urlscan.io logo urlscan.io
SecurityTrails logo

www.zuhedaikuan.com Open in urlscan Pro
112.74.76.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.zuhedaikuan.com/
Effective URL: https://www.zuhedaikuan.com/
Submission: On June 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 92 HTTP transactions. The main IP is 112.74.76.82, located in Shenzhen, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is www.zuhedaikuan.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on March 5th 2022. Valid for: a year.
This is the only time www.zuhedaikuan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 112.74.76.82 37963 (ALIBABA-C...)
14 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.251.5.154 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
4 142.250.185.226 15169 (GOOGLE)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 23.35.236.247 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
92 22
17    112.74.76.82 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
www.zuhedaikuan.com
14    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
3    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
17    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2607:f8b0:4002:819::2003 (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net
bid.g.doubleclick.net
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5edn6k.c.2mdn.net
Apex Domain
Subdomains		 Transfer
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
426 KB
17 zuhedaikuan.com
www.zuhedaikuan.com
133 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
bid.g.doubleclick.net — Cisco Umbrella Rank: 473
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
118 KB
7 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
46 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
imasdk.googleapis.com — Cisco Umbrella Rank: 381
127 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 886
r1---sn-4g5edn6k.c.2mdn.net
844 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 564
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
86 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8357
12 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8526
914 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
457 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1376
351 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 555
98 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 936
464 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 768
647 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
92 18
Domain Requested by
17 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
17 www.zuhedaikuan.com 1 redirects www.zuhedaikuan.com
14 pagead2.googlesyndication.com www.zuhedaikuan.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.zuhedaikuan.com
googleads.g.doubleclick.net
4 cm.g.doubleclick.net www.zuhedaikuan.com
googleads.g.doubleclick.net
4 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
2 r1---sn-4g5edn6k.c.2mdn.net www.zuhedaikuan.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 hm.baidu.com www.zuhedaikuan.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
92 26
Subject Issuer Validity Valid
www.zuhedaikuan.com
Encryption Everywhere DV TLS CA - G1		 2022-03-05 -
2023-03-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2021-11-15 -
2022-08-02		 9 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-05-24 -
2022-08-02		 2 months crt.sh

This page contains 15 frames:

Primary Page: https://www.zuhedaikuan.com/
Frame ID: 90DAA772BBBFCDE694381DD55CAE07D8
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html
Frame ID: B1F279B25B1B0F8AFD6C4F9FC1E1209C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&adk=1812271804&adf=3025194257&lmt=1654229461&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229461767&bpp=3&bdt=1310&idt=157&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6855546236672&frm=20&pv=2&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=179
Frame ID: 3AF7953C2B5860145A466910520BCC18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Frame ID: 17BF6E91CD656AC960331A526EE13610
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Frame ID: AB7FA1BCC58157CC490D2F722F0AF737
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Frame ID: C841FBE46B6CD1A44F4CA3CA43374964
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 84390F1BA6C0EABD1BC744685D0ECCB0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AEC8754DDAECD2D6AD2684A8893BF97D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 28C6FC6993A2B7DC27FF95B25606C6F2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Frame ID: 3244C26F656E149DA56FEB54032EE705
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Frame ID: 69C73DEF462986D6C40D4F7A6C98364F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6056CE554EFB2207D05E810AA7CDE647
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: AF79C8D7F401B92B87C5AFCA1FB888FF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ABC6196D544F4ADA0AA930C9E7A7A62F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AEDB1868767DD41D34B71FBDF7EBC52
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

房贷计算器2022最新版 2022房贷计算器详细月供明细

Page URL History Show full URLs

  1. http://www.zuhedaikuan.com/ HTTP 302
    https://www.zuhedaikuan.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

95 %
HTTPS

60 %
IPv6

18
Domains

26
Subdomains

22
IPs

5
Countries

1794 kB
Transfer

3437 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.zuhedaikuan.com/ HTTP 302
    https://www.zuhedaikuan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 57
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 70
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOvjfM9Hf0UV-gQjhelD53U&google_cver=1&google_push=AYg5qPJExk8G8ivD946JT39c55Ss23NFG8Y4qEZl-hIeiZ66kf9W62l00CmT9zLI3xQTPMirrLXTvCBiDmHDNDEdgNpxoFdVvm35 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOvjfM9Hf0UV-gQjhelD53U&google_cver=1&google_push=AYg5qPJExk8G8ivD946JT39c55Ss23NFG8Y4qEZl-hIeiZ66kf9W62l00CmT9zLI3xQTPMirrLXTvCBiDmHDNDEdgNpxoFdVvm35&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BJDKAZr-QOW7SiqbrJQ-kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJExk8G8ivD946JT39c55Ss23NFG8Y4qEZl-hIeiZ66kf9W62l00CmT9zLI3xQTPMirrLXTvCBiDmHDNDEdgNpxoFdVvm35
Request Chain 71
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKN9frG0DMcGlpaoG8d8ox8&google_cver=1&google_push=AYg5qPJkQYII4xkFBqfPZVtKaVDsu1aC7R3FSZ1rblOKMtojx0YG9tW3PnvkHmcObyDixgdalsHmg536t4eXV2eaiTKt1BySvFmu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYWElFWk0tTC1GRjhP&google_push=AYg5qPJkQYII4xkFBqfPZVtKaVDsu1aC7R3FSZ1rblOKMtojx0YG9tW3PnvkHmcObyDixgdalsHmg536t4eXV2eaiTKt1BySvFmu
Request Chain 72
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENw2R5DSxm4WP6rC-_IU7x0&google_cver=1&google_push=AYg5qPLgo30PyzCVLidI5PlRPRSucdWo3erkZYnwniZOJyC7XGDsjlF4hYUAZk0v5wfuuRn5bKonQJ_4UB6daV1ZHnG5vvUY2j6u HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENw2R5DSxm4WP6rC-_IU7x0&google_push=AYg5qPLgo30PyzCVLidI5PlRPRSucdWo3erkZYnwniZOJyC7XGDsjlF4hYUAZk0v5wfuuRn5bKonQJ_4UB6daV1ZHnG5vvUY2j6u&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpmJ1zQa9XKzp_EtzIbqTAAABGQAAAIB&google_push=AYg5qPLgo30PyzCVLidI5PlRPRSucdWo3erkZYnwniZOJyC7XGDsjlF4hYUAZk0v5wfuuRn5bKonQJ_4UB6daV1ZHnG5vvUY2j6u&google_gid=CAESENw2R5DSxm4WP6rC-_IU7x0&google_cver=1
Request Chain 76
  • https://gcdn.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B08E7269DAC6277E90B32264E093EF04DD204B5D.49C82B7C820E56720320C70FCDF9C9EDC98B31AE/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/400B2CF7EF41F864AC4EAF90BBE77CD4E8B9CF48.81F1D2C55BDF9E4B27264C8A727EA422430E889C/key/cms1/cms_redirect/yes/mh/8o/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1654228509/mv/u/mvi/1/pl/29/file/file.mp4

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zuhedaikuan.com/
Redirect Chain
  • http://www.zuhedaikuan.com/
  • https://www.zuhedaikuan.com/
40 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
a1d7fe2c6760ea329e4128db5ce7621f1f30fda31fe06643a0c2f9da2539a34d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
40636
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Jun 2022 04:10:59 GMT
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Content-Length
151
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Jun 2022 04:10:58 GMT
Location
https://www.zuhedaikuan.com/
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
jquery-3.4.1.min.js
www.zuhedaikuan.com/js/common/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/common/jquery-3.4.1.min.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jul 2020 06:26:36 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0f676b9a759d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
30737
bootstrap.min.js
www.zuhedaikuan.com/js/bootstrap-4.4.1-dist/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/bootstrap-4.4.1-dist/js/bootstrap.min.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jul 2020 06:26:36 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0f676b9a759d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
15917
utils.js
www.zuhedaikuan.com/js/common/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/common/utils.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
2a38158776aa19cc4455aae73ea4a5d084570302a27869776cdd464ee7d034ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 May 2021 02:31:13 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"806e46b13254d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1294
num.js
www.zuhedaikuan.com/js/common/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/common/num.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
5cfef44dff8d4ceaf404a2a896e7e9178d1d4314922d5021d7f25022fed281b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 02:23:26 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0e3e0979f5dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
878
tiqian.js
www.zuhedaikuan.com/js/calc/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/calc/tiqian.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
5700b44f8e1890d4ee167b3de29056adec4ecc9238f9d0c95c6f29dbc4fe6ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Jun 2021 22:55:05 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"802a397ecb58d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2511
bootstrap.min.css
www.zuhedaikuan.com/js/bootstrap-4.4.1-dist/css/ 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/bootstrap-4.4.1-dist/css/bootstrap.min.css
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jul 2020 06:26:36 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"0f676b9a759d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
23664
index.css
www.zuhedaikuan.com/css/ 		466 B
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/css/index.css
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ec627e8063ab10f56e2d93f7c236012f468521c3459b4283c6f3d7048912416f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Last-Modified
Tue, 14 Jul 2020 06:26:37 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"399219baa759d61:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
466
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8430654004556159
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b4d9cb67c18ebeabeb764d4fc66f4d93183d1309a698312958d2a6867865c3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zuhedaikuan.com/
Origin
https://www.zuhedaikuan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56149
x-xss-protection
0
server
cafe
etag
6808412635667785002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Jun 2022 04:11:01 GMT
logo.png
www.zuhedaikuan.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zuhedaikuan.com/images/logo.png
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
e3204c760804421274054c854478e07cb5c7759d00e15ac48fab1b28d74e2fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Last-Modified
Thu, 05 Aug 2021 02:09:19 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"7f2579e69e89d71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3441
biz.js
www.zuhedaikuan.com/js/calc/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/calc/biz.js?20210617
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
798f8e4ab51910b1260185b50979d43fab4dc37250ad1b721d513d91797ac158

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jan 2022 02:26:21 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"80c4b71ca5dd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2009
ad.js
www.zuhedaikuan.com/js/ads/ 		0
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/ads/ad.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Last-Modified
Fri, 13 May 2022 06:27:58 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"169091969266d81:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
0
api.js
www.zuhedaikuan.com/pinglun/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/pinglun/js/api.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
149065b208b1c4dbe5f2f373a157daa464517097d336c827c3d13ae059e040ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Last-Modified
Mon, 11 Apr 2022 01:50:40 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"87c5588c464dd81:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1172
tj.js
www.zuhedaikuan.com/js/common/ 		265 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/js/common/tj.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
2cf855582855caceaa0559c3c9bdc7d890851813fe82ae1c5c5a67e178fc02e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:00 GMT
Last-Modified
Fri, 15 Jan 2021 02:10:26 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"74d13a97e3ead61:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
265
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/ 		323 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8430654004556159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40f7fcd46beea5ed74eec54f7583a4c8effa758f3988ba075b53f6255af78e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117452
x-xss-protection
0
server
cafe
etag
633462360198126765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Jun 2022 04:11:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/ Frame B1F2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8430654004556159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zuhedaikuan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 19:36:20 GMT
etag
1327746537699501093
expires
Thu, 16 Jun 2022 19:36:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pinglun.css
www.zuhedaikuan.com/pinglun/css/ 		574 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/pinglun/css/pinglun.css
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/pinglun/js/api.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
c8d6d58af052574be931aea92e202df906c911c7fa96bf55ee0bf05f9a2fea53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:01 GMT
Last-Modified
Thu, 21 Jan 2021 02:40:11 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"b02790bd9eefd61:0"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
574
pinglun.js
www.zuhedaikuan.com/pinglun/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/pinglun/js/pinglun.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/pinglun/js/api.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
d9ad90ad6ef31b033a50df447a8ea24d8a373653650b8ee2f7489950859397bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:01 GMT
Last-Modified
Thu, 21 Jan 2021 06:11:31 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
ETag
"9e1c6643bcefd61:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5684
cookie.js
partner.googleadservices.com/gampad/ 		219 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.zuhedaikuan.com&callback=_gfp_s_&client=ca-pub-8430654004556159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7cf7b05e5d180f47dfb2ef2bf03fd01d34dcba8abbe254423de0ff40d8e303f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zuhedaikuan.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zuhedaikuan.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3AF7 		237 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&adk=1812271804&adf=3025194257&lmt=1654229461&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229461767&bpp=3&bdt=1310&idt=157&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6855546236672&frm=20&pv=2&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=179
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f3f848dfa6c0c851588476903e0b843d5d5b33d94907c88b0c7c9057522035f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zuhedaikuan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
64472
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 04:11:02 GMT
expires
Fri, 03 Jun 2022 04:11:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?20658def123d97331bc4d6819ef63a26
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/js/common/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
d7a69cc9693f6125c312f4d4d241d7ab6baa2b88b283ed622d3d920e20301af1
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:03 GMT
Content-Encoding
gzip
Server
apache
Etag
91c6c77ea5aa1108a7c577684e5947b5
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11300
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/ 		147 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/reactive_library_fy2019.js?bust=31067863
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ceadd47131da980f3cedea0536451cb25c250133f1668db4d0d876f3617e344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53779
x-xss-protection
0
server
cafe
etag
5741275648319307781
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Jun 2022 04:11:02 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zuhedaikuan.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zuhedaikuan.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 17BF 		77 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d0d63756694e744a41d326fd3cc7d576b548d19562b7862b6b0c674f5ccdef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zuhedaikuan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
25264
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 04:11:02 GMT
expires
Fri, 03 Jun 2022 04:11:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/ Frame AB7F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zuhedaikuan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 21:07:10 GMT
etag
1327746537699501093
expires
Thu, 16 Jun 2022 21:07:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/ Frame C841 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zuhedaikuan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 21:07:10 GMT
etag
1327746537699501093
expires
Thu, 16 Jun 2022 21:07:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame AB7F 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 03:55:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Jun 2022 04:11:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Jun 2022 04:11:02 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB7F 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 23:13:42 GMT
x-content-type-options
nosniff
age
17840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 02 Jun 2023 23:13:42 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AB7F 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 00:39:02 GMT
x-content-type-options
nosniff
age
12720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 03 Jun 2023 00:39:02 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame AB7F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 04:06:46 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C841 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzGZU1omZYqrEAduNgAe516TAD77Fw8VjioT1248O5rqh5YgwEAEgh8CCjwFglYKAgJQHoAHUhd79A8gBAqkCIqxay4EIsj6oAwHIA8kEqgTpAU_QVdcQffIC-9aKg_L1Wy1YuIIElLMwZPST_kFUIvodCshLtQ5farmSnS844YxBdwjEVPpvj-z08BIIESEYBTfAPf9SC_nmeM_ejcFdJiN06le7-fiJgpoVdThECkX3srn2woaX7tO5KUqX4MhW9i5qP6rqCRSkUloTeF8Cztv0GLGakH9v1NIWUh-EFDs4M_NeP7mWp3Z7wI2RsWg7i0duh_Iy7plZ-2-EnR3F_g72c_pHVf-uchy_itamrcMYayyTyHlOvARwGy34FEP9ivTB26PZSF3w03ggLXu4WpJ9rS6eHbSfmLf5wAS9odOqyAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHlPqhAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJHAJdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NDMwNjU0MDA0NTU2MTU5GAA&sigh=8RlmET2Jyg4&uach_m=[UACH]
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 03 Jun 2022 04:11:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 03 Jun 2022 04:11:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame C841 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 04:01:17 GMT
12705875535708437651
tpc.googlesyndication.com/simgad/ Frame C841 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12705875535708437651?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnPHh3n0gi7MNGw8FAcqF6tWcXkXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfce785841709c4c0d7af3e3176883c27387af348fb0227f37d33c027896af3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 22:07:20 GMT
x-content-type-options
nosniff
age
367422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31032
x-xss-protection
0
last-modified
Wed, 19 May 2021 15:36:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 May 2023 22:07:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame C841 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 03:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 03:50:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C841 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 04:11:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame C841 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 03:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 03:10:25 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame C841 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce785d57ef9a42ccbd1c547a34629dcadedbb4ec14c423ace11c2a33c2b45c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 17:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37750
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13058
x-xss-protection
0
server
cafe
etag
3195647855342160189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jun 2022 17:41:52 GMT
css
fonts.googleapis.com/ Frame 8439 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 03:52:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Jun 2022 04:11:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Jun 2022 04:11:02 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8439 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 03:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4098
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 03:02:44 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 8439 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 04:01:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8439 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 03:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 03:50:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8439 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43440
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654082998712738"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 04:11:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 8439 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 04:03:05 GMT
1a132ce94651f9fd8f1d4e10540034d5.js
www.gstatic.com/mysidia/ Frame 8439 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 29 May 2022 20:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13011
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:03:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 20:23:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AEC8 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Fri, 03 Jun 2022 03:46:01 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C841 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c241549585e49abe06f6c7afafd493bbce81933c5ee9367a451a06322328a0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 28C6 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Fri, 03 Jun 2022 03:46:01 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame AEC8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 03 Jun 2022 04:11:03 GMT
expires
Fri, 03 Jun 2022 04:11:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 03 Jun 2022 04:11:03 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame 3244 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 18:52:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
33518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 18:52:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 17BF 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 04:01:17 GMT
css
fonts.googleapis.com/ Frame 17BF 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Jun 2022 03:57:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Jun 2022 04:11:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Jun 2022 04:11:03 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 17BF 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 13:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:47:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 13:23:39 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 17BF 		351 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 13:23:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123888
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:47:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 13:23:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 17BF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Jun 2022 04:03:05 GMT
l
www.google.com/ads/measurement/ Frame 17BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSf-_--Uz6GqdN6c0IkNHtRm-Uqg9bgFLaWNT0pE8OvYig5vu0gASC3qfYKQw4OIPImTDjxvlYw2WrWSFJTXANT28UP6A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 28C6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 03 Jun 2022 04:11:03 GMT
expires
Fri, 03 Jun 2022 04:11:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 03 Jun 2022 04:11:03 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame 69C7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 18:52:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
33518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 18:52:25 GMT
csi
csi.gstatic.com/ Frame 17BF 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l3xxietj&c=8652908116306&slotId=4326454058153&qqid=CKe9__u0kPgCFfhqFQgdcI0LHQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:819::2003 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17BF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 12:43:04 GMT
x-content-type-options
nosniff
age
314879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:43:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 17BF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 11:07:47 GMT
x-content-type-options
nosniff
age
320596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 11:07:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17BF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C8y9W1omZYqf6KPjV1fAP8Jqu6AHbiPG1apn-utyGEPAuEAEgh8CCjwFglYKAgJQHoAHc-Kq7AsgBBakCjKxrLPoMsj6oAwHIA5sEqgSdAk_QELP5xwfOh5Ms4IacgVs2ELzLaH_DhMoOePEig2Sdqgu1vm88gxPAIzLrZlnoNbqQLGssnLOMd6erVLYsrgqxkwW01xT1Z4Hv19M191zslc87JQ_6Pe6sqqM0CG79L0wsjyV4dYHjmYw-MHmpgg099K-Hvb_fiJQxApZcIGujJuUAsshVS26QE9NaBbKZQCGAebSC3aoKWNKWt1rX5i5LYXDHw0L8ikQANmytKmdMuxIypAYv1dlhOLCyzWVBkuKL9fdlQSozw43NK_NkyLXlri4VBKlAvlBybf-6Cgd8Z_WSS8jYHpaIux12pUYoLUSXpqV4gOwZ8Oj94exEyinvMkqBXm872-lXUJAqFUmm-VA2xtleUDnygCvHRcAEiKrKgpEE4AQDkAYBoAZOgAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATheqyD8gTgfSd4APYEwqIFAjYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1654229463191&ai=C8y9W1omZYqf6KPjV1fAP8Jqu6AHbiPG1apn-utyGEPAuEAEgh8CCjwFglYKAgJQHoAHc-Kq7AsgBBakCjKxrLPoMsj6oAwHIA5sEqgSdAk_QELP5xwfOh5Ms4IacgVs2ELzLaH_DhMoOePEig2Sdqgu1vm88gxPAIzLrZlnoNbqQLGssnLOMd6erVLYsrgqxkwW01xT1Z4Hv19M191zslc87JQ_6Pe6sqqM0CG79L0wsjyV4dYHjmYw-MHmpgg099K-Hvb_fiJQxApZcIGujJuUAsshVS26QE9NaBbKZQCGAebSC3aoKWNKWt1rX5i5LYXDHw0L8ikQANmytKmdMuxIypAYv1dlhOLCyzWVBkuKL9fdlQSozw43NK_NkyLXlri4VBKlAvlBybf-6Cgd8Z_WSS8jYHpaIux12pUYoLUSXpqV4gOwZ8Oj94exEyinvMkqBXm872-lXUJAqFUmm-VA2xtleUDnygCvHRcAEiKrKgpEE4AQDkAYBoAZOgAeMh9XEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATheqyD8gTgfSd4APYEwqIFAjYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 17BF 		30 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DUjZBkdOU4CP2dDL7RWIG96zuNxfY58q3MtlQpSiByFcVKlTXOXz0Ng78CAyXagGOC5CGMpE_u3_ju8FtszxlojFwH0w&dbm_d=AKAmf-AFQZVKvJiaU7jKCVtDTaXu-IJKsSJPlk8T8OOZkSQxRhKVeQKVM49V0_YhUODkvPRvwfFyAyQbIQ8KYNaLpoEkhZ4RI1dHOtomfMwIWKe845ukQEgWIl1AocUrVE8gOAeGDWxlrQcBB7sKZZya_6Kr1B5HvPQzxJ5c5YeIU11rhFCsNIJCyBTDeb180Yg-ZAuSJjv2cMZP98kis4XnqHvbnhefQUI1XfJL1lyFZWKtw6VbWR2PnRbhse7hDDgbA8Du3O40zeWZjYYgPsoGEhjLTEkoRGEBkzKvDKl-rAqDroCH7JPPJL235fySsdpZChaRYo7L0Sc3PVnRCtIvDZhWGVFS5Cn_MXuwGOl7ybNB74vCKDBXP6P-YzFuKCEFFXzZAdPtTrYatQVTZ4oD1tyez75cRweI0jZIYujGlhBec2U8lLAdM2RdPAwsAxF4jmvDFW8eIxobl2hgKXCm1uw3A0kqgQq6pyQW-S81d8C4s7hBckns02aAk2Ev4jGabYk8AHqPG6FKM3Jt9PzsvT7g9fcij1ahmE7Fdp1EGHH-jPzzwBxXIcSJUpjsBr8eaYDWTbJmWvDd6BkjP5Cwe5pkBLEEXVXu2wav_nPxcS5BtBfOYiYZdncfVVjpn2blV9Pt34zrnOD5e8ih_1N_lpGQHA9AGeflXBUSP9f00uojnmCcVCk2X3IN_cRqKwc_zZRVHtuVVBP17E0XPaQc4qjz7KVUO6cCC1E9Az99DLJiuFWICybrV_8a6IfWRgkT-V6hK1ice4butk_8eR6ryeiD5uZ3-7J3KxBmhMmaTVRomXKJLGmCqeMgobSB9U9sGJKr4XbUrGeifYRxN_s5NSIbEzlOm5G-zNN7TEbRADjHnoSNKDjo7VUPJzqAFWhXIpOyfd2JP2AbNF6aBLxjgCNk5LGC1Pb7_P4NZP4gZHLgxtN1D3nlZF2t2vf-opRUOpNdQFs9joB9q9s2oMkK1RkctCaQQKXcc34EgXvQufC4_FRz5ljlcYG9V4alQ6fkuxZqtH-iVlZO_x-VqWEgbydCOdZSR9XnoZzcJ7Hv6-ZQhdusvy5j0ys4kEeYoKBFdft0XVO8lSLnxogD2ioyPqyxmksRX836dJCBARtN7lT1_qQEbPDm9pAjq-Tr8AuqnjrcNVP-j7Y1anCo5IJPndoGHM_9QD1n5tw-D2yeBSlT45Kpimft7TeXHW4Gvl2eHQdF53-8lmJR6jsX_lA0P5a8oq_3r1kUZUaCJqIbbCAskvmqTdFSppj4dWsfwlX-QGBkO23j-49qqakhCDtyNi3kW_uXLpjd1z8jbSvb-S9QKeFXybhkdZnu7P3UPJGfjxV36KKQ5gx42QDPdIFtg68PuLfmd-MA5nC64o35QWYy_E56BLUVH4whPRxoHhjfa6AqWrORvzF0Lbc6YiRJuIFtJXtUfa_9Ch1K5oJgu6VBg2UFMqFDfi-7u03N6xOfYDk0kpp3rzBPVgkLbx4ythUvxt1gtGPNetyYa4nzCkH3c8GdkXhbA3Zm_oPLDJ0poEYNr9xQDEjWZ1gaDaDbEwBD7Ud4FsKJnTmfZKKVJUDMBdadLUr47MKrh02LYpV_hhqEkratb3R62sxQFx7NCyTWIBhQTT2wEbdLHvfiUucC_qwwUeuzP-DAFvW6ELGNzwKlENW1I-FbA9ZC0wz5z_lU4djWPvufyEihjJeMFDxaeVZBxN1kmTG-lkrR0B-Gp0dvbEbb0u8DLgUBVZ73RX918bYW5h2U9yVfdBMExj8maqF63FH5gm9gZzOFnX-CYAF8yWWuexenR1CveegadZD6wokI9SlWA_qdz0E-x7BWlo-F7-thMJFVnPoM3pypwhyfJ7AMRYHeEhyJD7fnoV9PCPpje_3Cpaicny6ycfPrAsgPHNnScGF10Qoe6iUtPEU_73zIu9hFM94CW9aJ_Eu_6ZtiIn4A9gM56frOXUcVNY2MmlCujB1ZMkgI_nXXe-K3s9DEzTjqP86HBlok8r_zQOTV9qqYGkkR2JBWdhpeQwdvSUgXWcMXgKe8IpjcPvg00eL5Ay154elGFJodGJRaFWD_slEZFzwTztIx1shzW-nE2xPbo7oXDcsv3aVihVZfoyh0qa94xKbEVCJ6bp9FIMm18ehvfk2p-FWjDcDEYplL6PAAKo5GU4CGajxeTyKNtwdyYJgKoWp1GUW4SRlA8IeyHYLTIqKsIwIvTzLLEwTwkL4mffp5x8RknqTVppqrn-NkXNDmhXgNHs8vJ03ZEVFBxCs3zpC7hzReibxIKB1pLnAJX8owqPtEVkcNH8KC85LW_0ke59MrQYTWjg5vIZjKPVsS3HIYKZ6kMH10nB51IvlhixprKg4bgqdhWVsdWWX7gYqKAyBHUzh0S1d5kXbw-z4rNrMVCGULzJFhVYRp546prPB8bH7TzvNY2CRky6gxDeZHdF47P-bvhCiEapbPe79OD6Ee-UXg099S6RwJzxxokofFgou3BKZXssqZQwK_1MMVSuCa_o4AnnfTmj8LdNSgQc8032BqOXxmXqCOuSldFB1hUBrHhoGaf8vAWuhD3UJ5UiU67-qCLvS5EXP2OpTe7nu2mWP4ADJJCluASwSuoQFpR0PE1CpIKAHNI6t9i-r69lcEB1-_QcGEJyWEbWfdGSO_3K5q_vKG35qCQApSMvPPgyvNgy8ix2pMBVIYV6lWOdFcrTOuFKBAcLH-LCD5gnyHEFlBojBeogGKJwPIKS8ghE1k6nio2BSvlD2_puHmJCCj7ycqjF9fdTw_H1snCRZpyGF456yuY8scVpyMKzU_W9DF381KFXWYp6VUzD5IJyYDyMgRBv3emqpnJ_e9j_7dCuXcfr9zdzrByAD_FDIP-bqOBUbzsWlGXq9l5C5Rtr6fOT5lMezZnEuXkMwnP7WMMMmle6rsPDxV-Wzt234NxY2q2HGw6r89bAw3T73F7vwz-7YqpBkBbqTijcUJgcLkF92Z7FYDXJLoEp3xIH_9Jqn8aHA2ZDo-t7psdb5vnQ7lknGNHd6_VwQKC7x4io5KETTpXn1bs00W5p_G9yZ_9bTBuxHOv8d2ts2M8SLawzbCXh_UgYY0BinIcGk1bDMOYDVLlt17TzJgFHgWG5UdVP3ZZniu0wOMe1tezOVF1yCwa62bPSPMrOrOHi1SfGQM-akNyRIgSbaRuOvVgKM1qljY_87ttwEO2vcWmtqTiuofEBBj9VDTC6FL6Me8rd0Me4_C8HkJ9dmRoA0QgSIwJ_Vp8EaUXlkuRCHAoEOFk2pze6sgXKvuqbsGak45LvPT4FdXRqHDHx-njq5fMqqlBzzvI_bvKLJ2AGef3wBnS7uF95JThRmZMG4VzUZmG4-qUOVXH3ii5EE-ayhX14OwdYkK-N4gZOpfKYuxL2h9JaLNdcnQQFkoblZ0KFCJ9-dgYZBDI-MWXDcVrbF8PbwqF_7OcKgIWoSY6pZk&cid=CAASJORoqVnEOdyHFTBVU6aOnhYRXogQsviPhuR7G-b3lrn69QFlTA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
cafe /
Resource Hash
0ea8d134c87897a2614daa5f6f3729fb83c4f41f36b7e2f2226f4c37a25ff547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16008
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 17BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQ19P1omZYqf6KPjV1fAP8Jqu6AHbiPG1apn-utyGEPAuEAEgh8CCjwFglYKAgJQHoAHc-Kq7AsgBBakCjKxrLPoMsj6oAwGqBJoCT9AQs_nHB86HkyzghpyBWzYQvMtof8OEyg548SKDZJ2qC7W-bzyDE8AjMutmWeg1upAsayycs4x3p6tUtiyuCrGTBbTXFPVnge_X0zX3XOyVzzslD_o97qyqozQIbv0vTCyPJXh1geOZjD4weamCDT30r4e9v9-IlDECllwga6Mm5QCyyFVLbpAT01oFsplAIYB5tILdqgpY0pa3WtfmLkthcMfDQvyKRAA2bK0qZ0y7EjKkBi_V2WE4sLLNZUGS4ov192VBKjPDjc0r82TIteWuLhUEqUC-UHJt_-IL9dL0D4_ZaTTGoEFjMZx3fsv_BlMu5LwgzQT6S_fI9IcSua724ANJQSNiEZ1oc9qUXorh8-8G75cIt3oKwASIqsqCkQTgBAOIBduQnfc_kgUGCBsQAxgBkgULCCIQAxgBSNK-vQGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQqscFGMDTzcsB0ggJCIDhgBAQARgfgAoByAsBsBOF6rIPyBOB9J3gA9gTCogUCNgUAdAVAYAXAbIXHAoaCAASFHB1Yi04NDMwNjU0MDA0NTU2MTU5GAA&sigh=B8QkR0llxGE&uach_m=[UACH]&cid=CAQSOwCNIrLMQnrWfiabR73u2kKprivsfRp3guKhm2AKXOhmxKDUWiYNKmlDbjCVJEHaPpZYUlrA7pKPEBAt&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 03 Jun 2022 04:11:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6056 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53091
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Fri, 03 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 17BF 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f6a533e5d35f4eb6ebf3c61e61828f0ba69816ad0644ce78668ed678fef82cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 6056 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIPfKLHXn-fZ8RGaEi9BbY&google_cver=1&google_push=AYg5qPKAZfCy1bq01ymfoplnYAwhyQQAbDbF9Y2yE23FHA2NZjIk3KY3TqVuMBlyrafcH1y2qX498MWCmt3pk924Qs8mbxuRNck
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 6056 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLlUh7GhB6S6bA08S0LibUXvhoRqPTkyc3-9TadN2HzROyzHAr0eQ_r-ROf71eaCnPASLnvLEIUn9j82Kd1MAtszUR9KKRL&google_gid=CAESEFNMW2e5M4SaEdL4ny05ZU0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 6056 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHQkuivrG-X33a5vKhddthA&google_cver=1&google_push=AYg5qPJJMJhbTINDwJl4DaAmdLTHqK9gPbuwDHSDc9uHX8qDycUM4ELpJnDP3LHQzhkC7ZwhtpLv6Lc6XlfNbfWw5-dhMsPKIxdr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:02 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
5g06hnktgn9ud2ioevufp3pst5p3a6q8
pixel
cm.g.doubleclick.net/ Frame 6056
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BJDKAZr-QOW7SiqbrJQ-kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BJDKAZr-QOW7SiqbrJQ-kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJExk8G8ivD946JT39c55Ss23NFG8Y4qEZl-hIeiZ66kf9W62l00CmT9zLI3xQTPMirrLXTvCBiDmHDNDEdgNpxoFdVvm35
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BJDKAZr-QOW7SiqbrJQ-kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJExk8G8ivD946JT39c55Ss23NFG8Y4qEZl-hIeiZ66kf9W62l00CmT9zLI3xQTPMirrLXTvCBiDmHDNDEdgNpxoFdVvm35
date
Fri, 03 Jun 2022 04:11:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6056
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKN9frG0DMcGlpaoG8d8ox8&google_cver=1&google_push=AYg5qPJkQYII4xkFBqfPZVtKaVDsu1aC7R3FSZ1rblOKMtojx0YG9tW3PnvkHmcObyDixgdalsH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYWElFWk0tTC1GRjhP&google_push=AYg5qPJkQYII4xkFBqfPZVtKaVDsu1aC7R3FSZ1rblOKMtojx0YG9tW3PnvkHmcObyDixgdalsHmg536t4eXV2eaiTKt1BySvFmu
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYWElFWk0tTC1GRjhP&google_push=AYg5qPJkQYII4xkFBqfPZVtKaVDsu1aC7R3FSZ1rblOKMtojx0YG9tW3PnvkHmcObyDixgdalsHmg536t4eXV2eaiTKt1BySvFmu
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNYWElFWk0tTC1GRjhP&google_push=AYg5qPJkQYII4xkFBqfPZVtKaVDsu1aC7R3FSZ1rblOKMtojx0YG9tW3PnvkHmcObyDixgdalsHmg536t4eXV2eaiTKt1BySvFmu
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6056
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENw2R5DSxm4WP6rC-_IU7x0&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENw2R5DSxm4WP6rC-_IU7x0&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpmJ1zQa9XKzp_EtzIbqTAAABGQAAAIB&google_push=AYg5qPLgo30PyzCVLidI5PlRPRSucdWo3erkZYnwniZOJyC7XGDsjlF4hYUAZk0v5wfuuRn5bKonQJ_4UB6daV1ZHn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpmJ1zQa9XKzp_EtzIbqTAAABGQAAAIB&google_push=AYg5qPLgo30PyzCVLidI5PlRPRSucdWo3erkZYnwniZOJyC7XGDsjlF4hYUAZk0v5wfuuRn5bKonQJ_4UB6daV1ZHnG5vvUY2j6u&google_gid=CAESENw2R5DSxm4WP6rC-_IU7x0&google_cver=1
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 04:11:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpmJ1zQa9XKzp_EtzIbqTAAABGQAAAIB&google_push=AYg5qPLgo30PyzCVLidI5PlRPRSucdWo3erkZYnwniZOJyC7XGDsjlF4hYUAZk0v5wfuuRn5bKonQJ_4UB6daV1ZHnG5vvUY2j6u&google_gid=CAESENw2R5DSxm4WP6rC-_IU7x0&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Fri, 03 Jun 2022 04:11:03 GMT
googleredir
googlecm.hit.gemius.pl/ Frame 6056 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6056 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAKctGXb5hq64dsqBDPhqSwdInvkoqww5l5Zo0NUtZBguSlxXXgheeQktoqzn-LbzzJBas8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8430654004556159&output=html&h=280&adk=345613242&adf=1902277750&pi=t.aa~a.3711612684~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1654229462&rafmt=1&to=qs&pwprc=2639789186&psa=0&format=1110x280&url=https%3A%2F%2Fwww.zuhedaikuan.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654229462613&bpp=4&bdt=2156&idt=4&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0aa51e858ce578da-22bc6c36a7cd0073%3AT%3D1654229462%3ART%3D1654229462%3AS%3DALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw&prev_fmts=0x0&nras=2&correlator=6855546236672&frm=20&pv=1&ga_vid=1096319668.1654229462&ga_sid=1654229462&ga_hid=588178953&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761043%2C31067629%2C31067863&oid=2&pvsid=755548041005022&pem=968&tmod=2000084120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wNsscDInsw&p=https%3A//www.zuhedaikuan.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 17BF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 11:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 11:13:37 GMT
file.mp4
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 17BF
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/400B2CF7EF41F864AC4EAF90BBE77CD4E8B9CF48.81F1D2C55BDF9E4B27264C8A727EA422430E889C/key/cms1/cms_redirect/yes/mh/8o/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1654228509/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 04:11:03 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
863458
Last-Modified
Fri, 27 May 2022 10:57:44 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 03 Jun 2022 04:11:03 GMT

Redirect headers

date
Fri, 03 Jun 2022 04:11:03 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
653
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/400B2CF7EF41F864AC4EAF90BBE77CD4E8B9CF48.81F1D2C55BDF9E4B27264C8A727EA422430E889C/key/cms1/cms_redirect/yes/mh/8o/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1654228509/mv/u/mvi/1/pl/29/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame AF79 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 18:52:45 GMT
expires
Wed, 31 May 2023 18:52:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame AF79 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 06:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
76482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 06:56:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AF79 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BLWbC14mZYoLdE6rmzAacmpaYCgAAAAA4AeAEAg&bg=!urmluf3NAAao8wy8iPM7ACkAdvg8WveotWCBixchNnvtyJ-YQ6t0nFYEfbaNqlC1Da4uwC2nhA4UygIAAABrUgAAAAJoAQeZAtKeFa82oMnQo4W0q9cAFL933KUgQG1k8COwQX8pmTrTJUqUTal1ngIAL9dtLYe7B08qeVnwpnM0s6N19l3us7WlvFE2ME5M8jnIqQDPaoQRkAyY86aIwzIhDnigMUd6tQMLDkikB6hmzAPmXd4d26Bb3mo5MEzQsR-2YZ1v2sgI0JZ026fILctP3LLRLeEaJwBwRrrVdVB9ysrCEt6mPYtgJLGqarzDAinYeN9nJxQyxF8mMUtgTiI6D6lzRDn-CmKDpH5b23EPOqectFp7-jhJx1HGifjNDN59R-WeJu1f57Db-vbWkebMCzuxGkDKGYHABMOOnQSTuHaKIvOSgLPMIVHUdEm7XZnuRk9M2xvfkYE18ElmXH103N21TUXOkbIyQj4nh3pJNG4qN7x8kmF2-lzt8baJMK-mRiCXnM3m7R3srNCkxgUEs2fYOEsSG88bj9TCkpxWSO6Enn9340jgXiV7wF8TZvmxON4hb2EUhY1-WCaduDmbDrBVBet5Hx54UvUwW_H31Vw3EO3RUuFCvRodX2hlNDPBQ-k6nUr3ie_0Ypb-67psKWQcICQqQ36Cy4qBXOhFbMlrckwmd62nSLNcDxF9I30UgBMuE7zFjjAm1J5VC17dSepdbAqGiI6GHwSxagCvbYrSK7rW-xO5WgsMd3KQNPvVk2AGvsAEla3ztJGc-rt5ZIKB3rFMvXN8tr_8XIENumAdcw2tyhW_4Px5x2UFzys8A6Nomn6Qr7Rcmd4V4iw0wgtgJCnysbdpZwdUTgSSOQ3ncMgF7BqdQh2MByuf97zZw2sAu7BauPCM-B4IPl5B4bxoENpZRIoRHPWNMuVIFMyw3CZ8V2vYyvpK8TV1TQkEWzwq6l1OkpdH30XM7XIAS_mR43itT5Ke71VdRXKMLu-8P5MGPi7aUlF3gMw7ahZg8idmKs0-vWHMZyYzgX5rHugiOCgYgy2J4g
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 17BF 		843 KB
843 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/417bb51c2eef44d0/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3798097160/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/400B2CF7EF41F864AC4EAF90BBE77CD4E8B9CF48.81F1D2C55BDF9E4B27264C8A727EA422430E889C/key/cms1/cms_redirect/yes/mh/8o/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1654228509/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1b655e0f5f0cdd82b36afc857a3293ac0165ca25ceb1467f8d87c2ff58a56f1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 03 Jun 2022 04:11:03 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-863457/863458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
863458
expires
Fri, 03 Jun 2022 04:11:03 GMT
last-modified
Fri, 27 May 2022 10:57:44 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=277473295&si=20658def123d97331bc4d6819ef63a26&v=1.2.94&lv=1&sn=60529&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.zuhedaikuan.com%2F&tt=%E6%88%BF%E8%B4%B7%E8%AE%A1%E7%AE%97%E5%99%A82022%E6%9C%80%E6%96%B0%E7%89%88%202022%E6%88%BF%E8%B4%B7%E8%AE%A1%E7%AE%97%E5%99%A8%E8%AF%A6%E7%BB%86%E6%9C%88%E4%BE%9B%E6%98%8E%E7%BB%86
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Jun 2022 04:11:04 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame C841 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOV6i4xfwo5Fe_a1spX7cE3xxFsVVsedNFi1rYYzSvgQ3KVIbdLFh07rvtnKle6GeaXYsP_-DoxQlE5LYybDwm1z-4_XT1QaI5zRB9v_jW_9qja_5vsz9nhU20&sai=AMfl-YRBpsJ9UHvElLkY_SF4EIRa9D78bE6l7_M3x7A8bFLW768cDjLACc4QWv1SNBwmu6ePw1fWUyM0jlLP&sig=Cg0ArKJSzHblSbrBmKIFEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=105,789,1000,1115,1194&tos=105,684,211,115,79&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654229462675&rpt=207&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 17BF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l3xxieu1&c=8652908116306&slotId=4326454058153&qqid=CKe9__u0kPgCFfhqFQgdcI0LHQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=947&mt=video%2Fmp4&vs=684x854&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:819::2003 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jun 2022 04:11:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220601&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1028999827651204a48eebe3bef6551dcbf0783840309af5f0141d3c3f974d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Jun 2022 04:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10522
x-xss-protection
0
Get
www.zuhedaikuan.com/Pinglun/Lord.asmx/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.zuhedaikuan.com/Pinglun/Lord.asmx/Get
Requested by
Host: www.zuhedaikuan.com
URL: https://www.zuhedaikuan.com/js/common/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
112.74.76.82 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
3c7f4653dce97f7c47e0669b3582a43e1b90f6941398240e4a64b411efbb3872

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zuhedaikuan.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 03 Jun 2022 04:11:03 GMT
Cache-Control
private, max-age=0
Server
Microsoft-IIS/8.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
1845
Content-Type
application/json; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8430654004556159&plah=www.zuhedaikuan.com&bust=31067863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 04:11:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABC6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zuhedaikuan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 18:52:25 GMT
expires
Fri, 02 Jun 2023 18:52:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1AED 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89a5124fb6e40b652cfe30f62f13e898ad436e20d139b2577b5d82d9e537a9ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EjGgo3EiSfmBozVnNIw6ZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zuhedaikuan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-EjGgo3EiSfmBozVnNIw6ZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Jun 2022 04:11:04 GMT
expires
Fri, 03 Jun 2022 04:11:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame ABC6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 18:52:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
33519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 18:52:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1AED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220601&jk=755548041005022&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame ABC6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4InViQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 04:11:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220601&jk=755548041005022&bg=!8_Cl8LTNAAao8wy8iPM7ACkAdvg8Wg02gC54BAZyv-uTInuEL-z27vXBpFMV8c0S8CU_-cWOl230QgIAAACfUgAAAANoAQeZArBSyQDm4ThawnBfF_sP3pWd5MJd7vkSN8qCroIbyYZ_wjpdENDaafEGXZBQqMHa68XHUbV17QV9xCrFp-WJdWJ-DzYRYaCrc1hROoG_dwzsRhooMgK6ZW3z5m2MXEqEd4xjzDFwS2AtbZ5E0qiGo2NZUQsLZXVYqb_x-wENAqExczzhd6awC-fc9QmJw9viZ8sSTvUUhRwfIm2wNrw9luG78jAZKRpJlv6ErHeLhzR_lMpmRw8XqMAzS94i-g7YzIRSZhn-6dq-ZPxynolhg_dYSWV2vOjX2ci3QAYzG0e5NiE_ek_g3t0a7mWUjAcllGP5tp98i7ofT-PASLrHIghRFfWenf1b2RDxykmfMLaSr_d2_Kk0IR_KusbhP_xC2klOnw3XY-VQuqSZJ2vNwDW9CCWbFFaJP2X4h_TSUXIZK5xU8EccKSrGpDfk3AydhoDvQv_c9oLwiUGRqsRi2cbmg8ECLGQbB0ciBRPL463WwLHIzZKdAWzp516rX7p0qhbrVrTFKe8hY1lHqrge-BPZmuj8T4WyEma4_tqx8tP68r7uTRG0S6fubSWjsCosh0sGnDOAxK51w_xoiPuJ3klICmIYxhdBjWeJxDoHHtkQZKlDpgrCLa8pqXOVf0v2sl66CiKb5KUEu_yyL4fkChnmPj7PNxe6lreFrwTvKfqr5Q-YPzTotxSED6CMJBwkpahqd2PAja-WBqnR4pquZFWZvwMPJaULutX7PZRKLzb44kRNt3B4Qlofc5EtxHS9PWvbDhT9vHQ7sFLkJOX4l0pKV_XTqiFOULagGn5c-_jBDmb0clazg48yuBHbEEHSIITIFsmfmJ1r6Ct0thTC6AjC07Y4P7b4s0nqsz_XsHIZZjhuQsY38ougpKbjN2Q8Lj4b2rZ-o7C9vcDDbfavcdgg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zuhedaikuan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENyaxKXFiYzvAIyqOSg6pqY&google_cver=1&google_push=AYg5qPLLabbg_VlCDREjMt7m1dp0-IbAPFnuo_IhizRUFFtR4u7Rp3y9VirHD1QDDe-olPvQf05U60qc0PVilco0UOS9mL7DNEGZSg

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery object| bootstrap function| calcTypeChanged function| selUrls_onchange function| getRadioCheckedValue function| SetCssName function| elementDisplay function| loanYearsChangedBrif function| loanYearsChanged function| selYears_onchange function| GetQueryString function| getValueById function| setValueById function| FormatRate function| download function| getNowYear function| getNowMonth function| AjaxErrorFun function| setLinkItemActive function| M function| getFloat2 function| getFloat function| getInt function| getMonths function| getRate function| getYear function| getMonth function| SetTextValueFD2 function| SetTextValue function| SetTextValueInt32 function| SetTextEmpty number| _loan number| _rate number| _repay number| _months number| _fYear number| _fMonth number| _tYear number| _tMonth number| _monthsPaid number| _part number| _newRepay number| _newPayment number| _newMonths number| _newRate number| _kind number| _plan number| _default_rate function| restore function| init function| buildUrlPars function| btnDetail_onclick function| btnBefore_onclick function| btnAfter_onclick function| clean function| btnReset_onclick function| selPlan_onchange function| selKind_onchange function| validate function| btnCalc_onclick function| submitSuccess number| _payment number| _housePrice number| _cash number| _default_lpr number| _default_points function| selRate_onchange function| clean_results function| selCalcItem_onchange function| init_default function| init_values function| btnReport_onclick function| auto_calc_lpr object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| _c_content number| _c_commentID number| _c_level function| btnCSumbit_onclick function| submit_ajax_successful function| c_submit_validate function| renderTime function| btnCAddMore_onclick function| addmore_ajax_successful function| onload_ajax_successful function| hp_autoCalc object| _hmt object| google_llp number| google_lpabyc object| googletag boolean| _bdhm_loaded_20658def123d97331bc4d6819ef63a26 object| mini_tangram_log_3n92p5 object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.zuhedaikuan.com/ Name: __gads
Value: ID=0aa51e858ce578da-22bc6c36a7cd0073:T=1654229462:RT=1654229462:S=ALNI_Mb187tHrzXk0u8r_P26gTuc_TiINw
.doubleclick.net/ Name: IDE
Value: AHWqTUmhKy_kBuStthvU-xCWjM31wNFsVcI3ZUIT3sU6gr2gP2GXbwmFdTqIjFCUomY
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EBsBCQGlJoEA
.quantserve.com/ Name: mc
Value: 629989d7-536ac-30602-94db0
.casalemedia.com/ Name: CMID
Value: YpmJ1zQa9XKzp-EtzIbqTAAA
.casalemedia.com/ Name: CMPS
Value: 5200
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 4B0D83EF422A899B
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMPRO
Value: 1124
.casalemedia.com/ Name: CMST
Value: YpmJ12KZidcA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0490CA01-9AFE-40E5-BB4A-2A9BAC943E91
.zuhedaikuan.com/ Name: Hm_lvt_20658def123d97331bc4d6819ef63a26
Value: 1654229464
.zuhedaikuan.com/ Name: Hm_lpvt_20658def123d97331bc4d6819ef63a26
Value: 1654229464

2 Console Messages

Source Level URL
Text
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENyaxKXFiYzvAIyqOSg6pqY&google_cver=1&google_push=AYg5qPLLabbg_VlCDREjMt7m1dp0-IbAPFnuo_IhizRUFFtR4u7Rp3y9VirHD1QDDe-olPvQf05U60qc0PVilco0UOS9mL7DNEGZSg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLlUh7GhB6S6bA08S0LibUXvhoRqPTkyc3-9TadN2HzROyzHAr0eQ_r-ROf71eaCnPASLnvLEIUn9j82Kd1MAtszUR9KKRL&google_gid=CAESEFNMW2e5M4SaEdL4ny05ZU0&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hm.baidu.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r1---sn-4g5edn6k.c.2mdn.net
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.zuhedaikuan.com
googlecm.hit.gemius.pl
103.235.46.191
112.74.76.82
142.250.185.226
142.250.186.130
142.251.5.154
185.64.190.78
23.35.236.247
2607:f8b0:4002:819::2003
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:d::6
35.186.253.211
35.244.174.68
69.173.144.139
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea8d134c87897a2614daa5f6f3729fb83c4f41f36b7e2f2226f4c37a25ff547
1028999827651204a48eebe3bef6551dcbf0783840309af5f0141d3c3f974d19
149065b208b1c4dbe5f2f373a157daa464517097d336c827c3d13ae059e040ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b655e0f5f0cdd82b36afc857a3293ac0165ca25ceb1467f8d87c2ff58a56f1d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2a38158776aa19cc4455aae73ea4a5d084570302a27869776cdd464ee7d034ed
2cf855582855caceaa0559c3c9bdc7d890851813fe82ae1c5c5a67e178fc02e0
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3c7f4653dce97f7c47e0669b3582a43e1b90f6941398240e4a64b411efbb3872
3ceadd47131da980f3cedea0536451cb25c250133f1668db4d0d876f3617e344
40f7fcd46beea5ed74eec54f7583a4c8effa758f3988ba075b53f6255af78e17
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b4d9cb67c18ebeabeb764d4fc66f4d93183d1309a698312958d2a6867865c3f
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5700b44f8e1890d4ee167b3de29056adec4ecc9238f9d0c95c6f29dbc4fe6ebe
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cfef44dff8d4ceaf404a2a896e7e9178d1d4314922d5021d7f25022fed281b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6c241549585e49abe06f6c7afafd493bbce81933c5ee9367a451a06322328a0b
6f3f848dfa6c0c851588476903e0b843d5d5b33d94907c88b0c7c9057522035f
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
798f8e4ab51910b1260185b50979d43fab4dc37250ad1b721d513d91797ac158
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7cf7b05e5d180f47dfb2ef2bf03fd01d34dcba8abbe254423de0ff40d8e303f4
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
89a5124fb6e40b652cfe30f62f13e898ad436e20d139b2577b5d82d9e537a9ba
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d0d63756694e744a41d326fd3cc7d576b548d19562b7862b6b0c674f5ccdef3
9f6a533e5d35f4eb6ebf3c61e61828f0ba69816ad0644ce78668ed678fef82cd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d7fe2c6760ea329e4128db5ce7621f1f30fda31fe06643a0c2f9da2539a34d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c8d6d58af052574be931aea92e202df906c911c7fa96bf55ee0bf05f9a2fea53
ce785d57ef9a42ccbd1c547a34629dcadedbb4ec14c423ace11c2a33c2b45c33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
d7a69cc9693f6125c312f4d4d241d7ab6baa2b88b283ed622d3d920e20301af1
d9ad90ad6ef31b033a50df447a8ea24d8a373653650b8ee2f7489950859397bd
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dfce785841709c4c0d7af3e3176883c27387af348fb0227f37d33c027896af3c
e3204c760804421274054c854478e07cb5c7759d00e15ac48fab1b28d74e2fd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec627e8063ab10f56e2d93f7c236012f468521c3459b4283c6f3d7048912416f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615