: 85F67D29992B3835175705ED6D73EEDD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2C8284F3B41FFF530E2318820EE8D445
Requests: 23 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: B3AD531690F1D368C75A9AC18AA1CF9E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 827FA155B7EDAD1897AF6F14B3C51DDB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9D32FC8AE1CF45AEEACC80C36A34F280
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B28B90F710188A554106B7DB06D8ED71
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2F00346F9E5D371C7DD29B3F105C754A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 84A940E08FD74266D8992706352E0765
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WO Mic - FREE microphone

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

85
Requests

80 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

15
IPs

1
Countries

1166 kB
Transfer

3300 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&C=1

Request Chain 23

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVeirM-ve2KKW1m25TTC.AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&google_hm=2

Request Chain 24

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAY196k4_fRJDVMBQ12HZPY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1

Request Chain 25

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1

Request Chain 33

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1

Request Chain 34

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVeirVs08JiWgsqatVefpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1

Request Chain 35

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAY196k4_fRJDVMBQ12HZPY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1

Request Chain 36

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1

Request Chain 68

https://fw.adsafeprotected.com/rfw/st/1835641/76534654/4.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6229436692445878&ias_chanId=1&ias_placementId=20785739509&bidurl=https://wolicheng.com/womic/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hZC8EyubLrkXhpqeQJ4tXu&adContainerId=gcc_raJXZbynDfCt9u8Pt5Km-Aw&cbFunctionName=goog_wrapCb_raJXZbynDfCt9u8Pt5Km-Aw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwolicheng.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwolicheng.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-6229436692445878%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:aa13309e-3285-a36f-fe73-7e6bbea1dc77,c:ufBc3b,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-xkpvc,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tVTcyva+11%7C12%7C1311%7C1312%7C1411%7C151*.1835641-76534654%7C1511%7C1512,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:58,oid:afd6f1aa-856e-11ee-a244-8e620040909e,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 70

https://fw.adsafeprotected.com/rfw/st/1835641/76543184/4.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6229436692445878&ias_chanId=1&ias_placementId=20785738786&bidurl=https://wolicheng.com/womic/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iOtmynmIIkAxUiHE2OvisL&adContainerId=gcc_raJXZbq2FY_B9u8P4tuWoAE&cbFunctionName=goog_wrapCb_raJXZbq2FY_B9u8P4tuWoAE&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwolicheng.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwolicheng.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6229436692445878%26output%3Dhtml%26h%3D250%26slotname%3D5578855425%26adk%3D3018308540%26adf%3D4086294085%26pi%3Dt.ma~as.5578855425%26w%3D305%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1654514423%26rafmt%3D1%26format%3D305x250%26url%3Dhttps%253A%252F%252Fwolicheng.com%252Fwomic%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700242090140%26bpp%3D2%26bdt%3D710%26idt%3D815%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D1454033576460%26frm%3D20%26pv%3D1%26ga_vid%3D160120142.1700242091%26ga_sid%3D1700242091%26ga_hid%3D953050206%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1210%26ady%3D159%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079438%252C31079629%252C44785292%252C44809317%252C31078297%252C31079653%252C44807763%252C44808148%252C44808285%252C44809054%26oid%3D2%26pvsid%3D3222328674819663%26tmod%3D1473176165%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D823&adsafe_type=bed&adsafe_jsinfo=,id:be7b440e-2b9f-c04b-3c0f-ed2134e3a187,c:ufBc4e,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-8rhcs,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tVTcywG+11%7C12%7C131*.1835641-76543184%7C1311%7C1312%7C1411%7C1511%7C1512%7C1513,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:29,oid:afd6f119-856e-11ee-9a7b-164fa6b53745,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_raJXZbq2FY_B9u8P4tuWoAE&cbFunctionName=goog_wrapCb_raJXZbq2FY_B9u8P4tuWoAE&true_pb=

85 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wolicheng.com/womic/ 4 KB
2 KB 308ms
100ms Document
text/html 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wolicheng.com/womic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efccd6a0e89d675d1e864774c781d756cfa1d8c899a49b4579b463cea020fd75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31417
content-encoding: br
content-type: text/html
date: Fri, 17 Nov 2023 08:44:33 GMT
etag: W/"954189935cb58824b2e0e616026c8cfb"
last-modified: Mon, 06 Jun 2022 11:20:23 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-amz-cf-id: 4HsznziLpTsbukhDQGXJ7RHxiKgjIHAszMRluJNWtvjZtX3zqEPCDg==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

GET
H2 200 simple.css
wolicheng.com/assets/css/ 6 KB
2 KB 50ms
49ms Stylesheet
text/css 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wolicheng.com/assets/css/simple.css
Requested by: Host: wolicheng.com
URL: https://wolicheng.com/womic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cd12bdc9627d3bc84f7b6eec737b0ed0f9bb1a4fca08a96e77292c077caec24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wolicheng.com/womic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:54:58 GMT
content-encoding: br
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jun 2022 12:12:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 30950
etag: W/"02a4cd3e0909ceb72d3f4f1b26059f91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: -_zT27aa6LBL5pqQH8x93FQ7q8vDScYxPjlMSKFzyJ4SY7do9TLCyg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 658ms
57ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6229436692445878

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7a319bcd059c87cccbea72946cd339ca368275e4b045d3004a9d72d84ae0485d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wolicheng.com/
Origin: https://wolicheng.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53062
x-xss-protection: 0
server: cafe
etag: 15049242510714250837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:10 GMT

GET
H2 200 arch.png
wolicheng.com/womic/images/ 29 KB
30 KB 52ms
51ms Image
image/png 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wolicheng.com/womic/images/arch.png
Requested by: Host: wolicheng.com
URL: https://wolicheng.com/womic/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be80c9f40aec14aae1230925cd3e9d33d99cede7f10dd0c248168a6efe47cb77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wolicheng.com/womic/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:48:45 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified: Sun, 22 Aug 2021 04:07:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 35459
etag: "3cfc753f1ec695abfaf3439b1f2c82ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 30158
x-amz-cf-id: QXNJv2JEdHITQ27Ypydzb-mSutgWk5Yr5GJSYgpPSXGcncXsNqEbNA==

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
136 KB 600ms
123ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6229436692445878&plah=wolicheng.com&bust=31079653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6229436692445878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1e1af4ad9d48ab73ff93cdc14a45c0d23ecf2801fb9be6b1772d8eca4ae8f629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wolicheng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138531
x-xss-protection: 0
server: cafe
etag: 13265447819650777127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:10 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 259D 9 KB
4 KB 401ms
23ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6229436692445878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wolicheng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 07:40:08 GMT
etag: 16674218716276178799
expires: Fri, 01 Dec 2023 07:40:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56B3 224 KB
59 KB 979ms
976ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&adk=1812271804&adf=3025194257&lmt=1654514423&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090133&bpp=7&bdt=702&idt=748&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1454033576460&frm=20&pv=2&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=814

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6229436692445878&plah=wolicheng.com&bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7fb9cd87224770a67700fc7d26c3a180a9cdbd51c6b197dd9baf5a85757f4f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wolicheng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 59705
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:28:11 GMT
expires: Fri, 17 Nov 2023 17:28:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3902 25 KB
10 KB 1869ms
1866ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

09818f7e4920ed62f86610df3b52c0d5b81fa24b59bfa28db5e4bb9dcdd9b90c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wolicheng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:28:12 GMT
expires: Fri, 17 Nov 2023 17:28:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 100ms
100ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js?bust=31079653

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9c419e3ada62ac8a308cf7a6967d866775a2aa78e89dd4c4698db8a429f8f85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wolicheng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55800
x-xss-protection: 0
server: cafe
etag: 15907131197518248745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:12 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 84B5 9 KB
4 KB 194ms
173ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wolicheng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:16:35 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 21:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame B463 9 KB
4 KB 194ms
174ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wolicheng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:16:35 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 21:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 84B5 4 KB
1 KB 989ms
51ms Stylesheet
text/css 172.217.23.106

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 17:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 17:28:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 84B5 205 B
650 B 1119ms
47ms Image
image/png 172.217.18.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 13:09:15 GMT
x-content-type-options: nosniff
age: 15538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Nov 2024 13:09:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 84B5 604 B
697 B 1120ms
48ms Image
image/png 172.217.18.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:46 GMT
x-content-type-options: nosniff
age: 156867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 21:53:46 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 84B5 15 KB
7 KB 1160ms
88ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:42:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 84B5 21 KB
9 KB 1161ms
90ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:53:08 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AFE5 624 B
530 B 81ms
59ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNWnvPYpVaTj7_rirBsvL_NDbyTFtL_y7CuL3aDUVvFcvvNOp91UVPonR2Rl1iFlDxfoUH7vwWkQ8x1ELEPvSbEry5L8uR0Gv-asiOkcmDPNl3MlDDR94AeRPXDn5ioT6UeQg0j5UeuVAl6Fa-C_zAEhUY_cBwJ0GgsxOMFDpe_oN_v909M

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:28:12 GMT
expires: Fri, 17 Nov 2023 17:28:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 07B2 89 KB
31 KB 378ms
356ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:13 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 07B2 3 KB
1 KB 1126ms
78ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 07B2 20 KB
9 KB 1121ms
74ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 07B2 203 KB
64 KB 1192ms
144ms Script
text/javascript 142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:13 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07B2 42 B
110 B 373ms
355ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ds_nQzK-N7WKdUwvno9ENkz-0MvKagoQvTBoMASHKCZUyhM44sHqTkcUwgWkIoNpSvY9_7_PBxtsyyw6vCmjShadp17cA9pF46g0mQQMYzlWrvylk

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07B2 0
121 B 371ms
354ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11447701209873222499&x=1&ct=76

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AFE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&C=1

43 B
438 B

102ms
97ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNWnvPYpVaTj7_rirBsvL_NDbyTFtL_y7CuL3aDUVvFcvvNOp91UVPonR2Rl1iFlDxfoUH7vwWkQ8x1ELEPvSbEry5L8uR0Gv-asiOkcmDPNl3MlDDR94AeRPXDn5ioT6UeQg0j5UeuVAl6Fa-C_zAEhUY_cBwJ0GgsxOMFDpe_oN_v909M
Protocol: H2
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUyKSq9w8iPbF2KDuLSnOXF0jelEua2BleaY6ciDBjKAPXHQ7unG%2FzKHQ%2F5sKQBdACuNDdAI6dCzsctwFArG%2Fh8HykA2h%2F83x6Zg6olgdSAqDMNn5C9IZ8A7OO%2F3T5S59T9aU6LoVCTDEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8279b05959dd5c98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7YgtN50pX4HEynTEq7O6VVV6lryeMWv53F5ELld4mqfhWcKdTNTwSL9SG0CtNf57vIU35nX0Wp4eq1Sp7Njo%2BnL9iq4h2JkLXbP2i2Hu6kTdnLcqjURQrZFvi%2B2bWoXtyRRHgcLREjzeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8279b058f91a5c98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AFE5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVeirM-ve2KKW1m25TTC.AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&google_hm=2

43 B
456 B

78ms
74ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNWnvPYpVaTj7_rirBsvL_NDbyTFtL_y7CuL3aDUVvFcvvNOp91UVPonR2Rl1iFlDxfoUH7vwWkQ8x1ELEPvSbEry5L8uR0Gv-asiOkcmDPNl3MlDDR94AeRPXDn5ioT6UeQg0j5UeuVAl6Fa-C_zAEhUY_cBwJ0GgsxOMFDpe_oN_v909M
Protocol: H2
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVnjzk76vP0H7RNGi8hyJctLK4pqx%2FmfJLoYiBdmuQAPf3ZMl2lE60kO%2Fd%2FXlQUCyphzv83hIHReaf3bE0iDFV2FvqI%2BZj1Q4rKC6BeeduSl2G3YgRhYJqw2gMaheXyf8n8JGcywRiZWTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8279b05a8b265c98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame AFE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAY196k4_fRJDVMBQ12HZPY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1

43 B
897 B

61ms
50ms

Image
image/gif

37.252.172.123

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLCCmf4BMAE&v=APEucNWnvPYpVaTj7_rirBsvL_NDbyTFtL_y7CuL3aDUVvFcvvNOp91UVPonR2Rl1iFlDxfoUH7vwWkQ8x1ELEPvSbEry5L8uR0Gv-asiOkcmDPNl3MlDDR94AeRPXDn5ioT6UeQg0j5UeuVAl6Fa-C_zAEhUY_cBwJ0GgsxOMFDpe_oN_v909M

Protocol

Server

37.252.172.123 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
an-x-request-uuid: 776147b2-ba17-4253-ac64-b90632032aae
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.115.237.162; 176.115.237.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
an-x-request-uuid: 7a716375-70de-4780-8016-362e1abf107e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 176.115.237.162; 176.115.237.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AFE5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1

170 B
232 B

67ms
66ms

Image
image/png

142.250.186.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1

Requested by

Protocol

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
an-x-request-uuid: fdeb6b43-b33e-482b-9b6f-4eac0436d539
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1
x-proxy-origin: 176.115.237.162; 176.115.237.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 85F6 624 B
368 B 62ms
52ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJjmnv4BMAE&v=APEucNUoRcy2Rm_-VxOS_uCE3YTRu4vJE8sKRA_sLhM8lgmjwt7uvUh-EMyuCxhANmHZA5LYqy8R1o9aF0mqTH_lJKNnTesHajGDTrqwyU21ojeAwj70I90bFkLhbWH5H5KW00pY4YcG9e_pUZsVMS_t3PcJnmKZjM3DOvoBDvYBZzRSZHnlz_Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 17:28:12 GMT
expires: Fri, 17 Nov 2023 17:28:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C82 89 KB
31 KB 301ms
293ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:13 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2C82 3 KB
1 KB 942ms
79ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2C82 20 KB
8 KB 937ms
75ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2C82 203 KB
64 KB 1031ms
170ms Script
text/javascript 142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:13 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C82 42 B
107 B 187ms
182ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYSdIjY0J7DyV88vfpA0PSGywuULaMT2qfEXrmAYHUcYyMr84FBxDf0sLO4P0V7SErIf5ksZqonThvHp9jj3pscCXXR8yFFOjfKqX6LWpjVwQDXGw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C82 0
56 B 186ms
181ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16791518865059408468&x=1&ct=76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 85F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1

43 B
327 B

81ms
78ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJjmnv4BMAE&v=APEucNUoRcy2Rm_-VxOS_uCE3YTRu4vJE8sKRA_sLhM8lgmjwt7uvUh-EMyuCxhANmHZA5LYqy8R1o9aF0mqTH_lJKNnTesHajGDTrqwyU21ojeAwj70I90bFkLhbWH5H5KW00pY4YcG9e_pUZsVMS_t3PcJnmKZjM3DOvoBDvYBZzRSZHnlz_Q
Protocol: H2
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdzvn61kHXq0Gd7h5%2Fh60BEdN1AK%2BQ2sCFps28oPWTFgjCz1fs0jlTBnwTEORPhi9zxdDgkkedGfYWEpuAYO3zTY1vpPNwamIGQW%2B%2FRkN35Nc6GnWoA8KiFb2055mKwbQFck9y7fVPRCHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8279b0598a0d5c98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 85F6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVeirVs08JiWgsqatVefpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1

43 B
331 B

76ms
73ms

Image
image/gif

172.64.151.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJjmnv4BMAE&v=APEucNUoRcy2Rm_-VxOS_uCE3YTRu4vJE8sKRA_sLhM8lgmjwt7uvUh-EMyuCxhANmHZA5LYqy8R1o9aF0mqTH_lJKNnTesHajGDTrqwyU21ojeAwj70I90bFkLhbWH5H5KW00pY4YcG9e_pUZsVMS_t3PcJnmKZjM3DOvoBDvYBZzRSZHnlz_Q
Protocol: H2
Server: 172.64.151.101 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmtcABGD78h%2Bm3pe6UBwjN8keJYraDtJEVqLa4KD5vjNsEVGT6%2BVouEXsME9RrwAyi5HFrs15z2MxIWwd%2FCW6ym5u27pPmyy%2BHlMhp16%2Foiaoi0CWSzn80DJ0%2Bn5y15m1%2BHqaLM%2FcN8LUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8279b05a8b275c98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlJVz8pZjE3lbOdLLjmVi8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 85F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAY196k4_fRJDVMBQ12HZPY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1

43 B
897 B

53ms
48ms

Image
image/gif

37.252.172.123

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJjmnv4BMAE&v=APEucNUoRcy2Rm_-VxOS_uCE3YTRu4vJE8sKRA_sLhM8lgmjwt7uvUh-EMyuCxhANmHZA5LYqy8R1o9aF0mqTH_lJKNnTesHajGDTrqwyU21ojeAwj70I90bFkLhbWH5H5KW00pY4YcG9e_pUZsVMS_t3PcJnmKZjM3DOvoBDvYBZzRSZHnlz_Q

Protocol

Server

37.252.172.123 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
an-x-request-uuid: a86c4bf6-d8a5-495d-b4f5-804051915e77
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.115.237.162; 176.115.237.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
an-x-request-uuid: 89c47ea2-08d2-4aaa-83bf-1c73b75fcec6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAY196k4_fRJDVMBQ12HZPY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 176.115.237.162; 176.115.237.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85F6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1

170 B
243 B

147ms
116ms

Image
image/png

142.250.186.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1

Requested by

Protocol

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
an-x-request-uuid: e892b7fc-caff-4408-bf4d-59ffddc7e84a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDM2OTU0ODczNjIzNDc1
x-proxy-origin: 176.115.237.162; 176.115.237.162; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07B2 0
56 B 180ms
124ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9341472214454&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07B2 0
56 B 174ms
134ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9341472214454&version=m202309260101&ct=76&x=1&cor=11447701209873222000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 07B2 95 KB
40 KB 147ms
110ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgH-_UNKwOVyDGlLatpSSfijKJlYORBs-jRXDAK4HqoV45kYfZu-dd_tq0Fqt5pzVxmIIXzASNrhtXFTvPClgx2MJGyq1VNWO9f8oMDQ4qMV5Ce8Mbmu_j-lU9nXw9c9V_Su5RLZTskQC5EldoYYHXhleffW8gTJmJHOYMafKvJqqKTG0&dbm_d=AKAmf-BOe5gvxAhU0-aHqvJWUr4-J3w3voJoO4P9-EA67Yhngn4GYnySsr3BiHoedYSqZ6E2SJ3hP_B4VLat2dFBw11YLbIuhgBkHqAZn13AcYbOtPuA6Lfz5PHnuUUY6ZVMOxfM-RZ36VzlHPHuqgrO1nE4HSJd0yGdA2Lcw9M1YH1pwLy43f7GjXCc_wmJKx1rYlGFuagj2mBa94E7PUk0-7fMVe0HycWBcOGqDVdV6R7Ape2NHGnzO8Ainoz4BM6Z6X0FMvfPCzPUbQynHtObSakpwfol3cWAh8Glf2rMtzLNSzyzZuLCJGyTgKM8_7EGciLuwwEB0XDSnS6d71Dsy3o4YuZaGUiWSj7pcQGxjIMBEq3JKdG-n3O0PRu8eTG7y748W7EVcDYuOWQhytmhstqiMsIr6rMVplV3uCrft8fdkVHGONMagN0hTiq1tVI5xNbfJ8O68twpYgsc1o_56VJpAwZqTr59LX3y65pz-j11sg2DYdsThKWaz6vSQC_W-JngSAVtE2NpX5QC4FTdlNoHOMHbqK0Sfaxk2Z-Uh4KYzG8FnndtZBxReRC-E1B7k_NX_ud0ZBtxJRJHQAqciwHqJnuOnxViYaiggQzdlQC4hE-wOh_pD0D-l3QnoKpvnvz57wu6GP6pA22QxiQ7NdEo5tNvz3KQKvvnqJy3dTCP2NAIThkUhn1ORtSgTNW6nf_s_Cpkf_BJNM75zVyiMIH3-_Wg1A6tCY5Mp7ZWYF7mNnFqufHLcqMHpLQMMSUenMwoVr3wQuBoBCdpOVttHv24eo-45rKTmTO2sgM8gIYH3_hNJmxlArK3lxPBGatHvQTysNxXYq3kLBr2mh6hexlYiCZ4Ewsdcxnm1QPPM4mKnCespc-aXYnUvkO_GdXgCX4E_dVx3EvSJjhTIXSuu7GZQqH7klL0SG7RBnZp85NME0Zx1VKDJwphkrHqcRQ0pjImA2c-LJ6lBWsbiWHS99PaUPzVAwHaSDmsaHeYZQVDRItyhDFNA0ehRjYn0FMqer1Jpw2tZg7PlWTQly0Bc65GSkMMJsXvvXnz7rlmB15O5DymlKe1aDOUx1eel_x5vMe1awCNjT1wKE-7YAVbun0DYfZVFknHbstHZzpTEfSH1V5Y8sQJkrIJjI4fH24c281EVoaqR1LQSNjI0-wWT-07qT1E9OJ2e8jXKwQKFP49weM_K943X83V-LuP-PU1gqWay80M9MAn9sA3LwlCXl9tGPV9IgQu66jrfUL4GUgDQLxRCtIqggrAoj3ZPwRq9hZnkpvmbRw-vDqoN0PzXyi2uxea7airiaa4bJz8GLu8ETzkO6NJ5BJbcfLxqZsJ8Pbu_KjRU5CoE2QH0zJIlAoGZYzHzcoyrq2j1kUMKStzf9TpxtgkhW7M2k3dTHqbaQeoOhIdPBzKtfIMvvZNg4H-qFumE01jBYC2iojQaU4BeKc5hKYaT3uJFBnachE7kqi5soNxxe4_me6so7YRWnpEAV-PKv7b4__7E4jc79d3Qx3YBpIjKlHgjgCZAzp86gWMPfb6pZWjR8xounu9UsX7rpqZQFHRDxCTQdAgpI67YlrPOEunUd55mpmY0ZJTs-phZHA8SwzcQXFjbyMUDqBbquloiu7rS4ZqanZS4r-OkaPvFJbKhhFzqSmEDWZ2QCGfYY6Uka9FCx5Hu_vyEUOckNj4E0AvQZOhz5GCPDUEIGM7t5flqLuvH23NZqO2JF6TyULF9N1jctWqNOL3_JKqTSafiFR7HsecgNcnAOR5dXLcOIYWFGlUYYk6gbsll_0y_VYu7b41JUmDHMOblL2Hbbi93zRwZ0PVTY7vOJE3otA3Oagoy-duEftRmU2Y9cl6l78Qh7y5MhNJC7MMM4yzx--3DCh9vvMUiY5tK_NYbJ6FWFy880LPKN-7i2tW96lQV2_-sVYrBSC15iiBmt_0nTHGyxn0ZUgcYT2nYLWsfkIUWgPir2c9VZ03Lqe87jss0IULkW5RJCpy7ip7XdKHe1fs1a_ZyRpnwOYeMgcXi78112CKih4TxWDogy4FGojVl-G4aPHtprWYRVa3j09IWYbvnBBICY2OyMfHDbkO6l7NL-JUQ0BQa5z1rtXTT41h8LLTX7NiVX9jULxwv4biTcmh8kecewQmEcJXd1Im8iJoJrx1P5e9_XBXoLsuXfOQLmwE0s9hCOWYXNlzd4XBfueA6msB05NUJdzNWhl-BmXidws95s7gou_tEtk9dNSPzOMek_BVhw4JTYJ8Z9pWanljmn2LbIBXfGXpnISZ0BWVjcbBwGyVXRTAgE7DvLXvWrTvCiuaBI7mUnL0HJKomAjyu62DLE63itlvmznpAKLuROTaRaEOxYIsWlYxzxLi_kH53J7ljrMclUdWlN85KXufEVn4qcxcgQEoECyKJGVlM-gC7NkuomSSDh-u_2uIYBFtM70_f_lkAiqexQxAjgr9sWHs5mzbfeyznr2dhveOgQl-ReLoxwv_e491Eosgil-xTJkWSKOXW78PR-YVOfwLF0StzC5mYR9ca7633Zrkf_SlXRGBe9oeXgyQO0dOKjLT7sAdLIOn4PH3fp4MNGOFlf7KAVGcyVT8qH_0GsmqMWBHunUK5HluqqyXU2b7_3WZrdKffXtL1isNZ09WfSTHcsBtjgPyxgqFqC3qoPtBWCtBH1HGk1S4Qb0NhgILBq0NmaxiM_d4uvL8GzIezmcCrRDmaGgsOXq6v638BqeJUUMiag_5e1h-GYPsmP4i5IdWUxwIB1EVP_akmqkEp4oHzWa07btYpffIyMoHR064dkkHYhgEnXyZbAvirTh_7itcNLlade-BYnNeUMHLMwaGZ8rmXgTdPPTH7bjfPStEqgh9-dzQtd9djB1ZFWrapy36_f8Vb6NKEn479NW7fu7OFQ9bxjE433XuBWE4kPR0NjhyDGIy5q-HfPqYyWYiVjyqbC3_HELdWSeXxogFeJcQZWyrVQiU_R29Mms3LeJDZ6K6801_ILWrUlFeq2RKRi1rCJzhD0lVYSo_tzgskJiXRXMCd7OHRaiGCjbnt490bYxY4lNzHQFZEO7nZ8NGJP2o2o2ksOzmnCnUcEZfuDv9hRceTt41SecODl-_JYRp1KpyDKFZUj2sg7vDnaB5VTA5lObjL4taeBsRWrF_5S-NzNzeYEu3MPFycGIA6f5KoToXJJBNIvWCKUdZ4DZJqRfTUThdwca7-njy_Y69zggFD00r7E6kmA-DWtA04tWEORtVcRyAaSbxxKq5LL194SGueiRoKCvKcfM-1vA6BR9qTknYj5UTnHO0AYMqJBgVAsSzuJfnSKyfWIAXR0usxw19_QxdfGoHtGzVHJNKOH4HLz6sCJA9ZcmZxGCm_RSXZ_E8Cmvt7I15OcUe6MxOQpa-WM9WeduULNOvb7vUj0g869DviimGoqyGS1iHjLJgVruP-1b4f-5yAKwTskjFb_YvPXjn3cdyNBEaFnqFXctOpLNq06_ec4uaZgo2B1NUKpkmDHchy9VT3fdZfJGfuJ8pImz-jeCYWW5N17-h-cMukhcZu-yD7Ny_pxjCEor_RTQBADRLEUvnzscn8UOvvqsMy9h441SiqKZwUy2ATDmEEPBObYFQfPNnT6DnYEnA-JPZ0fAfZFZZcFyXrYZjrRmC99QajHTl_hT_-xe3JWxzeRuarnucBngq924tDXxE9m934jRAl-0zFXmvl-7S9ZIn&cid=CAQSTgDICaaNtsB5gRK1r7_GPYwrQbwpuTRdwF7J0UQuX2LXGvd5sEqWIzN3HYb6zTgcSpfiRH-GkpuU8IohRFK_Ch5XCU0rdGw_LcF3oWrx3BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolicheng.com%2F&ds=l&xdt=1&iif=1&cor=11447701209873222000&adk=1761367587&idt=388&cac=0&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40958
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C82 0
56 B 176ms
106ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=281534394693&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C82 0
47 B 166ms
107ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=281534394693&version=m202309260101&ct=76&x=1&cor=16791518865059408000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 2C82 95 KB
40 KB 153ms
98ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzO4QyI_GUVmgO93PC5Qbj1ZWSixNA-w1-3pta-77i3WIrsTF4ZElM-muiHNMtOsw2Wf9HBKvOnibrygjm6tOnhWqBbtES_UFuL5xWGzegp_c00lAsq0YpwQ0U2BTWSm-ByX62TLVsW133zc2wqiXutqFc9XJTiBDpz8Qcc8NYosEhAlo&dbm_d=AKAmf-AXJwVvS7PAGkUjUwIQ59d8bOQ1scIth93eHu-t7RW1M4n1HnbXXpUaKJW4PIANven7FCWb4kxOI8VeSOL06WRzX0bmDLHhEodbbYlbNA9QwkiyBweRcTY0dPG7u_NljlEheT6oy9JcU4XvQjiWRqK_V9K9C7G41jZJn7fWtIKWfHUAtIcPhW-VsjNPyBLvoJiBrx3AuFkewO0qSgeKcqwju5euxaGGA3-ncyWboGx0m_j6O-wqHWokGkHNyAxi7xI1pVNMymbYBh5h7bMJJF2n6BAbJVQeERnAuWKHlUk9MlhnsMNTUdQ2QBm4xSqAqmN-2e5kQFV5OVP1Hv_Oi0FRZY7cIAQiIy49pT6ZZK0YeIQp0fxqOz_N59oQeqXZZjIaW6ofqXl6-xUOPp00RSorAwkb7x3yWiI0247hZbGit7ktnc0uKpzQnTduJ2EeWajF8aO0O93ZdziieUuRuiy1X3dZPbZsyk6R7vYRVtP3oeBx4JdT5fy-rwOQbLS_dZG4fJG9LyWuJz0riL_qHeB7qOiYV8Ma0nLt1P52WPbyQer-QfWyVFYcQrMBQWTjgdW1v4zJ814HxKB-5_hgA6YUviQAbvRTfAK_mCMHkYGY8WAq6i2c0hmGRsk4H4cNGliPgEKXLBNKI9kAip2THZQab6YWbbEx1qTLyjFtJJZ3ZxzhAoow2Enfjkk5TyNXLubxI4sPTdOj01zS4t4IiNylfOfUXSapLxZongVO10HBx9j6lJPmz-na0_AZiu6P0Phvp9eB-OMF-BluGND9fJcjfXnTHZX8rzTRUztlO0htxliYVX318-AIiGm9LG0dOlALnD9pHPwqdVap3_zYFFhzSpMbWtvRbEXOTxhWzdVNQt81VMWLE4FEr7tDiqssulPwr-YRffVpFEMf8utuyMtp5myhuWJXgprpiUVimZbiFZQTWb8aguUghITBp78jHHXYmA3QHofibRafTzYeJuJL76A8Z935YOYgUvMnMiR_Nxq86sDLuosRQumh2Y2P3Ll1cSBNdEopn_0IqJ3e7r6kUKKn7MEHlNla_4tWWyQc4ASE6DluOo5igr7sNgNI9bRBaAM8vO4ABmBCx9eDSqHhznWcWb4W3AeFaE61pJTrUO2G_JkIQx9g5kh8d24QHlaEklM0jnsiO9kISEBK3nfp9gqw0i-4jJOvq81_bcmVXX1GPwdfuZEvKgKHFdi3YHklfg8RcD5-Ps_FxkgnscWtOR616PdV6NV19WQ8ckap3Tnb3VfGtGiv5DxD7n13LvDgUUBTAfNvOE3-Tos9HzsavS6FqfJ8Kd1W68NmaslEfR0VUZ4-08kNJa3_h-idWgObY1vDG-h2kYfDgk5gKuuZsG-YNwiIX5iWhJs3EbEgFWhnR7Q9nOhyfRL6L2MNS6oAZevICCCg0xt9Iefd2T46cjKrKlmuD9C5qLR8kKZm3DpaTAu9TQDg2f2LUHTP5It-M6sdulr94MEn64YswcRwJxjmTKaz0sVMhYbF23ZGjypaJcdv2LCTHog3OapSNYRU0NaD7wy2Wq5KnWDKmdmUQwd0wVnOJqGe3Znj_Qg84VLapA0BdWInYgP3NFfBvXAPNbrXjgfMWCvaa6af6yqLkHF-sBwJPu9gA7JNhL3_Xc7KC7XLBT9c2D2786Am7flSXPpiuRQaFDF8O6V_b67JrdPy0Y2reXZh5o9j2E1mLaApKJs3rvawId0fi_bH4IYr9XFz_LlVH0qf7KEzClTR00W4XZhSQfNQ36AK1KqAIVQJtY_YiUGuFSjlWXpDgm-_2jzKonORw6xnTaoIGQ02MC4wcSlovu7wG-T7gGmYWfz3VW2_-_58ZCIwt_x8pc3O23sqWl4hWoCjOfypDunNduT-NADadMsYaNty2_a4oUr4lTdz4j0iz6VYvvDqbrw-LH3m864pC1-acvnE6QKejZmrNp95k3bYv8J7vFYe4WJNGTV7vA6rNonSxkDx2xEx5miOuTFElidiL0aTRRFqfOPH1uNyCr2Yb1Sl8FgB15fVb4bKM5hQ-Rz6aTi6Iwx4alvQ7ts4Jtc-Z2w8cH15mzHkhUxNMmlmRMPh1mAB4Xab0DirvBImB_9vJ1gF8WptqxqbkHguSyW6Lek4muYw3my4s7NgLv-WF7KjKdPB90tqLOScRcYL4biyA47G7QuR0Xm2InYCQz5zWRW78iFx_UF8n3Xmd1PaFizgtRY7XHSL0Z4INf-ovSg-CqXzuzXA6gU1cda8yGX7f1LOj-0SO-XBDCRrE_O9GAxaVcsAAc0IdVDcPeWD3Z7PpKiGleiG8eXuQo3ldc-tod44kBB16Oh-jrQHQALTDUSUY6ej69MqisAsdUVUrbO0huhPenbdldK9K4uXqphYfthbFn_tAIltXK4cGFI3v84EnKz0tbrlz48NlTHWUgsh_akMGFI9xlOoaoQ96_SoowTzZSl0RETLKFIhqyz17iP4FS0_n_WZ3NnSj27QJVITNxVB3U8MUQP8QN1JB8FBKtVJzhugeN18uodzeWXA4pagQtKsoiq-NLcPPJtnOqzcH5rYS7MQVGBjZ-5IrQpJa0FG_65Shkb7keHMsRTN2-Y2l10Hb6mlYYGj__5juA3lRk9te3KRbzleG8TR3HFAYlFBT0fJHGQHXkpsspVviUG0jNsQWpW8QwdeReIcUC1I9a7CkNqBw7U_SIyab67rrKAfiM-W4KT7eL-ssyW2uYwtIzrhempbvAN_SLVSMIEyi7c3wqj7QfCUqqOKcsXpjpjTGvCBKA8SDxEAl_ASgrKjp00LNFgY9tae958eE4TClOhM2iokxH_aPFjhUUhA0bhfHpOVnwyosTRg0BMscOlcUSZghwxQRulX2t9gEImD1gkjRQfCufcNIX2vUab6E8ZdRML2EKQQ5EAbd0SQVrMg3ezD5uXo3J9cvkzOhxcQgk8YwrBLrC-0uA8w8wSMJ_MClgV0MxTZoxffzmrFqVN3VuFYK6Nv-MRNc0kW97_K3ncYDvic2YLYM1qEDqp5iIhgF__FHALBHQMtKBTT6_tfBmbVbfylY_AWnxg1glE44jG-HQ2SFv0HRuwvIg-jOYRZN3g19IroiwGViAvnvmxfLhkm2DyBIMF9ymM8weedPJM-8fELUin-oLaiVndF6Gq37BxRK2Zl40T_tbBryTG0DD41V4FfVsyyBQRjaFG7oRXbGJeRjrx9ROuZc1cGZXH6wQVWdb54Np04PKZ4H4m-Ed2TgobyotLfm3XsU_Q4NavG1C3eoR8aaYwT0vCOHfdRsV0ygt_lK80ZmuWEjexItVil4COtga6mURU51vH6wjMJNrcTumNFwYg61TdYxs6oQv3KMbx6AWN8pxfxRtqsGjYvy7qEjXwhpVNXZcElaF4OPT48CwOPGOr6mM33qzAX638_6mpEwzbOqY2XVXHqyko2h1CrqxnmxGwo3dnNXtAJtMQUOfCCR_7mo6OVeOmA6FOY_Ed3dg&cid=CAQSTwDICaaN3OnwHUmGwZlprLf-FZUWiU8KU5fHc8T0_CzQPksd6hT7hLPUG4CVa9YxKRrwcUEFffNefd-6ImYKPnWIz7zVZ32pnBImRPO99E4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolicheng.com%2F&ds=l&xdt=1&iif=1&cor=16791518865059408000&adk=2124396030&idt=304&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40739
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js
fw.adsafeprotected.com/rjss/st/1835641/76543184/ Frame 2C82 254 KB
76 KB 297ms
96ms Script
application/javascript 54.171.253.83

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1835641/76543184/skeleton.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6229436692445878&ias_chanId=1&ias_placementId=20785738786&bidurl=https://wolicheng.com/womic/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iOtmynmIIkAxUiHE2OvisL
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzO4QyI_GUVmgO93PC5Qbj1ZWSixNA-w1-3pta-77i3WIrsTF4ZElM-muiHNMtOsw2Wf9HBKvOnibrygjm6tOnhWqBbtES_UFuL5xWGzegp_c00lAsq0YpwQ0U2BTWSm-ByX62TLVsW133zc2wqiXutqFc9XJTiBDpz8Qcc8NYosEhAlo&dbm_d=AKAmf-AXJwVvS7PAGkUjUwIQ59d8bOQ1scIth93eHu-t7RW1M4n1HnbXXpUaKJW4PIANven7FCWb4kxOI8VeSOL06WRzX0bmDLHhEodbbYlbNA9QwkiyBweRcTY0dPG7u_NljlEheT6oy9JcU4XvQjiWRqK_V9K9C7G41jZJn7fWtIKWfHUAtIcPhW-VsjNPyBLvoJiBrx3AuFkewO0qSgeKcqwju5euxaGGA3-ncyWboGx0m_j6O-wqHWokGkHNyAxi7xI1pVNMymbYBh5h7bMJJF2n6BAbJVQeERnAuWKHlUk9MlhnsMNTUdQ2QBm4xSqAqmN-2e5kQFV5OVP1Hv_Oi0FRZY7cIAQiIy49pT6ZZK0YeIQp0fxqOz_N59oQeqXZZjIaW6ofqXl6-xUOPp00RSorAwkb7x3yWiI0247hZbGit7ktnc0uKpzQnTduJ2EeWajF8aO0O93ZdziieUuRuiy1X3dZPbZsyk6R7vYRVtP3oeBx4JdT5fy-rwOQbLS_dZG4fJG9LyWuJz0riL_qHeB7qOiYV8Ma0nLt1P52WPbyQer-QfWyVFYcQrMBQWTjgdW1v4zJ814HxKB-5_hgA6YUviQAbvRTfAK_mCMHkYGY8WAq6i2c0hmGRsk4H4cNGliPgEKXLBNKI9kAip2THZQab6YWbbEx1qTLyjFtJJZ3ZxzhAoow2Enfjkk5TyNXLubxI4sPTdOj01zS4t4IiNylfOfUXSapLxZongVO10HBx9j6lJPmz-na0_AZiu6P0Phvp9eB-OMF-BluGND9fJcjfXnTHZX8rzTRUztlO0htxliYVX318-AIiGm9LG0dOlALnD9pHPwqdVap3_zYFFhzSpMbWtvRbEXOTxhWzdVNQt81VMWLE4FEr7tDiqssulPwr-YRffVpFEMf8utuyMtp5myhuWJXgprpiUVimZbiFZQTWb8aguUghITBp78jHHXYmA3QHofibRafTzYeJuJL76A8Z935YOYgUvMnMiR_Nxq86sDLuosRQumh2Y2P3Ll1cSBNdEopn_0IqJ3e7r6kUKKn7MEHlNla_4tWWyQc4ASE6DluOo5igr7sNgNI9bRBaAM8vO4ABmBCx9eDSqHhznWcWb4W3AeFaE61pJTrUO2G_JkIQx9g5kh8d24QHlaEklM0jnsiO9kISEBK3nfp9gqw0i-4jJOvq81_bcmVXX1GPwdfuZEvKgKHFdi3YHklfg8RcD5-Ps_FxkgnscWtOR616PdV6NV19WQ8ckap3Tnb3VfGtGiv5DxD7n13LvDgUUBTAfNvOE3-Tos9HzsavS6FqfJ8Kd1W68NmaslEfR0VUZ4-08kNJa3_h-idWgObY1vDG-h2kYfDgk5gKuuZsG-YNwiIX5iWhJs3EbEgFWhnR7Q9nOhyfRL6L2MNS6oAZevICCCg0xt9Iefd2T46cjKrKlmuD9C5qLR8kKZm3DpaTAu9TQDg2f2LUHTP5It-M6sdulr94MEn64YswcRwJxjmTKaz0sVMhYbF23ZGjypaJcdv2LCTHog3OapSNYRU0NaD7wy2Wq5KnWDKmdmUQwd0wVnOJqGe3Znj_Qg84VLapA0BdWInYgP3NFfBvXAPNbrXjgfMWCvaa6af6yqLkHF-sBwJPu9gA7JNhL3_Xc7KC7XLBT9c2D2786Am7flSXPpiuRQaFDF8O6V_b67JrdPy0Y2reXZh5o9j2E1mLaApKJs3rvawId0fi_bH4IYr9XFz_LlVH0qf7KEzClTR00W4XZhSQfNQ36AK1KqAIVQJtY_YiUGuFSjlWXpDgm-_2jzKonORw6xnTaoIGQ02MC4wcSlovu7wG-T7gGmYWfz3VW2_-_58ZCIwt_x8pc3O23sqWl4hWoCjOfypDunNduT-NADadMsYaNty2_a4oUr4lTdz4j0iz6VYvvDqbrw-LH3m864pC1-acvnE6QKejZmrNp95k3bYv8J7vFYe4WJNGTV7vA6rNonSxkDx2xEx5miOuTFElidiL0aTRRFqfOPH1uNyCr2Yb1Sl8FgB15fVb4bKM5hQ-Rz6aTi6Iwx4alvQ7ts4Jtc-Z2w8cH15mzHkhUxNMmlmRMPh1mAB4Xab0DirvBImB_9vJ1gF8WptqxqbkHguSyW6Lek4muYw3my4s7NgLv-WF7KjKdPB90tqLOScRcYL4biyA47G7QuR0Xm2InYCQz5zWRW78iFx_UF8n3Xmd1PaFizgtRY7XHSL0Z4INf-ovSg-CqXzuzXA6gU1cda8yGX7f1LOj-0SO-XBDCRrE_O9GAxaVcsAAc0IdVDcPeWD3Z7PpKiGleiG8eXuQo3ldc-tod44kBB16Oh-jrQHQALTDUSUY6ej69MqisAsdUVUrbO0huhPenbdldK9K4uXqphYfthbFn_tAIltXK4cGFI3v84EnKz0tbrlz48NlTHWUgsh_akMGFI9xlOoaoQ96_SoowTzZSl0RETLKFIhqyz17iP4FS0_n_WZ3NnSj27QJVITNxVB3U8MUQP8QN1JB8FBKtVJzhugeN18uodzeWXA4pagQtKsoiq-NLcPPJtnOqzcH5rYS7MQVGBjZ-5IrQpJa0FG_65Shkb7keHMsRTN2-Y2l10Hb6mlYYGj__5juA3lRk9te3KRbzleG8TR3HFAYlFBT0fJHGQHXkpsspVviUG0jNsQWpW8QwdeReIcUC1I9a7CkNqBw7U_SIyab67rrKAfiM-W4KT7eL-ssyW2uYwtIzrhempbvAN_SLVSMIEyi7c3wqj7QfCUqqOKcsXpjpjTGvCBKA8SDxEAl_ASgrKjp00LNFgY9tae958eE4TClOhM2iokxH_aPFjhUUhA0bhfHpOVnwyosTRg0BMscOlcUSZghwxQRulX2t9gEImD1gkjRQfCufcNIX2vUab6E8ZdRML2EKQQ5EAbd0SQVrMg3ezD5uXo3J9cvkzOhxcQgk8YwrBLrC-0uA8w8wSMJ_MClgV0MxTZoxffzmrFqVN3VuFYK6Nv-MRNc0kW97_K3ncYDvic2YLYM1qEDqp5iIhgF__FHALBHQMtKBTT6_tfBmbVbfylY_AWnxg1glE44jG-HQ2SFv0HRuwvIg-jOYRZN3g19IroiwGViAvnvmxfLhkm2DyBIMF9ymM8weedPJM-8fELUin-oLaiVndF6Gq37BxRK2Zl40T_tbBryTG0DD41V4FfVsyyBQRjaFG7oRXbGJeRjrx9ROuZc1cGZXH6wQVWdb54Np04PKZ4H4m-Ed2TgobyotLfm3XsU_Q4NavG1C3eoR8aaYwT0vCOHfdRsV0ygt_lK80ZmuWEjexItVil4COtga6mURU51vH6wjMJNrcTumNFwYg61TdYxs6oQv3KMbx6AWN8pxfxRtqsGjYvy7qEjXwhpVNXZcElaF4OPT48CwOPGOr6mM33qzAX638_6mpEwzbOqY2XVXHqyko2h1CrqxnmxGwo3dnNXtAJtMQUOfCCR_7mo6OVeOmA6FOY_Ed3dg&cid=CAQSTwDICaaN3OnwHUmGwZlprLf-FZUWiU8KU5fHc8T0_CzQPksd6hT7hLPUG4CVa9YxKRrwcUEFffNefd-6ImYKPnWIz7zVZ32pnBImRPO99E4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolicheng.com%2F&ds=l&xdt=1&iif=1&cor=16791518865059408000&adk=2124396030&idt=304&cac=0&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.253.83 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2C82 31 KB
12 KB 70ms
69ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzO4QyI_GUVmgO93PC5Qbj1ZWSixNA-w1-3pta-77i3WIrsTF4ZElM-muiHNMtOsw2Wf9HBKvOnibrygjm6tOnhWqBbtES_UFuL5xWGzegp_c00lAsq0YpwQ0U2BTWSm-ByX62TLVsW133zc2wqiXutqFc9XJTiBDpz8Qcc8NYosEhAlo&dbm_d=AKAmf-AXJwVvS7PAGkUjUwIQ59d8bOQ1scIth93eHu-t7RW1M4n1HnbXXpUaKJW4PIANven7FCWb4kxOI8VeSOL06WRzX0bmDLHhEodbbYlbNA9QwkiyBweRcTY0dPG7u_NljlEheT6oy9JcU4XvQjiWRqK_V9K9C7G41jZJn7fWtIKWfHUAtIcPhW-VsjNPyBLvoJiBrx3AuFkewO0qSgeKcqwju5euxaGGA3-ncyWboGx0m_j6O-wqHWokGkHNyAxi7xI1pVNMymbYBh5h7bMJJF2n6BAbJVQeERnAuWKHlUk9MlhnsMNTUdQ2QBm4xSqAqmN-2e5kQFV5OVP1Hv_Oi0FRZY7cIAQiIy49pT6ZZK0YeIQp0fxqOz_N59oQeqXZZjIaW6ofqXl6-xUOPp00RSorAwkb7x3yWiI0247hZbGit7ktnc0uKpzQnTduJ2EeWajF8aO0O93ZdziieUuRuiy1X3dZPbZsyk6R7vYRVtP3oeBx4JdT5fy-rwOQbLS_dZG4fJG9LyWuJz0riL_qHeB7qOiYV8Ma0nLt1P52WPbyQer-QfWyVFYcQrMBQWTjgdW1v4zJ814HxKB-5_hgA6YUviQAbvRTfAK_mCMHkYGY8WAq6i2c0hmGRsk4H4cNGliPgEKXLBNKI9kAip2THZQab6YWbbEx1qTLyjFtJJZ3ZxzhAoow2Enfjkk5TyNXLubxI4sPTdOj01zS4t4IiNylfOfUXSapLxZongVO10HBx9j6lJPmz-na0_AZiu6P0Phvp9eB-OMF-BluGND9fJcjfXnTHZX8rzTRUztlO0htxliYVX318-AIiGm9LG0dOlALnD9pHPwqdVap3_zYFFhzSpMbWtvRbEXOTxhWzdVNQt81VMWLE4FEr7tDiqssulPwr-YRffVpFEMf8utuyMtp5myhuWJXgprpiUVimZbiFZQTWb8aguUghITBp78jHHXYmA3QHofibRafTzYeJuJL76A8Z935YOYgUvMnMiR_Nxq86sDLuosRQumh2Y2P3Ll1cSBNdEopn_0IqJ3e7r6kUKKn7MEHlNla_4tWWyQc4ASE6DluOo5igr7sNgNI9bRBaAM8vO4ABmBCx9eDSqHhznWcWb4W3AeFaE61pJTrUO2G_JkIQx9g5kh8d24QHlaEklM0jnsiO9kISEBK3nfp9gqw0i-4jJOvq81_bcmVXX1GPwdfuZEvKgKHFdi3YHklfg8RcD5-Ps_FxkgnscWtOR616PdV6NV19WQ8ckap3Tnb3VfGtGiv5DxD7n13LvDgUUBTAfNvOE3-Tos9HzsavS6FqfJ8Kd1W68NmaslEfR0VUZ4-08kNJa3_h-idWgObY1vDG-h2kYfDgk5gKuuZsG-YNwiIX5iWhJs3EbEgFWhnR7Q9nOhyfRL6L2MNS6oAZevICCCg0xt9Iefd2T46cjKrKlmuD9C5qLR8kKZm3DpaTAu9TQDg2f2LUHTP5It-M6sdulr94MEn64YswcRwJxjmTKaz0sVMhYbF23ZGjypaJcdv2LCTHog3OapSNYRU0NaD7wy2Wq5KnWDKmdmUQwd0wVnOJqGe3Znj_Qg84VLapA0BdWInYgP3NFfBvXAPNbrXjgfMWCvaa6af6yqLkHF-sBwJPu9gA7JNhL3_Xc7KC7XLBT9c2D2786Am7flSXPpiuRQaFDF8O6V_b67JrdPy0Y2reXZh5o9j2E1mLaApKJs3rvawId0fi_bH4IYr9XFz_LlVH0qf7KEzClTR00W4XZhSQfNQ36AK1KqAIVQJtY_YiUGuFSjlWXpDgm-_2jzKonORw6xnTaoIGQ02MC4wcSlovu7wG-T7gGmYWfz3VW2_-_58ZCIwt_x8pc3O23sqWl4hWoCjOfypDunNduT-NADadMsYaNty2_a4oUr4lTdz4j0iz6VYvvDqbrw-LH3m864pC1-acvnE6QKejZmrNp95k3bYv8J7vFYe4WJNGTV7vA6rNonSxkDx2xEx5miOuTFElidiL0aTRRFqfOPH1uNyCr2Yb1Sl8FgB15fVb4bKM5hQ-Rz6aTi6Iwx4alvQ7ts4Jtc-Z2w8cH15mzHkhUxNMmlmRMPh1mAB4Xab0DirvBImB_9vJ1gF8WptqxqbkHguSyW6Lek4muYw3my4s7NgLv-WF7KjKdPB90tqLOScRcYL4biyA47G7QuR0Xm2InYCQz5zWRW78iFx_UF8n3Xmd1PaFizgtRY7XHSL0Z4INf-ovSg-CqXzuzXA6gU1cda8yGX7f1LOj-0SO-XBDCRrE_O9GAxaVcsAAc0IdVDcPeWD3Z7PpKiGleiG8eXuQo3ldc-tod44kBB16Oh-jrQHQALTDUSUY6ej69MqisAsdUVUrbO0huhPenbdldK9K4uXqphYfthbFn_tAIltXK4cGFI3v84EnKz0tbrlz48NlTHWUgsh_akMGFI9xlOoaoQ96_SoowTzZSl0RETLKFIhqyz17iP4FS0_n_WZ3NnSj27QJVITNxVB3U8MUQP8QN1JB8FBKtVJzhugeN18uodzeWXA4pagQtKsoiq-NLcPPJtnOqzcH5rYS7MQVGBjZ-5IrQpJa0FG_65Shkb7keHMsRTN2-Y2l10Hb6mlYYGj__5juA3lRk9te3KRbzleG8TR3HFAYlFBT0fJHGQHXkpsspVviUG0jNsQWpW8QwdeReIcUC1I9a7CkNqBw7U_SIyab67rrKAfiM-W4KT7eL-ssyW2uYwtIzrhempbvAN_SLVSMIEyi7c3wqj7QfCUqqOKcsXpjpjTGvCBKA8SDxEAl_ASgrKjp00LNFgY9tae958eE4TClOhM2iokxH_aPFjhUUhA0bhfHpOVnwyosTRg0BMscOlcUSZghwxQRulX2t9gEImD1gkjRQfCufcNIX2vUab6E8ZdRML2EKQQ5EAbd0SQVrMg3ezD5uXo3J9cvkzOhxcQgk8YwrBLrC-0uA8w8wSMJ_MClgV0MxTZoxffzmrFqVN3VuFYK6Nv-MRNc0kW97_K3ncYDvic2YLYM1qEDqp5iIhgF__FHALBHQMtKBTT6_tfBmbVbfylY_AWnxg1glE44jG-HQ2SFv0HRuwvIg-jOYRZN3g19IroiwGViAvnvmxfLhkm2DyBIMF9ymM8weedPJM-8fELUin-oLaiVndF6Gq37BxRK2Zl40T_tbBryTG0DD41V4FfVsyyBQRjaFG7oRXbGJeRjrx9ROuZc1cGZXH6wQVWdb54Np04PKZ4H4m-Ed2TgobyotLfm3XsU_Q4NavG1C3eoR8aaYwT0vCOHfdRsV0ygt_lK80ZmuWEjexItVil4COtga6mURU51vH6wjMJNrcTumNFwYg61TdYxs6oQv3KMbx6AWN8pxfxRtqsGjYvy7qEjXwhpVNXZcElaF4OPT48CwOPGOr6mM33qzAX638_6mpEwzbOqY2XVXHqyko2h1CrqxnmxGwo3dnNXtAJtMQUOfCCR_7mo6OVeOmA6FOY_Ed3dg&cid=CAQSTwDICaaN3OnwHUmGwZlprLf-FZUWiU8KU5fHc8T0_CzQPksd6hT7hLPUG4CVa9YxKRrwcUEFffNefd-6ImYKPnWIz7zVZ32pnBImRPO99E4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolicheng.com%2F&ds=l&xdt=1&iif=1&cor=16791518865059408000&adk=2124396030&idt=304&cac=0&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:49:49 GMT

GET
H2 200 omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2C82 11 KB
4 KB 70ms
69ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:35:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C82 0
0 102ms
82ms Fetch
image/gif 142.250.186.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz0ckziQArDoICYuejpbl0T1pgX7uG1MbmTvjsP_bZrVVgNbE6SfT0DPivAUOjRy-bE1agbQL-1ki4iaTDQYN7MCtuPxODXs-MtmQVCgQL_NnfdMh1jBFO3bFzeZvxtDnHbp2abzzJAZeX7pZv70HebELbrZ1mvbmYVBb2Edi1WL9KULD2-EAt2tLfhUHQ2pM0cBwfOxUUTO8Z5a6Lo8kReANXpdtlKPrjQcN7X7dDMSq7z5muwzNn1Q42JncffAckO-4qkIRzcgjiKdZ9HtCQ5MImbKGostm3VXX1dajh4EUtCeJB8Q6MFBHLgupTHngzE_2O0Kj6K5DLpNszf12VhvB90K0ETp-Tc_BNwk1vciIRrp9SL3eAVE7Z9kfSnyRarcBfH8WoW_w0sHvrhCuN--REO1ygMGTiPwXdi-tsFzthkt900PcNFljHKb9z5IszKKiSrbZSz6Wr8Gxh0POUyUAI_Qp81vwoTTYTgb8m_z5iHy7VMXLxtVLDYK33eZQmRiJUJr7EcTUB2BhhtAQ7RQgieiX3Ge2iRNhq57dQFyLkmVPR80dVfBiCSHr3SMoty-RBwpU_jhhw5t3_8hZ-gZNL3BagGedVRHGApWN_0coNk2irCP8rejkynZ8hB6vznhzGNth9GnQKpsyruvHMNeqX5srm0K414Xkh2duoq5GWi8Jj4mlaBbyRXxWUaky-PgSqQnenyROMwiD6E4zK8n4LjqC7otwqh1KXHmTRfIXupC06pF0jaY8ndBf09s4aq2clc_lGLJzS0jFcE_Bhx5ipzaBbGY-0SxNMBE1XohJRyXQAjMoe2gelHc64bZ3LOqmpwFgRgjYFpFPEWskgvM635rrO7vy6ZJL1UEhV-zhKYDkYEKChje_23R3JfmailngDRq0LbSjqQoV_77iIEGgT8AuXHvmabL5PFW6YBoVlb41cU8QgkzxSNGQcs0lsEjei6ipWrDVlAWj7Im9Y8IciU0HnyPW01i_Xd_ocHLpQNqcWgEpYKVsJ3sqK83kMqhBcOjEv74rMMnTmcynGFbKBNVt-_cYzkoELipuLdvvbqrvgGd_nPZ3j4ZVw-Qf-AS6-GfLOpVOv09D8dGVzkbpM6f6JnkVQIZ6u9THSYkbG9UZHJ2FABqlsIY-teX58g9bdsP8NHws3d56veUw5YgV0yQQi11-riVcyCeos9BV8hoo9zwl5457rjkn99_yKMKaFrGWyW2ufz0Q-GY8N4OtJHUxVkiXpU5jym6xRNOC1him97TpAfslfNzfPCBSHILeSHNgvnmqYztnCcD8empVcrD1TRok95Cb_J28Lax9IEAgC&sai=AMfl-YS2agoaMdR8ffxfMFYuyT-lIUH_BSuS_kh9dbClrA2tETG610ycy_qtTGUnbA9JtEEI-xR8ytkNAmnKrcVkGfcTs5pxyOC5C4K7qe5sFwcTGwbIqN7s0Vf5W4da7DH0h3cR9bXb-c4So0BuNh_SBH1FRjUZKg-R3nYzPHaaJijVCHoYNVrJbhGPqTmzqvtt94ykYJuo-Gd5TQyexG8lbzypjO_m2fs0kuOAoREwrC2TIw_ahtyrlk4zfkGYjs4CoGdsDX93Sg3v7z2_yDY7nMh0KUUgQUAfsi9izHZd1g&sig=Cg0ArKJSzMjIBWHmJYkBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.04116&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2C82 41 KB
14 KB 277ms
91ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:44:44 GMT

GET
H2 200 11131969456750924027
s0.2mdn.net/simgad/ Frame 2C82 34 KB
35 KB 478ms
26ms Image
image/jpeg 172.217.18.6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11131969456750924027

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 11:00:11 GMT
x-content-type-options: nosniff
age: 109683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34868
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 16:59:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 11:00:11 GMT

GET
H2 200 skeleton.js
fw.adsafeprotected.com/rjss/st/1835641/76534654/ Frame 07B2 254 KB
76 KB 238ms
93ms Script
application/javascript 54.171.253.83

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1835641/76534654/skeleton.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6229436692445878&ias_chanId=1&ias_placementId=20785739509&bidurl=https://wolicheng.com/womic/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hZC8EyubLrkXhpqeQJ4tXu
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgH-_UNKwOVyDGlLatpSSfijKJlYORBs-jRXDAK4HqoV45kYfZu-dd_tq0Fqt5pzVxmIIXzASNrhtXFTvPClgx2MJGyq1VNWO9f8oMDQ4qMV5Ce8Mbmu_j-lU9nXw9c9V_Su5RLZTskQC5EldoYYHXhleffW8gTJmJHOYMafKvJqqKTG0&dbm_d=AKAmf-BOe5gvxAhU0-aHqvJWUr4-J3w3voJoO4P9-EA67Yhngn4GYnySsr3BiHoedYSqZ6E2SJ3hP_B4VLat2dFBw11YLbIuhgBkHqAZn13AcYbOtPuA6Lfz5PHnuUUY6ZVMOxfM-RZ36VzlHPHuqgrO1nE4HSJd0yGdA2Lcw9M1YH1pwLy43f7GjXCc_wmJKx1rYlGFuagj2mBa94E7PUk0-7fMVe0HycWBcOGqDVdV6R7Ape2NHGnzO8Ainoz4BM6Z6X0FMvfPCzPUbQynHtObSakpwfol3cWAh8Glf2rMtzLNSzyzZuLCJGyTgKM8_7EGciLuwwEB0XDSnS6d71Dsy3o4YuZaGUiWSj7pcQGxjIMBEq3JKdG-n3O0PRu8eTG7y748W7EVcDYuOWQhytmhstqiMsIr6rMVplV3uCrft8fdkVHGONMagN0hTiq1tVI5xNbfJ8O68twpYgsc1o_56VJpAwZqTr59LX3y65pz-j11sg2DYdsThKWaz6vSQC_W-JngSAVtE2NpX5QC4FTdlNoHOMHbqK0Sfaxk2Z-Uh4KYzG8FnndtZBxReRC-E1B7k_NX_ud0ZBtxJRJHQAqciwHqJnuOnxViYaiggQzdlQC4hE-wOh_pD0D-l3QnoKpvnvz57wu6GP6pA22QxiQ7NdEo5tNvz3KQKvvnqJy3dTCP2NAIThkUhn1ORtSgTNW6nf_s_Cpkf_BJNM75zVyiMIH3-_Wg1A6tCY5Mp7ZWYF7mNnFqufHLcqMHpLQMMSUenMwoVr3wQuBoBCdpOVttHv24eo-45rKTmTO2sgM8gIYH3_hNJmxlArK3lxPBGatHvQTysNxXYq3kLBr2mh6hexlYiCZ4Ewsdcxnm1QPPM4mKnCespc-aXYnUvkO_GdXgCX4E_dVx3EvSJjhTIXSuu7GZQqH7klL0SG7RBnZp85NME0Zx1VKDJwphkrHqcRQ0pjImA2c-LJ6lBWsbiWHS99PaUPzVAwHaSDmsaHeYZQVDRItyhDFNA0ehRjYn0FMqer1Jpw2tZg7PlWTQly0Bc65GSkMMJsXvvXnz7rlmB15O5DymlKe1aDOUx1eel_x5vMe1awCNjT1wKE-7YAVbun0DYfZVFknHbstHZzpTEfSH1V5Y8sQJkrIJjI4fH24c281EVoaqR1LQSNjI0-wWT-07qT1E9OJ2e8jXKwQKFP49weM_K943X83V-LuP-PU1gqWay80M9MAn9sA3LwlCXl9tGPV9IgQu66jrfUL4GUgDQLxRCtIqggrAoj3ZPwRq9hZnkpvmbRw-vDqoN0PzXyi2uxea7airiaa4bJz8GLu8ETzkO6NJ5BJbcfLxqZsJ8Pbu_KjRU5CoE2QH0zJIlAoGZYzHzcoyrq2j1kUMKStzf9TpxtgkhW7M2k3dTHqbaQeoOhIdPBzKtfIMvvZNg4H-qFumE01jBYC2iojQaU4BeKc5hKYaT3uJFBnachE7kqi5soNxxe4_me6so7YRWnpEAV-PKv7b4__7E4jc79d3Qx3YBpIjKlHgjgCZAzp86gWMPfb6pZWjR8xounu9UsX7rpqZQFHRDxCTQdAgpI67YlrPOEunUd55mpmY0ZJTs-phZHA8SwzcQXFjbyMUDqBbquloiu7rS4ZqanZS4r-OkaPvFJbKhhFzqSmEDWZ2QCGfYY6Uka9FCx5Hu_vyEUOckNj4E0AvQZOhz5GCPDUEIGM7t5flqLuvH23NZqO2JF6TyULF9N1jctWqNOL3_JKqTSafiFR7HsecgNcnAOR5dXLcOIYWFGlUYYk6gbsll_0y_VYu7b41JUmDHMOblL2Hbbi93zRwZ0PVTY7vOJE3otA3Oagoy-duEftRmU2Y9cl6l78Qh7y5MhNJC7MMM4yzx--3DCh9vvMUiY5tK_NYbJ6FWFy880LPKN-7i2tW96lQV2_-sVYrBSC15iiBmt_0nTHGyxn0ZUgcYT2nYLWsfkIUWgPir2c9VZ03Lqe87jss0IULkW5RJCpy7ip7XdKHe1fs1a_ZyRpnwOYeMgcXi78112CKih4TxWDogy4FGojVl-G4aPHtprWYRVa3j09IWYbvnBBICY2OyMfHDbkO6l7NL-JUQ0BQa5z1rtXTT41h8LLTX7NiVX9jULxwv4biTcmh8kecewQmEcJXd1Im8iJoJrx1P5e9_XBXoLsuXfOQLmwE0s9hCOWYXNlzd4XBfueA6msB05NUJdzNWhl-BmXidws95s7gou_tEtk9dNSPzOMek_BVhw4JTYJ8Z9pWanljmn2LbIBXfGXpnISZ0BWVjcbBwGyVXRTAgE7DvLXvWrTvCiuaBI7mUnL0HJKomAjyu62DLE63itlvmznpAKLuROTaRaEOxYIsWlYxzxLi_kH53J7ljrMclUdWlN85KXufEVn4qcxcgQEoECyKJGVlM-gC7NkuomSSDh-u_2uIYBFtM70_f_lkAiqexQxAjgr9sWHs5mzbfeyznr2dhveOgQl-ReLoxwv_e491Eosgil-xTJkWSKOXW78PR-YVOfwLF0StzC5mYR9ca7633Zrkf_SlXRGBe9oeXgyQO0dOKjLT7sAdLIOn4PH3fp4MNGOFlf7KAVGcyVT8qH_0GsmqMWBHunUK5HluqqyXU2b7_3WZrdKffXtL1isNZ09WfSTHcsBtjgPyxgqFqC3qoPtBWCtBH1HGk1S4Qb0NhgILBq0NmaxiM_d4uvL8GzIezmcCrRDmaGgsOXq6v638BqeJUUMiag_5e1h-GYPsmP4i5IdWUxwIB1EVP_akmqkEp4oHzWa07btYpffIyMoHR064dkkHYhgEnXyZbAvirTh_7itcNLlade-BYnNeUMHLMwaGZ8rmXgTdPPTH7bjfPStEqgh9-dzQtd9djB1ZFWrapy36_f8Vb6NKEn479NW7fu7OFQ9bxjE433XuBWE4kPR0NjhyDGIy5q-HfPqYyWYiVjyqbC3_HELdWSeXxogFeJcQZWyrVQiU_R29Mms3LeJDZ6K6801_ILWrUlFeq2RKRi1rCJzhD0lVYSo_tzgskJiXRXMCd7OHRaiGCjbnt490bYxY4lNzHQFZEO7nZ8NGJP2o2o2ksOzmnCnUcEZfuDv9hRceTt41SecODl-_JYRp1KpyDKFZUj2sg7vDnaB5VTA5lObjL4taeBsRWrF_5S-NzNzeYEu3MPFycGIA6f5KoToXJJBNIvWCKUdZ4DZJqRfTUThdwca7-njy_Y69zggFD00r7E6kmA-DWtA04tWEORtVcRyAaSbxxKq5LL194SGueiRoKCvKcfM-1vA6BR9qTknYj5UTnHO0AYMqJBgVAsSzuJfnSKyfWIAXR0usxw19_QxdfGoHtGzVHJNKOH4HLz6sCJA9ZcmZxGCm_RSXZ_E8Cmvt7I15OcUe6MxOQpa-WM9WeduULNOvb7vUj0g869DviimGoqyGS1iHjLJgVruP-1b4f-5yAKwTskjFb_YvPXjn3cdyNBEaFnqFXctOpLNq06_ec4uaZgo2B1NUKpkmDHchy9VT3fdZfJGfuJ8pImz-jeCYWW5N17-h-cMukhcZu-yD7Ny_pxjCEor_RTQBADRLEUvnzscn8UOvvqsMy9h441SiqKZwUy2ATDmEEPBObYFQfPNnT6DnYEnA-JPZ0fAfZFZZcFyXrYZjrRmC99QajHTl_hT_-xe3JWxzeRuarnucBngq924tDXxE9m934jRAl-0zFXmvl-7S9ZIn&cid=CAQSTgDICaaNtsB5gRK1r7_GPYwrQbwpuTRdwF7J0UQuX2LXGvd5sEqWIzN3HYb6zTgcSpfiRH-GkpuU8IohRFK_Ch5XCU0rdGw_LcF3oWrx3BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolicheng.com%2F&ds=l&xdt=1&iif=1&cor=11447701209873222000&adk=1761367587&idt=388&cac=0&dtd=23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.253.83 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 07B2 31 KB
12 KB 221ms
98ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgH-_UNKwOVyDGlLatpSSfijKJlYORBs-jRXDAK4HqoV45kYfZu-dd_tq0Fqt5pzVxmIIXzASNrhtXFTvPClgx2MJGyq1VNWO9f8oMDQ4qMV5Ce8Mbmu_j-lU9nXw9c9V_Su5RLZTskQC5EldoYYHXhleffW8gTJmJHOYMafKvJqqKTG0&dbm_d=AKAmf-BOe5gvxAhU0-aHqvJWUr4-J3w3voJoO4P9-EA67Yhngn4GYnySsr3BiHoedYSqZ6E2SJ3hP_B4VLat2dFBw11YLbIuhgBkHqAZn13AcYbOtPuA6Lfz5PHnuUUY6ZVMOxfM-RZ36VzlHPHuqgrO1nE4HSJd0yGdA2Lcw9M1YH1pwLy43f7GjXCc_wmJKx1rYlGFuagj2mBa94E7PUk0-7fMVe0HycWBcOGqDVdV6R7Ape2NHGnzO8Ainoz4BM6Z6X0FMvfPCzPUbQynHtObSakpwfol3cWAh8Glf2rMtzLNSzyzZuLCJGyTgKM8_7EGciLuwwEB0XDSnS6d71Dsy3o4YuZaGUiWSj7pcQGxjIMBEq3JKdG-n3O0PRu8eTG7y748W7EVcDYuOWQhytmhstqiMsIr6rMVplV3uCrft8fdkVHGONMagN0hTiq1tVI5xNbfJ8O68twpYgsc1o_56VJpAwZqTr59LX3y65pz-j11sg2DYdsThKWaz6vSQC_W-JngSAVtE2NpX5QC4FTdlNoHOMHbqK0Sfaxk2Z-Uh4KYzG8FnndtZBxReRC-E1B7k_NX_ud0ZBtxJRJHQAqciwHqJnuOnxViYaiggQzdlQC4hE-wOh_pD0D-l3QnoKpvnvz57wu6GP6pA22QxiQ7NdEo5tNvz3KQKvvnqJy3dTCP2NAIThkUhn1ORtSgTNW6nf_s_Cpkf_BJNM75zVyiMIH3-_Wg1A6tCY5Mp7ZWYF7mNnFqufHLcqMHpLQMMSUenMwoVr3wQuBoBCdpOVttHv24eo-45rKTmTO2sgM8gIYH3_hNJmxlArK3lxPBGatHvQTysNxXYq3kLBr2mh6hexlYiCZ4Ewsdcxnm1QPPM4mKnCespc-aXYnUvkO_GdXgCX4E_dVx3EvSJjhTIXSuu7GZQqH7klL0SG7RBnZp85NME0Zx1VKDJwphkrHqcRQ0pjImA2c-LJ6lBWsbiWHS99PaUPzVAwHaSDmsaHeYZQVDRItyhDFNA0ehRjYn0FMqer1Jpw2tZg7PlWTQly0Bc65GSkMMJsXvvXnz7rlmB15O5DymlKe1aDOUx1eel_x5vMe1awCNjT1wKE-7YAVbun0DYfZVFknHbstHZzpTEfSH1V5Y8sQJkrIJjI4fH24c281EVoaqR1LQSNjI0-wWT-07qT1E9OJ2e8jXKwQKFP49weM_K943X83V-LuP-PU1gqWay80M9MAn9sA3LwlCXl9tGPV9IgQu66jrfUL4GUgDQLxRCtIqggrAoj3ZPwRq9hZnkpvmbRw-vDqoN0PzXyi2uxea7airiaa4bJz8GLu8ETzkO6NJ5BJbcfLxqZsJ8Pbu_KjRU5CoE2QH0zJIlAoGZYzHzcoyrq2j1kUMKStzf9TpxtgkhW7M2k3dTHqbaQeoOhIdPBzKtfIMvvZNg4H-qFumE01jBYC2iojQaU4BeKc5hKYaT3uJFBnachE7kqi5soNxxe4_me6so7YRWnpEAV-PKv7b4__7E4jc79d3Qx3YBpIjKlHgjgCZAzp86gWMPfb6pZWjR8xounu9UsX7rpqZQFHRDxCTQdAgpI67YlrPOEunUd55mpmY0ZJTs-phZHA8SwzcQXFjbyMUDqBbquloiu7rS4ZqanZS4r-OkaPvFJbKhhFzqSmEDWZ2QCGfYY6Uka9FCx5Hu_vyEUOckNj4E0AvQZOhz5GCPDUEIGM7t5flqLuvH23NZqO2JF6TyULF9N1jctWqNOL3_JKqTSafiFR7HsecgNcnAOR5dXLcOIYWFGlUYYk6gbsll_0y_VYu7b41JUmDHMOblL2Hbbi93zRwZ0PVTY7vOJE3otA3Oagoy-duEftRmU2Y9cl6l78Qh7y5MhNJC7MMM4yzx--3DCh9vvMUiY5tK_NYbJ6FWFy880LPKN-7i2tW96lQV2_-sVYrBSC15iiBmt_0nTHGyxn0ZUgcYT2nYLWsfkIUWgPir2c9VZ03Lqe87jss0IULkW5RJCpy7ip7XdKHe1fs1a_ZyRpnwOYeMgcXi78112CKih4TxWDogy4FGojVl-G4aPHtprWYRVa3j09IWYbvnBBICY2OyMfHDbkO6l7NL-JUQ0BQa5z1rtXTT41h8LLTX7NiVX9jULxwv4biTcmh8kecewQmEcJXd1Im8iJoJrx1P5e9_XBXoLsuXfOQLmwE0s9hCOWYXNlzd4XBfueA6msB05NUJdzNWhl-BmXidws95s7gou_tEtk9dNSPzOMek_BVhw4JTYJ8Z9pWanljmn2LbIBXfGXpnISZ0BWVjcbBwGyVXRTAgE7DvLXvWrTvCiuaBI7mUnL0HJKomAjyu62DLE63itlvmznpAKLuROTaRaEOxYIsWlYxzxLi_kH53J7ljrMclUdWlN85KXufEVn4qcxcgQEoECyKJGVlM-gC7NkuomSSDh-u_2uIYBFtM70_f_lkAiqexQxAjgr9sWHs5mzbfeyznr2dhveOgQl-ReLoxwv_e491Eosgil-xTJkWSKOXW78PR-YVOfwLF0StzC5mYR9ca7633Zrkf_SlXRGBe9oeXgyQO0dOKjLT7sAdLIOn4PH3fp4MNGOFlf7KAVGcyVT8qH_0GsmqMWBHunUK5HluqqyXU2b7_3WZrdKffXtL1isNZ09WfSTHcsBtjgPyxgqFqC3qoPtBWCtBH1HGk1S4Qb0NhgILBq0NmaxiM_d4uvL8GzIezmcCrRDmaGgsOXq6v638BqeJUUMiag_5e1h-GYPsmP4i5IdWUxwIB1EVP_akmqkEp4oHzWa07btYpffIyMoHR064dkkHYhgEnXyZbAvirTh_7itcNLlade-BYnNeUMHLMwaGZ8rmXgTdPPTH7bjfPStEqgh9-dzQtd9djB1ZFWrapy36_f8Vb6NKEn479NW7fu7OFQ9bxjE433XuBWE4kPR0NjhyDGIy5q-HfPqYyWYiVjyqbC3_HELdWSeXxogFeJcQZWyrVQiU_R29Mms3LeJDZ6K6801_ILWrUlFeq2RKRi1rCJzhD0lVYSo_tzgskJiXRXMCd7OHRaiGCjbnt490bYxY4lNzHQFZEO7nZ8NGJP2o2o2ksOzmnCnUcEZfuDv9hRceTt41SecODl-_JYRp1KpyDKFZUj2sg7vDnaB5VTA5lObjL4taeBsRWrF_5S-NzNzeYEu3MPFycGIA6f5KoToXJJBNIvWCKUdZ4DZJqRfTUThdwca7-njy_Y69zggFD00r7E6kmA-DWtA04tWEORtVcRyAaSbxxKq5LL194SGueiRoKCvKcfM-1vA6BR9qTknYj5UTnHO0AYMqJBgVAsSzuJfnSKyfWIAXR0usxw19_QxdfGoHtGzVHJNKOH4HLz6sCJA9ZcmZxGCm_RSXZ_E8Cmvt7I15OcUe6MxOQpa-WM9WeduULNOvb7vUj0g869DviimGoqyGS1iHjLJgVruP-1b4f-5yAKwTskjFb_YvPXjn3cdyNBEaFnqFXctOpLNq06_ec4uaZgo2B1NUKpkmDHchy9VT3fdZfJGfuJ8pImz-jeCYWW5N17-h-cMukhcZu-yD7Ny_pxjCEor_RTQBADRLEUvnzscn8UOvvqsMy9h441SiqKZwUy2ATDmEEPBObYFQfPNnT6DnYEnA-JPZ0fAfZFZZcFyXrYZjrRmC99QajHTl_hT_-xe3JWxzeRuarnucBngq924tDXxE9m934jRAl-0zFXmvl-7S9ZIn&cid=CAQSTgDICaaNtsB5gRK1r7_GPYwrQbwpuTRdwF7J0UQuX2LXGvd5sEqWIzN3HYb6zTgcSpfiRH-GkpuU8IohRFK_Ch5XCU0rdGw_LcF3oWrx3BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwolicheng.com%2F&ds=l&xdt=1&iif=1&cor=11447701209873222000&adk=1761367587&idt=388&cac=0&dtd=23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:49:49 GMT

GET
H2 200 omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 07B2 11 KB
4 KB 225ms
103ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:35:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 07B2 0
0 210ms
113ms Fetch
image/gif 142.250.186.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbJq3vt1b6ZE0Cw1G-_zuF3h9JY-dlxPvol72A04Tqv6wJ0d840Iisz4DQO9B_brdjsjYgmJ_zbROhwUbqG2I6GJGgG0zGJEI7EdG9rQdFx5nzHlloI1rTSuDKhsrzI2TwgRoKjCQ97FG-_K4SFkVvBgzK2E3gnZcM3eoDpt11G6w1fN5IOSgxHbknm-1IotcVCcNbjcrANGek0sK6U94sHwdJRG3lzTXLEb66k8e0Rdss-jsETs6F6reK4i15Ol7gut-soZcsWLugWkXBahOSTNdjc4idQuZhtR8OqbOooVKY33Fm3tDlVOcZcdyyQS0hP3g033kWVOsxSXpXZZYXhzu31CROHIhOPd_o45qDquhmdsL5RtJc03mvIzvjPdZnBLgq0NHGL4HZ-lkoYx-pmUh7gA1kJoD2w4ZrD2jVskIVZjrXDj8fRlpTy9Gy2AFiH_95EQHcyfGN89OpGgyGIR4Y7fhJFZ5IV1B7AYiUrZo88pXhCFYQjdqkKaXTEIpaXfN8-AHXf1c4nDxzXaxqcfPNBneOEIgiCkDN4yv5l3H1LQpDrqQN7C46U4UxiMbOpoQVSK5wK2kdkfP804zzqKCM2nm_CGxBP5GYOqUP4vPJQ442kEaFan6IS1aUMFMzDTXDJLE_-GKdVciXF0UNLO729XY4h-Mj0o1sUYWZ2OWG--Wg-Zap_6EThRx43w-Bx1KNCsr27g5s7VsrvVQhGOPDqsH9Rh9MpH9LnSPlldCzEiKoqf_05daCMPI9_SXmwZFsw-hVtQTn9OmxDLspud2Mb2AY5WCxR8VDNPDzQhLcxLNIKC6sTN4-G0DVnr1u2TMVg8NQB3n2z29hQ99f2JPYGcNF0E46Urm25ZKQrYvVKDD8c8r3Ct8wYRcHH6kg3XmKz1AdoyFFwM_LVwDkh6M3U2eIj_f2ssuth6hdOpqIhSWZM58gqYwK1EnkTp6U0YfzhWYktCj_27B8TfdRkO7E8QQhjDFWiXDD_RmUonMihtR-8PBOoCSklWqo-o7zWrWMJTx4CCrm8uYLeMHe8Jz6UQ5muios4a46O9gqHd1gKfAHTtN8mU_2F9dPav45R-anYBtkAig7TDncbdAJ0hIOZSypxk_nYRGBVG_hjAB8fT27Kqd3uqEqwAy5A_VftZxwf7bV7kV3ej5sDkQAOAOd_ZXV-NiEeYz5boa4-PWh4gXvcEjskK28r7-iqnB9Kd--r4ADn7d3xaZ0Ur_3jrrfaPs26EcZ7bYY-mkpgigMA7s2TwMwfX0zSzFXGr61mYJjRPSnuvY579bGyznI8qXU2f50DpcvQoVHC_VSB3JTxe2zlNxvMxJUH2nrZg&sai=AMfl-YTTZDwpoOyAmpFBhU6tWTKfLMXXTM5eM7rY9QWIkbnoUZCMlc_gIsIwdafvVY114eac8idrroGKsaWoQlPIjuA8-ygSWcJ1a7NWYTpGe7safSc8__AsjGz6ahuTJ0nmOk8nRMLCHLxcaCHqO1nVOAuQL2j9EKopKWS9gv-b6juxaP9Kyo6JV-Knv_PfWRT0gZK_KgGv95Tde_6RAgNJvRDoJ-PUW6cUQSQHCQarjtZjvRB-ObNx9FjSHo67jZhKMoJGcW8rvRI_XXY20Fz0aqdqKmI8-ECqSYjDRw&sig=Cg0ArKJSzK_5RZYTqmZEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20231109.77647&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 17:28:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 07B2 41 KB
14 KB 228ms
126ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:44:44 GMT

GET
H2 200 15480152141350477397
s0.2mdn.net/simgad/ Frame 07B2 30 KB
30 KB 404ms
36ms Image
image/jpeg 172.217.18.6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15480152141350477397

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:51:09 GMT
x-content-type-options: nosniff
age: 95825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30229
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 12:04:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 14:51:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B3AD 6 KB
780 B 91ms
90ms Stylesheet
text/css 172.217.23.106

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 15:33:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 17:28:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B3AD 2 KB
903 B 119ms
115ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:49 GMT

GET
H2 200 abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B3AD 23 KB
9 KB 119ms
115ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:49 GMT

GET
H2 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B3AD 3 KB
1 KB 144ms
143ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B3AD 20 KB
8 KB 114ms
113ms Script
text/javascript 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B3AD 203 KB
64 KB 152ms
151ms Script
text/javascript 142.250.184.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 17:28:13 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame B3AD 37 KB
15 KB 39ms
38ms Script
text/javascript 172.217.18.3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:20:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 03:47:40 GMT

GET
DATA 200
OK truncated
/ Frame 2C82 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 07B2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 827F 38 KB
13 KB 59ms
15ms Document
text/html 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 96208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9D32 38 KB
13 KB 50ms
16ms Document
text/html 142.250.186.97

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 96208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C82 0
0 64ms
62ms Fetch
image/gif 142.250.186.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz0ckziQArDoICYuejpbl0T1pgX7uG1MbmTvjsP_bZrVVgNbE6SfT0DPivAUOjRy-bE1agbQL-1ki4iaTDQYN7MCtuPxODXs-MtmQVCgQL_NnfdMh1jBFO3bFzeZvxtDnHbp2abzzJAZeX7pZv70HebELbrZ1mvbmYVBb2Edi1WL9KULD2-EAt2tLfhUHQ2pM0cBwfOxUUTO8Z5a6Lo8kReANXpdtlKPrjQcN7X7dDMSq7z5muwzNn1Q42JncffAckO-4qkIRzcgjiKdZ9HtCQ5MImbKGostm3VXX1dajh4EUtCeJB8Q6MFBHLgupTHngzE_2O0Kj6K5DLpNszf12VhvB90K0ETp-Tc_BNwk1vciIRrp9SL3eAVE7Z9kfSnyRarcBfH8WoW_w0sHvrhCuN--REO1ygMGTiPwXdi-tsFzthkt900PcNFljHKb9z5IszKKiSrbZSz6Wr8Gxh0POUyUAI_Qp81vwoTTYTgb8m_z5iHy7VMXLxtVLDYK33eZQmRiJUJr7EcTUB2BhhtAQ7RQgieiX3Ge2iRNhq57dQFyLkmVPR80dVfBiCSHr3SMoty-RBwpU_jhhw5t3_8hZ-gZNL3BagGedVRHGApWN_0coNk2irCP8rejkynZ8hB6vznhzGNth9GnQKpsyruvHMNeqX5srm0K414Xkh2duoq5GWi8Jj4mlaBbyRXxWUaky-PgSqQnenyROMwiD6E4zK8n4LjqC7otwqh1KXHmTRfIXupC06pF0jaY8ndBf09s4aq2clc_lGLJzS0jFcE_Bhx5ipzaBbGY-0SxNMBE1XohJRyXQAjMoe2gelHc64bZ3LOqmpwFgRgjYFpFPEWskgvM635rrO7vy6ZJL1UEhV-zhKYDkYEKChje_23R3JfmailngDRq0LbSjqQoV_77iIEGgT8AuXHvmabL5PFW6YBoVlb41cU8QgkzxSNGQcs0lsEjei6ipWrDVlAWj7Im9Y8IciU0HnyPW01i_Xd_ocHLpQNqcWgEpYKVsJ3sqK83kMqhBcOjEv74rMMnTmcynGFbKBNVt-_cYzkoELipuLdvvbqrvgGd_nPZ3j4ZVw-Qf-AS6-GfLOpVOv09D8dGVzkbpM6f6JnkVQIZ6u9THSYkbG9UZHJ2FABqlsIY-teX58g9bdsP8NHws3d56veUw5YgV0yQQi11-riVcyCeos9BV8hoo9zwl5457rjkn99_yKMKaFrGWyW2ufz0Q-GY8N4OtJHUxVkiXpU5jym6xRNOC1him97TpAfslfNzfPCBSHILeSHNgvnmqYztnCcD8empVcrD1TRok95Cb_J28Lax9IEAgC&sai=AMfl-YS2agoaMdR8ffxfMFYuyT-lIUH_BSuS_kh9dbClrA2tETG610ycy_qtTGUnbA9JtEEI-xR8ytkNAmnKrcVkGfcTs5pxyOC5C4K7qe5sFwcTGwbIqN7s0Vf5W4da7DH0h3cR9bXb-c4So0BuNh_SBH1FRjUZKg-R3nYzPHaaJijVCHoYNVrJbhGPqTmzqvtt94ykYJuo-Gd5TQyexG8lbzypjO_m2fs0kuOAoREwrC2TIw_ahtyrlk4zfkGYjs4CoGdsDX93Sg3v7z2_yDY7nMh0KUUgQUAfsi9izHZd1g&sig=Cg0ArKJSzMjIBWHmJYkBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=822&vt=11&dtpt=820&dett=2&cstd=0&cisv=r20231109.04116&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 07B2 0
0 64ms
63ms Fetch
image/gif 142.250.186.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbJq3vt1b6ZE0Cw1G-_zuF3h9JY-dlxPvol72A04Tqv6wJ0d840Iisz4DQO9B_brdjsjYgmJ_zbROhwUbqG2I6GJGgG0zGJEI7EdG9rQdFx5nzHlloI1rTSuDKhsrzI2TwgRoKjCQ97FG-_K4SFkVvBgzK2E3gnZcM3eoDpt11G6w1fN5IOSgxHbknm-1IotcVCcNbjcrANGek0sK6U94sHwdJRG3lzTXLEb66k8e0Rdss-jsETs6F6reK4i15Ol7gut-soZcsWLugWkXBahOSTNdjc4idQuZhtR8OqbOooVKY33Fm3tDlVOcZcdyyQS0hP3g033kWVOsxSXpXZZYXhzu31CROHIhOPd_o45qDquhmdsL5RtJc03mvIzvjPdZnBLgq0NHGL4HZ-lkoYx-pmUh7gA1kJoD2w4ZrD2jVskIVZjrXDj8fRlpTy9Gy2AFiH_95EQHcyfGN89OpGgyGIR4Y7fhJFZ5IV1B7AYiUrZo88pXhCFYQjdqkKaXTEIpaXfN8-AHXf1c4nDxzXaxqcfPNBneOEIgiCkDN4yv5l3H1LQpDrqQN7C46U4UxiMbOpoQVSK5wK2kdkfP804zzqKCM2nm_CGxBP5GYOqUP4vPJQ442kEaFan6IS1aUMFMzDTXDJLE_-GKdVciXF0UNLO729XY4h-Mj0o1sUYWZ2OWG--Wg-Zap_6EThRx43w-Bx1KNCsr27g5s7VsrvVQhGOPDqsH9Rh9MpH9LnSPlldCzEiKoqf_05daCMPI9_SXmwZFsw-hVtQTn9OmxDLspud2Mb2AY5WCxR8VDNPDzQhLcxLNIKC6sTN4-G0DVnr1u2TMVg8NQB3n2z29hQ99f2JPYGcNF0E46Urm25ZKQrYvVKDD8c8r3Ct8wYRcHH6kg3XmKz1AdoyFFwM_LVwDkh6M3U2eIj_f2ssuth6hdOpqIhSWZM58gqYwK1EnkTp6U0YfzhWYktCj_27B8TfdRkO7E8QQhjDFWiXDD_RmUonMihtR-8PBOoCSklWqo-o7zWrWMJTx4CCrm8uYLeMHe8Jz6UQ5muios4a46O9gqHd1gKfAHTtN8mU_2F9dPav45R-anYBtkAig7TDncbdAJ0hIOZSypxk_nYRGBVG_hjAB8fT27Kqd3uqEqwAy5A_VftZxwf7bV7kV3ej5sDkQAOAOd_ZXV-NiEeYz5boa4-PWh4gXvcEjskK28r7-iqnB9Kd--r4ADn7d3xaZ0Ur_3jrrfaPs26EcZ7bYY-mkpgigMA7s2TwMwfX0zSzFXGr61mYJjRPSnuvY579bGyznI8qXU2f50DpcvQoVHC_VSB3JTxe2zlNxvMxJUH2nrZg&sai=AMfl-YTTZDwpoOyAmpFBhU6tWTKfLMXXTM5eM7rY9QWIkbnoUZCMlc_gIsIwdafvVY114eac8idrroGKsaWoQlPIjuA8-ygSWcJ1a7NWYTpGe7safSc8__AsjGz6ahuTJ0nmOk8nRMLCHLxcaCHqO1nVOAuQL2j9EKopKWS9gv-b6juxaP9Kyo6JV-Knv_PfWRT0gZK_KgGv95Tde_6RAgNJvRDoJ-PUW6cUQSQHCQarjtZjvRB-ObNx9FjSHo67jZhKMoJGcW8rvRI_XXY20Fz0aqdqKmI8-ECqSYjDRw&sig=Cg0ArKJSzK_5RZYTqmZEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=755&vt=11&dtpt=752&dett=2&cstd=0&cisv=r20231109.77647&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4a.js
static.adsafeprotected.com/ Frame 07B2
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1835641/76534654/4.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6229436692445878&ias_chanId=1&ias_placementId=20785739509&bidurl=https://wolicheng.com/wo...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

521ms
111ms

Script
application/javascript

18.239.50.76

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 18.239.50.76 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:15:33 GMT
x-amz-version-id: zGvpNuif74nDjMUpmnXYnGouyZ0LvtiZ
content-encoding: gzip
via: 1.1 46e82159f07d7f814d9b72723b038152.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 328363
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 13 Nov 2023 22:15:31 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: yT3AilRcoZUQM7daziEC-6BZ_v9msHEkvh56rtuFg7jtolAS9A6Ulw==

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:14 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js
static.adsafeprotected.com/ Frame B28B 91 KB
23 KB 597ms
67ms Script
application/javascript 18.239.50.76

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.76 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 46e82159f07d7f814d9b72723b038152.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 7032067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 5uWUqjBNiH4bl5Fshyjk4lXka0wg3vYep93BdDZM0IpngmRbWKNcIg==

GET
H2

200

4.js
static.adsafeprotected.com/ Frame 2C82
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1835641/76543184/4.js?ias_dspID=3&ias_campId=1015029463&ias_pubId=pub-6229436692445878&ias_chanId=1&ias_placementId=20785738786&bidurl=https://wolicheng.com/wo...
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_raJXZbq2FY_B9u8P4tuWoAE&cbFunctionName=goog_wrapCb_raJXZbq2FY_B9u8P4tuWoAE&true_pb=

1 KB
1 KB

498ms
112ms

Script
application/javascript

18.239.50.76

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_raJXZbq2FY_B9u8P4tuWoAE&cbFunctionName=goog_wrapCb_raJXZbq2FY_B9u8P4tuWoAE&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823
Protocol: H2
Server: 18.239.50.76 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:15:34 GMT
x-amz-version-id: 5yD0MD0xvY5qMDPlbaeccRZIQga4BLlQ
content-encoding: gzip
via: 1.1 46e82159f07d7f814d9b72723b038152.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 328362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 13 Nov 2023 22:15:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: CnLM6G4M-Xs4wwtj36oefrUu5rn-0W3euCjwNXoQgWsrwSsCSvmaCA==

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:14 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=gcc_raJXZbq2FY_B9u8P4tuWoAE&cbFunctionName=goog_wrapCb_raJXZbq2FY_B9u8P4tuWoAE&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js
static.adsafeprotected.com/ Frame 2F00 91 KB
23 KB 561ms
108ms Script
application/javascript 18.239.50.76

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.76 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 08:07:09 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 46e82159f07d7f814d9b72723b038152.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 7032067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: uqjmlIivpA03pGvygiUTxOnEEgb7H2sG0u3oR6hxA5hfdHFXzxgPdQ==

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 827F 39 KB
15 KB 82ms
81ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET
H2 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 84A9 38 KB
15 KB 83ms
83ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: wolicheng.com
URL: https://wolicheng.com/womic/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 03:55:31 GMT

GET dt
dt.adsafeprotected.com/ Frame 07B2 0
0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C82 43 B
0 898ms
199ms Image
image/gif 54.148.135.54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=be7b440e-2b9f-c04b-3c0f-ed2134e3a187&tv=%7Bc:ufBc5C,pingTime:-3,time:114,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:28%7D,%7Bpiv:0,vs:o,r:l,t:113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:114,n:113,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B102~1,0~0%5D,as:%5B102~300.250%5D%7D%7D,%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVTcyva+11%7C12%7C131*.1835641-76543184%7C1311%7C1312%7C1411%7C151.1835641-76534654%7C1511%7C1512%7C1513,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:29%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6229436692445878&output=html&h=250&slotname=5578855425&adk=3018308540&adf=4086294085&pi=t.ma~as.5578855425&w=305&fwrn=4&fwrnh=100&lmt=1654514423&rafmt=1&format=305x250&url=https%3A%2F%2Fwolicheng.com%2Fwomic%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700242090140&bpp=2&bdt=710&idt=815&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1454033576460&frm=20&pv=1&ga_vid=160120142.1700242091&ga_sid=1700242091&ga_hid=953050206&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C31079629%2C44785292%2C44809317%2C31078297%2C31079653%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3222328674819663&tmod=1473176165&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.135.54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:15 GMT
server: nginx
x-server-name: dt34.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET dt
dt.adsafeprotected.com/ Frame 2C82 0
0

GET dt
dt.adsafeprotected.com/ Frame 07B2 0
0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 9D32 39 KB
15 KB 59ms
59ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 09:24:52 GMT

GET dt
dt.adsafeprotected.com/ Frame 2C82 0
0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 07B2 0
63 B 96ms
95ms Ping
image/gif 142.250.186.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuym2Coxm7kABfrFMk80Up7H0jN7JI3c-GrDO1z6_aEfR5X5dCY69Pm9N-IEszPtIehRDFOdGuCe6jgjLGTOIrEEMyeWvM-uOeWxE4D7RzAJizjUAwFfrnzMwNSr1XwYvCk8JE0-jwBRZ-gF9p_zHsRu1772gcpcUv5iYc&sai=AMfl-YSckM-Vqb0mBpRHBvcGDfeoohzA9BQAUC9UbAnLegAHDMB6t1y4Wu9CkUVHdh9-Ctacl3q_U9MwC6jxI7Tq_6RowMixRUxlSlZgUQmHAR8wbE6vGWBO743mMy9i4A&sig=Cg0ArKJSzFJ-KoLZe1SAEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:28:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C82 0
56 B 196ms
195ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=raJXZbq2FY_B9u8P4tuWoAE&p=ias&bl=0&twt=1666&st=1007

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 827F 0
56 B 166ms
166ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1lmcraJXZbq2FY_B9u8P4tuWoAEAAAAAOAHgBAI&bg=!R0SlRAvNAAZxrfrxUa07ADQBe5WfONbeRYCwCTWbm-ZMoxvNiYN8ZmnlDX6aIUglXi8Clk_2jBBVBfTgQwy7p_FuIAmVAgAAAXZSAAAABWgBB5kDCISgVqEshjhAkblB1SLikuojP724jAEd_BwkKXSrm-qresBoXPAnoaizV8WhlHgyEGFLwTvExJJHzZbaAvk7no4akK6d0I4iMhp1mujOGDZXzHweGLGyORST8OHwMcsx_U38UA5MvjyTgUbUPPP16earp4Vi2nzqW0HG0tQ01uXjug8ft-daKbr4zyH5jj02ZuP_jJN61-OHKsWnCCvax17cSU6lr5LjdKmJA5-J6Avq60qbJil3nFrKQcQQnOLSKK4MnNZpA1EA1BdAwZl-v-Ny2AHdDIZqy8IBCthuBfHHng0XPOVpBl3IvCnz6bbJVy0GZ7nfX1YMiaP1c7A6tII_iyl-DGidcbh5r1wxm94Y_xmp61yKJkT0L-nR3PG2ZPZlxX_SMJBEMlibzz1hFYN80ShSB1ye4Hmx7WNsJ9Cu4uLKN6tPFIKdoGX8XetUFdSNsZD_XTEJefCqowcgFEYugwcBcfS65rg8sZQxfVcV6AqU7JEqLlOgg65GSTdDrecBCSvCd05IkuB_r_6qM1q01Xymq3h7nbFW5zE_I9QV5R_Dq-LoUqwUBx5eoIbEDohp1A12gOucxjDQ4A_xcJuBbwb_zU5EXNRrTJZw5Dp1t8OEeoZdeVyHAD7EXXyr4jF5Lh7vJEhoBFyWDzbYH6nmFih7PegeeHoYWQDkOgENJpQE7qGiaSplphR8Kz-1CWvqSO1QdPN_un3EABWZO5Bp8zBLaEdb1TZBEciB0G4TTOXf1rrvJOEJHqY8VPOMz2SdTLeMb-cieWsIk8AMbgu2CNUzGY46C4NF8Ht95gOsFAZkz6VBOj6zWZuJS5xgDEXL7K5H0Kp1RYUpVdzDJsGjRqrC8uXNgRGQg7wscQyi97dqkda8OFfqTQ9pb5Ae-ZSjnz0sF0QGB4Dx4cTXxGQApzVnk7QoTG4tVCQdkMzCzbsXjxqPxdfjFnhceMMoGyMQ0iiVRLFPtk_QmMqglUDO3pPulNuoWt8KVJ-mqHPi6dAqonxDMdkfaMLxi8v3AIoWaFIx427q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 17:28:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 2C82 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D32 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=aa13309e-3285-a36f-fe73-7e6bbea1dc77&tv=%7Bc:ufBc5f,pingTime:-3,time:185,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:57%7D,%7Bpiv:100,vs:i,t:180%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:185,o:0,n:180,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:56,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B169~1%5D,as:%5B169~728.90%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5~100%5D,as:%5B5~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVTcyva+11%7C12%7C1311%7C1312%7C1411%7C151*.1835641-76534654%7C1511%7C1512,idMap:151*,rmeas:1,rend:1,renddet:IMG.qs,siq:59%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=aa13309e-3285-a36f-fe73-7e6bbea1dc77&tv=%7Bc:ufBc5i,pingTime:-6,time:188,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:188,o:0,n:180,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:56,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B169~1%5D,as:%5B169~728.90%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8~100%5D,as:%5B8~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVTcyva+11%7C12%7C1311%7C1312%7C1411%7C151*.1835641-76534654%7C1511%7C1512,idMap:151*,rmeas:1,rend:1,renddet:IMG.qs,siq:59%7D&tpiLookup=ao:wolicheng.com*%2Cgoogleads.g.doubleclick.net*&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=be7b440e-2b9f-c04b-3c0f-ed2134e3a187&tv=%7Bc:ufBc5F,pingTime:-6,time:117,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:117,n:113,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B102~1,0~0%5D,as:%5B102~300.250%5D%7D%7D,%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVTcyva+11%7C12%7C131*.1835641-76543184%7C1311%7C1312%7C1411%7C151.1835641-76534654%7C1511%7C1512%7C1513,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:29%7D&tpiLookup=ao:wolicheng.com*%2Cgoogleads.g.doubleclick.net*&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=aa13309e-3285-a36f-fe73-7e6bbea1dc77&tv=%7Bc:ufBc5P,pingTime:-2,time:221,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1697,beZ:1699,mfA:1703,cmA:1705,inA:1706,inZ:1711,prA:1721,prZ:1747,si:1756,poA:1758,poZ:1789,cmZ:1789,mfZ:1789,loA:1886,loZ:1890,ltA:1919,ltZ:1919%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:57%7D,%7Bpiv:100,vs:i,t:180%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:222,o:0,n:180,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:56,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B169~1%5D,as:%5B169~728.90%5D%7D%7D,%7Bsl:i,t:180,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~100%5D,as:%5B42~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVTcyva+11%7C12%7C131.1835641-76543184%7C1311%7C1312%7C1411%7C151*.1835641-76534654%7C1511%7C1512,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:59,sinceFw:161,readyFired:true%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1835641&asId=be7b440e-2b9f-c04b-3c0f-ed2134e3a187&tv=%7Bc:ufBc61,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1636,beZ:1637,mfA:1642,cmA:1643,inA:1644,inZ:1649,prA:1649,prZ:1656,si:1664,poA:1671,poZ:1710,cmZ:1710,mfZ:1710,loA:1752,loZ:1760,ltA:1774,ltZ:1774%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:28%7D,%7Bpiv:0,vs:o,r:l,t:113%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:140,n:113,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B102~1,0~0%5D,as:%5B102~300.250%5D%7D%7D,%7Bsl:o,t:113,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B27~0%5D,as:%5B27~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVTcyva+11%7C12%7C131*.1835641-76543184%7C1311%7C1312%7C1411%7C151.1835641-76534654%7C1511%7C1512%7C1513,idMap:131*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:29,sinceFw:103,readyFired:true%7D&br=c

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUatmZPlT2MDYK8Ax-uA8Pbuphg4ogqfzDjsX7_E2SOa0eqzNmmHqUhpDjuNwbvTFJjGLOwd7p1kfyR-88eWTMioF-Vo48Ceon__lW0cT5UPWarma2uC3PjfIMOb4FixDyW9dvyUGh98_V&sai=AMfl-YQijP49kdLr1-UFiWBkLYlyMMg9-E69KdpUndB8WhIFvCP1-ZL5XtlypNAkvThjiHzUJYojD9ovgXJ44yvZNRujePRZbnwcgRV2PiMVInb9JWvWI2YeCx6qYTP1Axw6pHKumOtvk2QBrvHmAerM6A&sig=Cg0ArKJSzLzrduXV8YogEAE&cid=CAQSTwDICaaN3OnwHUmGwZlprLf-FZUWiU8KU5fHc8T0_CzQPksd6hT7hLPUG4CVa9YxKRrwcUEFffNefd-6ImYKPnWIz7zVZ32pnBImRPO99E4YAQ&id=lidar2&mcvt=1015&p=0,0,250,300&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3018308540&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700242092876&rpt=1359&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3eqCraJXZbynDfCt9u8Pt5Km-AwAAAAAOAHgBAI&bg=!6-il6KfNAAZxrfrxUa07ADQBe5WfOC6_jmrXu7m6Q3PjC4Ty-IpO_YEfzPMpWhACkrbf7_GLJD27oRqD4RnQYOiufCcuAgAAAZBSAAAAOWgBB5kC_Yiw22_WTpRj_eFMdhiO3W-6ZlDJDVsBlcyUbQPH1WUwm3TsQN8cMeW8jH8G_bwFnO2npUl7-iiY1dFqr2oaESCBnu8EYSuV3Cd7mXCxe-EH51YEHZrrmfoTzsoAb0QheIbLRlio8lPITQO_M8NjN41EQ-zlsV4E6dBsf5_HlTN6_FIbjcs3dZ12SwjXG8kShWXleACIo7Ty6KYcl00c66n-0WIKdHJIRrLlyl_jkNC-YUUdNqrWo1ODgJQMoXpQOBa8jd5fKv7W1NwOFRAZsWppjl6mKDu9pD7O9rsoaqT_FoKRTUSgk-aPOLMyX5jKV8ZcyoPt0ZVGdZ_Oq8Gz0LzLBQfuFeI63nx9sFZgc8NHjSLxqq8ZeJVLKgzMfrdmy52TK8P9FWuN1OmYJc9qUFRefeY3M2vUoIat500bU-MxEN-GEOflaBIBFViIKzBiQpkNGBmT3LpQ45IDaCQO8DP1-_zSN1yYWmS_DhMS08sbhyakJ9FSSM5X5CDAgDH7S2McOwHkqqSSh9QIymswWMOCk-TCGa4Fi2j8F2rK4-2n3I3fMYEiROT5WmO_FcocZ1Ul8Vm9qK5Na_JV_UKBah124-_9qtCFoIveeJzTDiAbXA6WUpSGTkAE8R3tCpBCu2eNCZf-L3SMSPZ14YgWe1x0BJV9otBeMKK6r1mk3shPJU6mPmTb1-Mzh_zLTC2GXeZmHAAwaMS-f6R6O2h6BBck7kNriZaqi0zr-PvWG8H9Xm0jto89gU0oaiVxQgxIFsv9Wo7FauFdCTwpdRBynkuGlU2AfoGBvDowEljBpcyj-zwTYCgyUI0rUnLrWyG3fziHDei6ohDL8NVGKkAhYJmKf2O5CdtIHMP4s8XaW98b_06XEtaSoSFj60sCFutyRlYgOJoSwsR0SJ_E8nQCgSaTEjw8UIGh39eqx1QY1kDSjwwhuZnIiNSlQy1kIA8jowtrE0UgLCMZG_RtWXCnx4Po0T6EjM23xSigfFDex5pLOuKn3xjx6gCIrsDt2Q

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 01:38:58	Name: IDE Value: AHWqTUnb-HfqFy7ryN7iQGAfxzjVocjXEpnwe9ymABtVqhNVqcVdirQo5jie7K4b
.casalemedia.com/	1970-01-20 18:26:58	Name: CMPS Value: 2214
.casalemedia.com/	1970-01-21 01:02:58	Name: CMID Value: ZVeirVs08JiWgsqatVefpAAA
.casalemedia.com/	1970-01-20 18:26:58	Name: CMPRO Value: 2214
.adnxs.com/	1970-01-20 18:26:58	Name: uuid2 Value: 354036954873623475
.adnxs.com/	1970-01-20 18:26:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?$G`^:I!@wnfH8K6pQK`!5=E<L5?%K9if9HslIax:fRKrVk1$sf@R2[?MNsBLeTiIbpRzqF1`*b^t4)pVJK
.doubleclick.net/	1970-01-20 20:36:34	Name: APC Value: AfxxVi7H0SOFuTPIqvQudyqJQw96w6mSzWsTcvqFekHpog-UNkOjug

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
wolicheng.com
www.googletagservices.com
www.gstatic.com
dt.adsafeprotected.com
pagead2.googlesyndication.com
142.250.181.226
142.250.184.194
142.250.185.226
142.250.186.162
142.250.186.97
143.204.98.2
172.217.18.3
172.217.18.6
172.217.23.106
172.64.151.101
18.239.50.76
37.252.172.123
54.148.135.54
54.171.253.83
09818f7e4920ed62f86610df3b52c0d5b81fa24b59bfa28db5e4bb9dcdd9b90c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1e1af4ad9d48ab73ff93cdc14a45c0d23ecf2801fb9be6b1772d8eca4ae8f629
2cd12bdc9627d3bc84f7b6eec737b0ed0f9bb1a4fca08a96e77292c077caec24
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
7a319bcd059c87cccbea72946cd339ca368275e4b045d3004a9d72d84ae0485d
7fb9cd87224770a67700fc7d26c3a180a9cdbd51c6b197dd9baf5a85757f4f96
9c419e3ada62ac8a308cf7a6967d866775a2aa78e89dd4c4698db8a429f8f85a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
be80c9f40aec14aae1230925cd3e9d33d99cede7f10dd0c248168a6efe47cb77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efccd6a0e89d675d1e864774c781d756cfa1d8c899a49b4579b463cea020fd75

wolicheng.com Open in urlscan Pro 143.204.98.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

80 %HTTPS

0 %IPv6

10 Domains

15 Subdomains

15 IPs

1 Countries

1166 kBTransfer

3300 kBSize

7 Cookies

0 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

wolicheng.com Open in urlscan Pro
143.204.98.2 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

80 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

15
IPs

1
Countries

1166 kB
Transfer

3300 kB
Size

7
Cookies

85 HTTP transactions
2 data transactions