urlscan.io logo urlscan.io
SecurityTrails logo

dl.lancdn.com Open in urlscan Pro
144.202.115.0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://server.lancdn.com/
Effective URL: https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Submission: On January 03 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 144.202.115.0, located in Los Angeles, United States and belongs to AS-CHOOPA, US. The main domain is dl.lancdn.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on August 3rd 2020. Valid for: a year.
This is the only time dl.lancdn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 163.171.128.148 54994 (QUANTILNE...)
8 144.202.115.0 20473 (AS-CHOOPA)
10 2a00:1450:400... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
1 172.217.21.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
25 7
2    163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)
server.lancdn.com
8    144.202.115.0 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.115.0.vultr.com
dl.lancdn.com
10    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
www.googletagservices.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
8 dl.lancdn.com server.lancdn.com
dl.lancdn.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com dl.lancdn.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 hm.baidu.com dl.lancdn.com
2 server.lancdn.com 1 redirects
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
25 10

This site contains links to these domains. Also see Links.

Domain
www.landiannews.com
github.com
Subject Issuer Validity Valid
*.lancdn.com
TrustAsia TLS RSA CA		 2020-08-03 -
2021-09-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Frame ID: FCDA27167DE84A84D3E019E1741F28D7
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 4525F1A460371FB750287723984CF7A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&h=280&slotname=3324429009&adk=2195740993&adf=1839787983&pi=t.ma~as.3324429009&w=1200&fwrn=4&fwrnh=100&lmt=1609716683&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683263&bpp=14&bdt=230&idt=82&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7666666560593&frm=20&pv=2&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=u9d6eP6nPH&p=https%3A//dl.lancdn.com&dtd=99
Frame ID: B803B55364CB19F0EE6AAD204CF5D6CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&h=280&slotname=3324429009&adk=2195740993&adf=1056458448&pi=t.ma~as.3324429009&w=1200&fwrn=4&fwrnh=100&lmt=1609716683&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683277&bpp=3&bdt=245&idt=96&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7666666560593&frm=20&pv=1&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=SmmfEHOvSz&p=https%3A//dl.lancdn.com&dtd=99
Frame ID: F43D0A8CF7924AEDF46CA4965B2FF618
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&adk=1812271804&adf=3025194257&lmt=1609716683&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683280&bpp=1&bdt=248&idt=100&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=7666666560593&frm=20&pv=1&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=104
Frame ID: B196E09EA8A5503AB71DB663C9E12958
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 7B1CFDCC43785B40126C0C55403204E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://server.lancdn.com/ HTTP 301
    https://server.lancdn.com/ Page URL
  2. https://dl.lancdn.com/landian/?utm_sources=*~/server/*.* Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

25
Requests

100 %
HTTPS

43 %
IPv6

8
Domains

10
Subdomains

7
IPs

3
Countries

397 kB
Transfer

725 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://server.lancdn.com/ HTTP 301
    https://server.lancdn.com/ Page URL
  2. https://dl.lancdn.com/landian/?utm_sources=*~/server/*.* Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://server.lancdn.com/ HTTP 301
  • https://server.lancdn.com/

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
server.lancdn.com/
Redirect Chain
  • http://server.lancdn.com/
  • https://server.lancdn.com/
677 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://server.lancdn.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
ce14b86c5ef800db9ba822a0788fdb73a42727c8c76521c5ad554c54571f00fc

Request headers

:method
GET
:authority
server.lancdn.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:22 GMT
content-type
text/html
content-length
677
server
nginx
last-modified
Mon, 22 Apr 2019 07:58:22 GMT
etag
"5cbd741e-2a5"
accept-ranges
bytes
x-via
1.1 PS-000-01U4I88:7 (Cdn Cache Server V2.0), 1.1 PS-KHH-017Op120:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:9 (Cdn Cache Server V2.0)
x-ws-request-id
5ff253ca_PSdgflkfFRA1eq9_10162-8948

Redirect headers

Date
Sun, 03 Jan 2021 23:31:22 GMT
Content-Length
0
Connection
keep-alive
Server
Cdn Cache Server V2.0
Location
https://server.lancdn.com/
X-Via
1.0 PSdgflkfFRA1dm92:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id
5ff253ca_PSdgflkfFRA1gi9_47810-10103
Primary Request /
dl.lancdn.com/landian/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Requested by
Host: server.lancdn.com
URL: https://server.lancdn.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
3add53db7920a3cf9254dba6b71a2f409422250af5de9a72bb2abe85ad9c4025

Request headers

:method
GET
:authority
dl.lancdn.com
:scheme
https
:path
/landian/?utm_sources=*~/server/*.*
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://server.lancdn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://server.lancdn.com/

Response headers

server
nginx
date
Sun, 03 Jan 2021 23:31:22 GMT
content-type
text/html; charset=utf-8,gbk
vary
Accept-Encoding
content-encoding
gzip
fancyindex.css
dl.lancdn.com/fancyindex/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.lancdn.com/fancyindex/css/fancyindex.css
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
a1cd6660c70f08d11ff6452bdd6c003364b7cadf9243e1102ab52b4ae5b4cce5

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
last-modified
Sat, 25 Apr 2020 08:21:38 GMT
server
nginx
etag
W/"5ea3f312-2b56"
vary
Accept-Encoding
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47107
x-xss-protection
0
server
cafe
etag
13290078405355148527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Jan 2021 23:31:23 GMT
history.js
dl.lancdn.com/fancyindex/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.lancdn.com/fancyindex/js/history.js
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
295f8f7344cad9fcc7c8d4d8c9aceae9160b718bd11704467d4133cb70a3f9d6

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
last-modified
Sat, 25 Apr 2020 08:22:43 GMT
server
nginx
etag
W/"5ea3f353-b78"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8,gbk
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?7d559be876b3741f529cc1afc63c288f
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
2712366e0b462792978c6c696ff1d2882a2fa33c6d2b66a104d1f73766cdf61d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 03 Jan 2021 23:31:23 GMT
Content-Encoding
gzip
Server
apache
Etag
6b0f052fb18cdacec5aca4012034796d
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14042
breadcrumb.png
dl.lancdn.com/fancyindex/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.lancdn.com/fancyindex/images/breadcrumb.png
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/fancyindex/css/fancyindex.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
1fa71852bcdd7fbe79e13aeb3a9993f05182739cef563ab784303521efad4a7c

Request headers

Referer
https://dl.lancdn.com/fancyindex/css/fancyindex.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
last-modified
Sat, 25 Apr 2020 08:22:37 GMT
server
nginx
accept-ranges
bytes
etag
"5ea3f34d-569"
content-length
1385
content-type
image/png
folder_black.png
dl.lancdn.com/fancyindex/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.lancdn.com/fancyindex/icons/folder_black.png
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/fancyindex/css/fancyindex.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
1b787d5c45be6ad6953ce8c86d2316ce70686623dff0ce2dbc12103efd3b2b1c

Request headers

Referer
https://dl.lancdn.com/fancyindex/css/fancyindex.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
last-modified
Sat, 25 Apr 2020 08:22:06 GMT
server
nginx
accept-ranges
bytes
etag
"5ea3f32e-574"
content-length
1396
content-type
image/png
298CCB_2_0.woff
dl.lancdn.com/fancyindex/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.lancdn.com/fancyindex/fonts/298CCB_2_0.woff
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/fancyindex/css/fancyindex.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
c1e4799adb384e0aea45c763b4a4bad9f5153cf98feddf9cfeec216284f18e6f

Request headers

Origin
https://dl.lancdn.com
Referer
https://dl.lancdn.com/fancyindex/css/fancyindex.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
last-modified
Sat, 25 Apr 2020 08:21:50 GMT
server
nginx
accept-ranges
bytes
etag
"5ea3f31e-11808"
content-length
71688
content-type
font/woff
298CCB_1_0.woff
dl.lancdn.com/fancyindex/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.lancdn.com/fancyindex/fonts/298CCB_1_0.woff
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/fancyindex/css/fancyindex.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
b52b83fe0cb5cf89f36290ed72957bde69cffde8e2a3389eb8e62464191a18c5

Request headers

Origin
https://dl.lancdn.com
Referer
https://dl.lancdn.com/fancyindex/css/fancyindex.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
last-modified
Sat, 25 Apr 2020 08:21:48 GMT
server
nginx
accept-ranges
bytes
etag
"5ea3f31c-10158"
content-length
65880
content-type
font/woff
298CCB_3_0.woff
dl.lancdn.com/fancyindex/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.lancdn.com/fancyindex/fonts/298CCB_3_0.woff
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/fancyindex/css/fancyindex.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.202.115.0 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
144.202.115.0.vultr.com
Software
nginx /
Resource Hash
e76c0894b38b8f9a51e4a60ec63a50a50ddabf010631db3261d6b8c0ed92a35b

Request headers

Origin
https://dl.lancdn.com
Referer
https://dl.lancdn.com/fancyindex/css/fancyindex.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
last-modified
Sat, 25 Apr 2020 08:21:51 GMT
server
nginx
accept-ranges
bytes
etag
"5ea3f31f-f082"
content-length
61570
content-type
font/woff
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		234 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Jan 2021 23:31:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 4525 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 03 Jan 2021 10:01:15 GMT
expires
Sun, 17 Jan 2021 10:01:15 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
48608
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		200 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dl.lancdn.com&callback=_gfp_s_&client=ca-pub-8597288383599884
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f226.1e100.net
Software
cafe /
Resource Hash
45a2321f709c9f24b5fbdbc9438a9f3713d417d9c3b768a5c6f15206e1702da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dl.lancdn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dl.lancdn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B803 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&h=280&slotname=3324429009&adk=2195740993&adf=1839787983&pi=t.ma~as.3324429009&w=1200&fwrn=4&fwrnh=100&lmt=1609716683&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683263&bpp=14&bdt=230&idt=82&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7666666560593&frm=20&pv=2&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=u9d6eP6nPH&p=https%3A//dl.lancdn.com&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&h=280&slotname=3324429009&adk=2195740993&adf=1839787983&pi=t.ma~as.3324429009&w=1200&fwrn=4&fwrnh=100&lmt=1609716683&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683263&bpp=14&bdt=230&idt=82&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7666666560593&frm=20&pv=2&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=u9d6eP6nPH&p=https%3A//dl.lancdn.com&dtd=99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 03 Jan 2021 23:31:23 GMT
server
cafe
content-length
200
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Jan-2021 23:46:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Jan 2021 23:31:23 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607690616793149"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28334
x-xss-protection
0
expires
Sun, 03 Jan 2021 23:31:23 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F43D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&h=280&slotname=3324429009&adk=2195740993&adf=1056458448&pi=t.ma~as.3324429009&w=1200&fwrn=4&fwrnh=100&lmt=1609716683&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683277&bpp=3&bdt=245&idt=96&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7666666560593&frm=20&pv=1&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=SmmfEHOvSz&p=https%3A//dl.lancdn.com&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&h=280&slotname=3324429009&adk=2195740993&adf=1056458448&pi=t.ma~as.3324429009&w=1200&fwrn=4&fwrnh=100&lmt=1609716683&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683277&bpp=3&bdt=245&idt=96&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7666666560593&frm=20&pv=1&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=SmmfEHOvSz&p=https%3A//dl.lancdn.com&dtd=99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 03 Jan 2021 23:31:23 GMT
server
cafe
content-length
198
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Jan-2021 23:46:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Jan 2021 23:31:23 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B196 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&adk=1812271804&adf=3025194257&lmt=1609716683&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683280&bpp=1&bdt=248&idt=100&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=7666666560593&frm=20&pv=1&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8597288383599884&output=html&adk=1812271804&adf=3025194257&lmt=1609716683&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609716683280&bpp=1&bdt=248&idt=100&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=7666666560593&frm=20&pv=1&ga_vid=632272205.1609716683&ga_sid=1609716683&ga_hid=1475127250&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3221242808270370&pem=568&ref=https%3A%2F%2Fserver.lancdn.com%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 03 Jan 2021 23:31:23 GMT
server
cafe
content-length
4719
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Jan-2021 23:46:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Jan 2021 23:31:23 GMT
cache-control
private
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=293254346&si=7d559be876b3741f529cc1afc63c288f&su=https%3A%2F%2Fserver.lancdn.com%2F&v=1.2.80&lv=1&sn=46015&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fdl.lancdn.com%2Flandian%2F%3Futm_sources%3D*~%2Fserver%2F*.*&tt=%2Flandian%2F
Requested by
Host: dl.lancdn.com
URL: https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jan 2021 23:31:25 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f286d4e08d0846cdcfb20df5ced0636e666f9d51823a43086b24b4efbf814dd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Jan 2021 23:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6387
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 03 Jan 2021 23:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Sun, 03 Jan 2021 23:31:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 7B1C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Sun, 03 Jan 2021 18:54:01 GMT
expires
Mon, 03 Jan 2022 18:54:01 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16644
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=3221242808270370&bg=!6-il6MjNAAUbEDgJG1girU5nZgYvnwIAAACnUgAAABVoAQcKAXhhSTiF_gN6REyuHjWxGAYyNhSFR1Id0cScJRoOW33ZzyHiAh0L-SwvQjJz1vZkymsfrrjKcjSlH0ST9yNero58UmToigBqFmg4ei6DGZahhqbzTRr1KmLvP0wg7c3Hz3CCEcK1D_QgMkirhLBJGCTjrL_Es_Y2g_7D8FXO8FO42zXvuHHecunJUK1n-KEI_enah5kSgdCen1wQGGMINR5JMgqYuvsLaR5jENGrGBM9l4BBUqRT7weSnqDFWy6yMaklAHH2v97teIKgMLDvcSp0Lbp5PikD2tgGDyzohx15EeSEs0KimD1yx67Gos-Zsfy-6-V61MkWhOpPADNIEptd98dZlKTg9DqhtlMCy22S6OHjqb_aQb-y50VNIuvN-EaxTqHywvIRK6Vhj8Se9BZLoJfTruAvHRvpbc2XsFUqWKf5ppZzVAx8BnFRPRn-97aSkhgx1_pwSHsJOY1LRC5Ne3ZhZbRgw2eoMLcrq06t7mMfLw2GVsJkmQG2x4k8vTzvfFfEPnp-S3Y2z1oHTKWK0KI57XXuxDKFXSmG7rh7UOeq9PkcZIBfBCzuSActoIm8QtUIa-D6Tg7OYzjONBovvR-WfkrMAszkEncrnrxFp4tEn1BDZvNU01qvgauJslbK6pRbFjN3Ctb8eS-1oFtU3h5kC_A8VS55PopvhO64vRtmO8XJa6XkxmqgJwH_kPnaW1AhYXnnchNaW4plYFZWCkB1L9uGzJK5mjkLPX1E251k3GeHqASMYwK0hCJPO5SLD-88vXQUpKTlkL7_T0FoPzNzM-IpkyIXMnuqh6J9kXp3egTtRDjVlH9VybOzleNuZj28HodHzCs64TaG_sPULBbZXZ6D7ejRdJ7TcdYs0nbg5KnR-96kc9kIM1VYA26uLplbRS-ucoL9KcBUEbbrGh0N48lWmahGm-AqqNQkFotm_ZlNR83t6jybTGobhrPumwSYsvKtgsQoW4_VZQFHfFGCb1zlUHzRwhN2vr0QcptePclvoVSJUWVmHvWckS-XROK7XarXrG6JuZTVXGWpSy4F5oLvSlEG-8hHnArv8ZLCsRusyXEm0onCZe_I7HRn
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dl.lancdn.com/landian/?utm_sources=*~/server/*.*
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jan 2021 23:31:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _hmt object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| loc object| segments string| breadcrumbs string| currentPath function| addEvent function| updateCrumbs function| swapPage function| initHistory function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| _bdhm_loaded_7d559be876b3741f529cc1afc63c288f object| mini_tangram_log_snfqeg object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dl.lancdn.com/ Name: Hm_lvt_7d559be876b3741f529cc1afc63c288f
Value: 1609716685
.dl.lancdn.com/ Name: Hm_lpvt_7d559be876b3741f529cc1afc63c288f
Value: 1609716685
.lancdn.com/ Name: __gads
Value: ID=4db3eaef65b5fbbb-22a8d7a87db90054:T=1609716683:RT=1609716683:S=ALNI_MYqew-GKE2DPT55svIpIoimiA3DtA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
dl.lancdn.com
googleads.g.doubleclick.net
hm.baidu.com
pagead2.googlesyndication.com
partner.googleadservices.com
server.lancdn.com
tpc.googlesyndication.com
www.googletagservices.com
103.235.46.191
144.202.115.0
163.171.128.148
172.217.21.226
2a00:1450:4001:809::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:821::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1b787d5c45be6ad6953ce8c86d2316ce70686623dff0ce2dbc12103efd3b2b1c
1fa71852bcdd7fbe79e13aeb3a9993f05182739cef563ab784303521efad4a7c
2712366e0b462792978c6c696ff1d2882a2fa33c6d2b66a104d1f73766cdf61d
295f8f7344cad9fcc7c8d4d8c9aceae9160b718bd11704467d4133cb70a3f9d6
3add53db7920a3cf9254dba6b71a2f409422250af5de9a72bb2abe85ad9c4025
45a2321f709c9f24b5fbdbc9438a9f3713d417d9c3b768a5c6f15206e1702da9
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
a1cd6660c70f08d11ff6452bdd6c003364b7cadf9243e1102ab52b4ae5b4cce5
b52b83fe0cb5cf89f36290ed72957bde69cffde8e2a3389eb8e62464191a18c5
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c1e4799adb384e0aea45c763b4a4bad9f5153cf98feddf9cfeec216284f18e6f
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
ce14b86c5ef800db9ba822a0788fdb73a42727c8c76521c5ad554c54571f00fc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76c0894b38b8f9a51e4a60ec63a50a50ddabf010631db3261d6b8c0ed92a35b
f286d4e08d0846cdcfb20df5ced0636e666f9d51823a43086b24b4efbf814dd5
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149