spark.appc02.com Open in urlscan Pro
122.228.7.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ugc-test.scandown.com/t3ke
Effective URL:
https://spark.appc02.com/t3ke
Submission: On May 19 via api (May 19th 2023, 7:38:33 am UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 16 domains to perform 87 HTTP transactions. The main IP is 122.228.7.223, located in and belongs to . The main domain is spark.appc02.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 9th 2023. Valid for: 3 months.

This is the only time spark.appc02.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	163.181.56.161 163.181.56.161	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
18	122.228.7.229 122.228.7.229	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	101.33.11.88 101.33.11.88	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	240e:96c:1100... 240e:96c:1100:5a01:3::3e6	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	122.228.223.154 122.228.223.154	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
6	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	122.228.7.223 122.228.7.223	() ()
2	122.228.223.187 122.228.223.187	() ()
87	21

1 163.181.56.161 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

ugc-test.scandown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 122.228.7.229 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

ali-static.firim.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 101.33.11.88 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

res.wx.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:96c:1100:5a01:3::3e6 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

dn-firweb.qbox.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 122.228.223.154 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

download.appmeta.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.228.7.223 (None, )

ASN- ()

spark.appc02.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 122.228.223.187 (None, )

ASN- ()

ali-fir-pro-icon.firim.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	firim.ink ali-static.firim.ink ali-fir-pro-icon.firim.ink	555 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	407 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3686 adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	3 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	10 KB
4	appmeta.cn download.appmeta.cn	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	41 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6080 adservice.google.de — Cisco Umbrella Rank: 9037	1 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8752	23 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	250 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	923 B
2	qbox.me dn-firweb.qbox.me	23 KB
2	qq.com res.wx.qq.com — Cisco Umbrella Rank: 10699	9 KB
1	appc02.com spark.appc02.com	48 KB
1	scandown.com ugc-test.scandown.com	48 KB
0	fir.im Failed ga.fir.im Failed
0	sohu.com Failed pv.sohu.com Failed
87	16

	Domain	Requested by
18	ali-static.firim.ink	ugc-test.scandown.com spark.appc02.com
13	pagead2.googlesyndication.com	ugc-test.scandown.com pagead2.googlesyndication.com tpc.googlesyndication.com spark.appc02.com
6	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	download.appmeta.cn	ali-static.firim.ink
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	region1.analytics.google.com	www.googletagmanager.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	hm.baidu.com	ugc-test.scandown.com spark.appc02.com
4	www.googletagmanager.com	ugc-test.scandown.com www.googletagmanager.com spark.appc02.com
2	ali-fir-pro-icon.firim.ink
2	www.google.com	tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google.de	ugc-test.scandown.com spark.appc02.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	dn-firweb.qbox.me	ugc-test.scandown.com spark.appc02.com
2	res.wx.qq.com	ugc-test.scandown.com spark.appc02.com
1	spark.appc02.com	ali-static.firim.ink
1	ugc-test.scandown.com
0	ga.fir.im Failed	spark.appc02.com
0	pv.sohu.com Failed	ugc-test.scandown.com spark.appc02.com
87	22

This site contains no links.

Subject Issuer	Validity	Valid
*.scandown.com ZeroSSL RSA Domain Secure Site CA	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.firim.ink ZeroSSL RSA Domain Secure Site CA	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
weixin.qq.com DigiCert Secure Site CN CA G3	`2022-07-05` - `2023-08-05`	a year	crt.sh
*.qbox.me GeoTrust RSA CN CA G2	`2022-07-07` - `2023-08-07`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
download.appmeta.cn TrustAsia RSA DV TLS CA G2	`2022-06-06` - `2023-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.appc02.com ZeroSSL RSA Domain Secure Site CA	`2023-05-09` - `2023-08-07`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://spark.appc02.com/t3ke
Frame ID: 7088A31F90AA43F1A2BB2342FDF42DFC
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: 4975DDFCC3BEF0478BE2B51E781C3F3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1012394556950347&output=html&adk=1812271804&adf=1573534164&lmt=1682664940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684481896757&bpp=4&bdt=2220&idt=620&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6056360456156&frm=20&pv=2&ga_vid=1168552515.1684481897&ga_sid=1684481897&ga_hid=1503752238&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31074718%2C44788442%2C44789923&oid=2&pvsid=4406030818214387&tmod=95941692&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=678
Frame ID: 40E044E8AF947CEED83701C478B29E1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 583E0BA8E009A9A14BF41EC40895231C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 42077F393D72148EA6274C8AA7CB7034
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: 0F180C0E7D5E72830EE7ED5577DBBE84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1012394556950347&output=html&adk=1812271804&adf=1573534164&lmt=1682664940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fspark.appc02.com%2Ft3ke&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684481903406&bpp=3&bdt=477&idt=259&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5349729834318&frm=20&pv=2&ga_vid=605726452.1684481903&ga_sid=1684481904&ga_hid=221211804&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44788441%2C44789779&oid=2&pvsid=42201670562559&tmod=1568380433&uas=0&nvt=1&ref=https%3A%2F%2Fugc-test.scandown.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343
Frame ID: 8DCDEB7DD88CAA557F113F89AED5F0CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 390D3381B05DF18E9A8CA7EADF346421
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 614756C99B4F1E01FAEDF42F502B588E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ugc-test.scandown.com/t3ke Page URL
https://spark.appc02.com/t3ke Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

87
Requests

92 %
HTTPS

65 %
IPv6

16
Domains

22
Subdomains

21
IPs

5
Countries

1425 kB
Transfer

3071 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ugc-test.scandown.com/t3ke Page URL
https://spark.appc02.com/t3ke Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK t3ke Show response
ugc-test.scandown.com/ 48 KB
48 KB 7298ms
6192ms Document
text/html 163.181.56.161
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://ugc-test.scandown.com/t3ke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.181.56.161 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 23e1b3166f80c4c508f58c7cf6c2b2d79e0bb906260405d97b2c6e35bdc032f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1684481894
Connection: keep-alive
Content-Length: 49048
Content-Type: text/html
Date: Fri, 19 May 2023 07:38:14 GMT
ETag: "644b6dec-bf98"
EagleId: 2ff62b1f16844818883193598e
Last-Modified: Fri, 28 Apr 2023 06:55:40 GMT
Server: Tengine
Timing-Allow-Origin: *
Via: cache6.l2de2[3074,3075,200-0,M], cache7.l2de2[3076,0], cache7.l2de2[3077,0], ens-cache2.de4[6171,6171,200-0,M], ens-cache7.de4[6174,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-CacheTime: 3600
X-Swift-SaveTime: Fri, 19 May 2023 07:38:14 GMT

GET
H2 200 57b46643.download.css
ali-static.firim.ink/assets/stylesheets/ 56 KB
10 KB 1707ms
275ms Stylesheet
text/css 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/assets/stylesheets/57b46643.download.css
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 87915a7a28c6d7c9af2f4553602b8a8e3d345b96884933b640c5502286088721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:05:10 GMT
via: cache31.l2cn1823[78,78,304-0,M], cache42.l2cn1823[80,0], kunlun7.cn3468[0,0,200-0,H], kunlun5.cn3468[1,0]
content-encoding: gzip
x-oss-request-id: 64671FA5C39D6A3839698BD5
content-md5: MLoS3vaPWDl619+KO7KIww==
age: 1986
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:486395603
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:05:10 GMT
content-length: 9903
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:03 GMT
server: Tengine
etag: "30BA12DEF68F58397AD7DF8A3BB288C3"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479910
content-type: text/css; charset=utf-8
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 1237726653337068403
eagleid: 7ae4079916844818960977699e
x-oss-server-time: 16

GET
H2 200 236f1536.turnTable.css
ali-static.firim.ink/assets/stylesheets/ 14 KB
3 KB 1721ms
289ms Stylesheet
text/css 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/assets/stylesheets/236f1536.turnTable.css
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 631bab3984af245dddde5587ffc6d38cd95c97f765c98a3cb01f06838c28cde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:01:40 GMT
via: cache33.l2cn1823[67,67,304-0,M], cache6.l2cn1823[69,0], kunlun7.cn3468[0,0,200-0,H], kunlun5.cn3468[1,0]
content-encoding: gzip
x-oss-request-id: 64671ED4C172C936361AACC2
content-md5: VTPRf9Z4hbc9BaRcLW4+5g==
age: 2196
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:11:465654091
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:01:40 GMT
content-length: 2936
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:02 GMT
server: Tengine
etag: "5533D17FD67885B73D05A45C2D6E3EE6"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479700
content-type: text/css; charset=utf-8
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 969640573744872389
eagleid: 7ae4079916844818960977700e
x-oss-server-time: 3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 211ms
90ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1012394556950347

Requested by

Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e85f242a587df87a657b820620f437d9f9c6e94d2467df54d89b85ae9696642d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ugc-test.scandown.com/
Origin: https://ugc-test.scandown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47339
x-xss-protection: 0
server: cafe
etag: 11563284881999448322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:38:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 183ms
62ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV

Requested by

Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

592918e9ee157c8f0958b654234e2ff645b6704ca8bef98870b6bf1b41e8664e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 07:38:16 GMT

GET
H2 200 download_pattern_left.png
ali-static.firim.ink/images/ 29 KB
29 KB 513ms
495ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/download_pattern_left.png
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6c5bdae08256c1ed2d3642b799089b3fe34dc8f023f8a7305ac951d4eddb658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:51:52 GMT
via: cache59.l2cn1816[0,0,304-0,H], cache42.l2cn1816[1,0], kunlun9.cn3468[0,0,200-0,H], kunlun5.cn3468[2,0]
x-oss-request-id: 64671C88E8996430361463DA
content-md5: yb/prnjbmScA+igt+ahUgQ==
age: 2784
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:1345266082
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 06:54:22 GMT
content-length: 29497
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:18 GMT
server: Tengine
etag: "C9BFE9AE78DB992700FA282DF9A85481"
ali-swift-global-savetime: 1684479112
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 643181593274405500
eagleid: 7ae4079916844818966168466e
x-oss-server-time: 31

GET
H2 200 download_pattern_right.png
ali-static.firim.ink/images/ 30 KB
31 KB 550ms
532ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/download_pattern_right.png
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: c4efb350d2f5dfc1365beb221c4cf8416996cd00b201f3d0220a609bb2530be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:50:35 GMT
via: cache30.l2cn1816[0,0,304-0,H], cache13.l2cn1816[1,0], kunlun8.cn3468[0,0,200-0,H], kunlun5.cn3468[3,0]
x-oss-request-id: 64671C3B0C2315363269F233
content-md5: X7ix2zRjcbXwEoU5Brl35A==
age: 2861
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:175148827
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 06:50:59 GMT
content-length: 31022
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:18 GMT
server: Tengine
etag: "5FB8B1DB346371B5F012853906B977E4"
ali-swift-global-savetime: 1684479035
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 8217470047730058548
eagleid: 7ae4079916844818966168469e
x-oss-server-time: 22

GET
H2 200 qrcode.js Show response
ali-static.firim.ink/lib/ 20 KB
7 KB 257ms
257ms Script
application/javascript 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/lib/qrcode.js
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: f4189344acbcf118820e0160b785c36616ecf61865baa54113041b781eee04f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:01:23 GMT
via: cache24.l2cn1823[63,63,304-0,M], cache8.l2cn1823[64,0], kunlun1.cn3468[0,-1,200-0,H], kunlun5.cn3468[4,0]
content-encoding: gzip
x-oss-request-id: 64671EC3E899643133CA72EA
content-md5: PsnnB3IHZWfv4wOK+sHW7w==
age: 2213
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:791616623
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:01:23 GMT
content-length: 7046
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:24 GMT
server: Tengine
etag: "3EC9E70772076567EFE3038AFAC1D6EF"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479683
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 15482610862001169273
eagleid: 7ae4079916844818963918094e
x-oss-server-time: 8

GET
H2 200 markup.js Show response
ali-static.firim.ink/lib/ 5 KB
2 KB 236ms
226ms Script
application/javascript 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/lib/markup.js
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 44f7d5529261cb6d28279ccfe99e2b10785b347b2f08d4f788218c8a3eb1c9d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:01:23 GMT
via: cache16.l2cn1823[70,69,304-0,M], cache36.l2cn1823[71,0], kunlun7.cn3468[0,0,200-0,H], kunlun5.cn3468[1,0]
content-encoding: gzip
x-oss-request-id: 64671EC35FCE0B3032CE66F7
content-md5: 6Q8I0ADoeT9NdlcEl9YRmg==
age: 2213
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:9:653349914
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:01:23 GMT
content-length: 2012
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:24 GMT
server: Tengine
etag: "E90F08D000E8793F4D76570497D6119A"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479683
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 14797096622991097543
eagleid: 7ae4079916844818965628362e
x-oss-server-time: 2

GET
H/1.1 200
OK jweixin-1.2.0.js Show response
res.wx.qq.com/open/js/ 11 KB
4 KB 2120ms
13ms Script
application/x-javascript 101.33.11.88
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://res.wx.qq.com/open/js/jweixin-1.2.0.js
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWS_SSD_MID /
Resource Hash: f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:15:39 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster
Connection: keep-alive
X-Verify-Code: bc6b965a9c564f77a4a6288b337bdc13
Content-Length: 3818
Last-Modified: Sun, 14 May 2023 23:10:00 GMT
Server: NWS_SSD_MID
Vary: Origin
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://open.weixin.qq.com
Cache-Control: max-age=31536000
X-Daa-Tunnel: hop_count=1
X-NWS-LOG-UUID: 13792948422841536719
Accept-Ranges: bytes
Expires: Mon, 13 May 2024 23:15:39 GMT

GET
H2 200 fd4630b3.download.js Show response
ali-static.firim.ink/assets/javascripts/ 149 KB
53 KB 306ms
281ms Script
application/javascript 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/assets/javascripts/fd4630b3.download.js
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 06bede5781863c26b35056fc2dd76c78820384adfdda5e0a618d28e4b44aa536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:28 GMT
via: cache50.l2cn1823[99,99,304-0,M], cache17.l2cn1823[101,0], kunlun9.cn3468[0,0,200-0,H], kunlun5.cn3468[2,0]
content-encoding: gzip
x-oss-request-id: 6467206C823A7931380C7417
content-md5: /UYws9YMyDAlDkdLZrUL/g==
age: 1787
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:11:1496744234
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:08:29 GMT
content-length: 53927
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:02 GMT
server: Tengine
etag: "FD4630B3D60CC830250E474B66B50BFE"
vary: Accept-Encoding
ali-swift-global-savetime: 1684480109
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 14728407688397251979
eagleid: 7ae4079916844818966168464e
x-oss-server-time: 16

GET
H2 200 analytics.js Show response
dn-firweb.qbox.me/ 25 KB
12 KB 834ms
231ms Script
text/javascript 240e:96c:1100:5a01:3::3e6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://dn-firweb.qbox.me/analytics.js
Requested by: Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:96c:1100:5a01:3::3e6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 72ee717857b92f6ac3313a97ad58b9d2275973aa426e18175d3dc401ae85d1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-log: X-Log
date: Thu, 18 May 2023 12:07:08 GMT
via: cache69.l2cn3047[0,0,304-0,H], cache65.l2cn3047[1,0], vcache8.cn3775[0,0,200-0,H], vcache9.cn3775[0,0]
content-encoding: gzip
x-svr: IO
x-reqid: Z9gAAAAGGohzO2AX
age: 70269
x-swift-cachetime: 86241
x-bill: Tbl:firweb;FileType:0
x-cache: HIT TCP_MEM_HIT dirn:9:331665469
content-transfer-encoding: binary
content-disposition: inline; filename="analytics.js"; filename*=utf-8''analytics.js
x-swift-savetime: Thu, 18 May 2023 12:09:47 GMT
content-length: 11257
last-modified: Mon, 12 Jan 2015 10:56:11 GMT
server: Tengine
etag: "Fu7hAxCBtOL0Vz-9TYcIpz7MqwZh.gz"
access-control-max-age: 2592000
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
ali-swift-global-savetime: 1684411628
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=2592000
accept-ranges: bytes
x-qiniu-zone: 0
timing-allow-origin: *
eagleid: 65e21a9d16844818972051330e

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1664ms
342ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?11417a0de2093ccfc6a808f3fbf8113a

Requested by

Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

c12f0042b9c78f74314e8b7b246bef442cbeae0c30cb98790ea9653e357b3a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:38:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: ec7293178b650977ec9ffbd63095632a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 458ms
113ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1012394556950347&plah=ugc-test.scandown.com&bust=31074718

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1012394556950347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f87a8412771bd57a8b735ac9327ab94f12e4ea5073c93b83ffd2b41474849b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 935950605567822539
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:38:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 4975 10 KB
5 KB 137ms
46ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1012394556950347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ugc-test.scandown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 21:48:13 GMT
etag: 15057649708203361565
expires: Thu, 01 Jun 2023 21:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 59ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-229768408-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6a552046f0d354395864471fb51d3fe7245a5c6d5aefccab0a6641a2ea701cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46631
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 07:38:16 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 72ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3EMB6JL0XV&gtm=45je35h0&_p=1503752238&_gaz=1&cid=1168552515.1684481897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684481896&sct=1&seg=0&dl=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ugc-test.scandown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 72ms
23ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3EMB6JL0XV&cid=1168552515.1684481897&gtm=45je35h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ugc-test.scandown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 165ms
77ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3EMB6JL0XV&cid=1168552515.1684481897&gtm=45je35h0&aip=1&z=1154868401

Requested by

Host: ugc-test.scandown.com
URL: https://ugc-test.scandown.com/t3ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 145ms
41ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-229768408-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 07:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 09:05:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 51ms
42ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1503752238&t=pageview&_s=1&dl=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1102457997&gjid=302075806&cid=1168552515.1684481897&tid=UA-229768408-1&_gid=380266583.1684481897&_r=1&gtm=457e35h0&jsscut=1&z=1301196461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ugc-test.scandown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ugc-test.scandown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 260ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ugc-test.scandown.com&callback=_gfp_s_&client=ca-pub-1012394556950347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1012394556950347&plah=ugc-test.scandown.com&bust=31074718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3de19b25006c954fa8f520a5276fb1981f56f62e4f006822e8c7a8b8db0f7940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 246ms
51ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ugc-test.scandown.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 245ms
52ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ugc-test.scandown.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40E0 603 B
218 B 104ms
79ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1012394556950347&output=html&adk=1812271804&adf=1573534164&lmt=1682664940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684481896757&bpp=4&bdt=2220&idt=620&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6056360456156&frm=20&pv=2&ga_vid=1168552515.1684481897&ga_sid=1684481897&ga_hid=1503752238&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31074718%2C44788442%2C44789923&oid=2&pvsid=4406030818214387&tmod=95941692&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=678

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ugc-test.scandown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:38:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET cityjson
pv.sohu.com/ 0
0

OPTIONS
H/1.1 200
OK t3ke
download.appmeta.cn/ Frame 0
0 1833ms
329ms Preflight
text/plain 122.228.223.154
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.appmeta.cn/t3ke?referer=ugc-test.scandown.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.223.154 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-token,download-token,passwd
Access-Control-Request-Method: GET
Origin: https://ugc-test.scandown.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-token,download-token,passwd
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Access-Control-Allow-Origin: https://ugc-test.scandown.com
Access-Control-Expose-Headers: Link, X-Records
Access-Control-Max-Age: 1728000
Ali-Swift-Global-Savetime: 1684481900
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/plain
Date: Fri, 19 May 2023 07:38:20 GMT
EagleId: 7ae4df1716844819002625293e
RemotePort: 36598
Server: Tengine
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: cache59.l2cn1816[58,57,200-0,M], cache59.l2cn1816[59,0], kunlun3.cn5212[76,76,200-0,M], kunlun3.cn5212[78,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Request-Id: fe89d94c-5bd6-4d65-abe9-791d653948e5
X-Runtime: 0.001268
X-Swift-CacheTime: 0
X-Swift-SaveTime: Fri, 19 May 2023 07:38:20 GMT

GET
H/1.1 200
OK t3ke
download.appmeta.cn/ 2 KB
3 KB 360ms
346ms XHR
application/json 122.228.223.154
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.appmeta.cn/t3ke?referer=ugc-test.scandown.com

Requested by

Host: ali-static.firim.ink
URL: https://ali-static.firim.ink/assets/javascripts/fd4630b3.download.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

122.228.223.154 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ugc-test.scandown.com/
Passwd
accept-language: de-DE,de;q=0.9
Access-Token
Download-Token
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:38:20 GMT
Via: cache52.l2cn1816[76,75,200-0,M], cache1.l2cn1816[77,0], kunlun18.cn5212[97,97,200-0,M], kunlun3.cn5212[99,0]
X-Content-Type-Options: nosniff
X-Swift-CacheTime: 0
RemotePort: 3458
Transfer-Encoding: chunked
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Fri, 19 May 2023 07:38:20 GMT
X-XSS-Protection: 1; mode=block
X-Request-Id: 00e72317-b784-4b83-8674-fae2095f1d30
X-Runtime: 0.006947
Server: Tengine
ETag: W/"11edf20cadb7557bae0211091c72f05c"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ugc-test.scandown.com
Ali-Swift-Global-Savetime: 1684481900
Access-Control-Expose-Headers: Link, X-Records
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Timing-Allow-Origin: *
Vary: Origin
EagleId: 7ae4df1716844819006225606e

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 95ms
94ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88b164644c62347067919e482105ab990806392765a7a7a57aec07f1f0ea160f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11295
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 215ms
51ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 May 2023 07:38:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 583E 13 KB
5 KB 55ms
44ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ugc-test.scandown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:03 GMT
expires: Sat, 18 May 2024 07:08:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4207 783 B
1 KB 145ms
47ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3aab8d3ad2af513f4aa67607550212768afee56601d22e0a6115406f92094916

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OY1yUmLrCyZctDqYEYgUlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ugc-test.scandown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-OY1yUmLrCyZctDqYEYgUlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:38:19 GMT
expires: Fri, 19 May 2023 07:38:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 583E 37 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 16:03:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4207 0
0 118ms
75ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=4406030818214387&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 583E 0
10 B 51ms
39ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J-qpIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=4406030818214387&bg=!AAOlA1fNAAYldGN0BXQ7ADkAdvg8Wkoc3ybm-OxiOKNqzUjOChsz8iARCDOars9Tdk3qYz0LIzpRLELNuv4vWt6rbdW_FDLC7isCAAAAslIAAAAEaAEHCgBfbs-evaTZzc4aOBE_wJQePYMtomW5AVZwGtSiCpMaXfY4r5Q0aCuZVt1OYAYmRBDDtPNaTPiXrtm6DQ2INWXYigYUVyO99XvAigIBvD7zxaVrxmp6Jt_PpDUv0T4PyJ-ZArFy1tEdvNu_uTNrRh6SrIudvVZyN3EFfqdAJTt5A66dnxch2LJm-5_JgaRsjTVClwU0vghrvsxDY7uiTPdjWTLVv2CB5-k7lKb8x1r2iAKLG9ZDw-mDDI40zPc8a0MAe-jwMGXiOf9WZp-vz0YHsy00Ay5QiyUiEYZ0F6lC13tAKvP8D4ZP7RoxjKX3F8gt_wbnV7p_-UxuU9x6BOHG9WjnXJhbfb13hQ--_PCuV6jVn2mjgfKZrnQk2O_fw0lsUR8-DbtMICB9OPCuX0lQZfSjYbkF4QtHR1wM1KJ-Q2WDYuiYLMs42UoL_a-sua7Yxz3XVdp88R0Incv2tIPxUhYA05WZIfCzgfOXi14T_lawXl8idAZD-yu4j_IDC3y8o_ahallKKzFvU-ybvbO-xcThjREsfQ0RYeX1aNa3oriXbKz5E5HRU2J2SStW1c0Weu3vnZfBRL-nDdCK1upZZVyaKQahuDNnoOmEz17G25KwfA_8ekgZbof-9-e97FPt9AlMrXL2Gb-FyNXcAJBZqQ3pErdRHbczmklQmwLqwExRtlCsbsfBYdfvgznDnfz9643IG2boch7ksEKB-Yk5cYRQbpXWwB8a70hutA6j-H9yJfmBchMrJbgkDDePcMqYKLI2590Si6JNGtG2ZUn0PrcR3zWaGmfeD0LqkO3l7LahkLPoExLyzYijt6EyUBykW2WtcTceTFfdGVFepJ5QkOR-V6KTMecjaw6fq8JJZ7tuUKQOvm_CK2GgykuTT9OL52rglIts7WoP6QOVxLeJvudRpS9tqO0C5a2K1G2g3Zl_7y-MdS-UGLhg5QfyMG3cpDGFqiQBObF0umG_NDYkewpPj5seO_QQyM4UxnjlI2zRw8245xeG9RXVxnbGRd96mBzKn3_BP5-1iKB7XtPf7xUCRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 200
OK Primary Request t3ke Show response
spark.appc02.com/ 48 KB
48 KB 2039ms
275ms Document
text/html 122.228.7.223

General

Check archive.org

Show headers Download Go to

Full URL: https://spark.appc02.com/t3ke
Requested by: Host: ali-static.firim.ink
URL: https://ali-static.firim.ink/assets/javascripts/fd4630b3.download.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.223 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 23e1b3166f80c4c508f58c7cf6c2b2d79e0bb906260405d97b2c6e35bdc032f4

Request headers

Referer: https://ugc-test.scandown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 6
Ali-Swift-Global-Savetime: 1684481896
Connection: keep-alive
Content-Length: 49048
Content-Type: text/html
Date: Fri, 19 May 2023 07:38:16 GMT
ETag: "644b6dec-bf98"
EagleId: 7ae4079e16844819027463942e
Last-Modified: Fri, 28 Apr 2023 06:55:40 GMT
Server: Tengine
Timing-Allow-Origin: *
Via: cache58.l2cn1816[0,0,200-0,H], cache58.l2cn1816[1,0], kunlun4.cn3468[20,20,200-0,M], kunlun10.cn3468[22,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-CacheTime: 3600
X-Swift-SaveTime: Fri, 19 May 2023 07:38:22 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 54ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3EMB6JL0XV&gtm=45je35h0&_p=1503752238&cid=1168552515.1684481897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1684481896&sct=1&seg=0&dl=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&dt=&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ugc-test.scandown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 351ms
348ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1245441835&si=11417a0de2093ccfc6a808f3fbf8113a&su=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&v=1.3.0&cv=3*short*t3ke&lv=1&api=6_1&sn=35796&r=0&ww=1600&u=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:38:21 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
44ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1503752238&t=event&_s=2&dl=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=failureJumpToDomain&ea=failureJumpToDomain&el=failureJumpToDomain&ev=1&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1168552515.1684481897&tid=UA-229768408-1&_gid=380266583.1684481897&gtm=457e35h0&jsscut=1&z=1944454215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 04:52:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9922
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 babbbf3249bb857a504582057add28be8855c70e
ali-fir-pro-icon.firim.ink/ 10 KB
11 KB 1906ms
421ms Image
image/png 122.228.223.187

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-fir-pro-icon.firim.ink/babbbf3249bb857a504582057add28be8855c70e?auth_key=1684482190-0-0-3a39a818929f1ffbe4faaf7d0696654e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.223.187 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:22 GMT
via: cache38.l2cn1816[54,54,200-0,M], cache26.l2cn1816[55,0], kunlun7.cn5212[73,73,200-0,M], kunlun14.cn5212[75,0]
x-oss-request-id: 6467276E1812283835142E45
content-md5: sjRfuX8tVy7u/FWOSvrnMQ==
x-swift-cachetime: 1569
x-cache: MISS TCP_MISS dirn:-2:-2
x-oss-cdn-auth: success
content-disposition: attachment; filename* = UTF-8''blob
x-swift-savetime: Fri, 19 May 2023 07:38:22 GMT
content-length: 10680
x-oss-object-type: Normal
last-modified: Fri, 19 May 2023 03:16:48 GMT
server: Tengine
etag: "B2345FB97F2D572EEEFC558E4AFAE731"
ali-swift-global-savetime: 1684481902
content-type: image/png
cache-control: 86400
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 6785670126259873341
eagleid: 7ae4df2216844819026335082e
x-oss-server-time: 25

GET
H2 200 directjumpBlue.png
ali-static.firim.ink/images/turntable/ 127 KB
128 KB 243ms
239ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/turntable/directjumpBlue.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:58:12 GMT
via: cache36.l2cn1823[73,74,304-0,M], cache18.l2cn1823[75,0], kunlun7.cn3468[0,0,200-0,H], kunlun5.cn3468[1,0]
x-oss-request-id: 64671E040C23153830A1A340
content-md5: MtXgF5qbYJFYa6xEXmWP/A==
age: 2409
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:9:498541496
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 06:58:12 GMT
content-length: 130417
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:22 GMT
server: Tengine
etag: "32D5E0179A9B6091586BAC445E658FFC"
ali-swift-global-savetime: 1684479492
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 9165190677877348623
eagleid: 7ae4079916844819010356523e
x-oss-server-time: 6

GET
H2 200 middle-tip.png
ali-static.firim.ink/images/ 2 KB
3 KB 692ms
687ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/middle-tip.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ugc-test.scandown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:19:34 GMT
via: cache15.l2cn1823[0,0,304-0,H], cache34.l2cn1823[1,0], kunlun4.cn3468[0,0,200-0,H], kunlun5.cn3468[2,0]
x-oss-request-id: 64672306A0836D3230AC1AEF
content-md5: gC/c5K2uFsjky+z6pQ3Ryw==
age: 1127
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:1493352570
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:21:09 GMT
content-length: 2520
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:19 GMT
server: Tengine
etag: "802FDCE4ADAE16C8E4CBECFAA50DD1CB"
ali-swift-global-savetime: 1684480774
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17670227550039951875
eagleid: 7ae4079916844819010356525e
x-oss-server-time: 18

POST collect
region1.analytics.google.com/g/ 0
0

GET hm.gif
hm.baidu.com/ 0
0

GET
H2 200 57b46643.download.css
ali-static.firim.ink/assets/stylesheets/ 56 KB
10 KB 269ms
202ms Stylesheet
text/css 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/assets/stylesheets/57b46643.download.css
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 87915a7a28c6d7c9af2f4553602b8a8e3d345b96884933b640c5502286088721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:05:10 GMT
via: cache31.l2cn1823[78,78,304-0,M], cache42.l2cn1823[80,0], kunlun7.cn3468[0,0,200-0,H], kunlun5.cn3468[1,0]
content-encoding: gzip
x-oss-request-id: 64671FA5C39D6A3839698BD5
content-md5: MLoS3vaPWDl619+KO7KIww==
age: 1993
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:486395603
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:05:10 GMT
content-length: 9903
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:03 GMT
server: Tengine
etag: "30BA12DEF68F58397AD7DF8A3BB288C3"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479910
content-type: text/css; charset=utf-8
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 1237726653337068403
eagleid: 7ae4079916844819031011209e
x-oss-server-time: 16

GET
H2 200 236f1536.turnTable.css
ali-static.firim.ink/assets/stylesheets/ 14 KB
3 KB 273ms
206ms Stylesheet
text/css 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/assets/stylesheets/236f1536.turnTable.css
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 631bab3984af245dddde5587ffc6d38cd95c97f765c98a3cb01f06838c28cde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:01:40 GMT
via: cache33.l2cn1823[67,67,304-0,M], cache6.l2cn1823[69,0], kunlun7.cn3468[0,0,200-0,H], kunlun5.cn3468[2,0]
content-encoding: gzip
x-oss-request-id: 64671ED4C172C936361AACC2
content-md5: VTPRf9Z4hbc9BaRcLW4+5g==
age: 2203
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:11:465654091
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:01:40 GMT
content-length: 2936
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:02 GMT
server: Tengine
etag: "5533D17FD67885B73D05A45C2D6E3EE6"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479700
content-type: text/css; charset=utf-8
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 969640573744872389
eagleid: 7ae4079916844819031011210e
x-oss-server-time: 3

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
46 KB 130ms
90ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1012394556950347

Requested by

Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9846e03765e05438daa2515a7c4ce4783e77df6a49cc08f83d669bb9f5927f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spark.appc02.com/
Origin: https://spark.appc02.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47330
x-xss-protection: 0
server: cafe
etag: 8193895273942304040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:38:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 117ms
78ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV

Requested by

Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10290080c8c0092d0b9fdf962a2e25a0d9df6c135356bfb3048939d64dd90828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 May 2023 07:38:23 GMT

GET
H2 200 download_pattern_left.png
ali-static.firim.ink/images/ 29 KB
29 KB 301ms
275ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/download_pattern_left.png
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6c5bdae08256c1ed2d3642b799089b3fe34dc8f023f8a7305ac951d4eddb658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:51:52 GMT
via: cache59.l2cn1816[0,0,304-0,H], cache42.l2cn1816[1,0], kunlun9.cn3468[0,0,200-0,H], kunlun5.cn3468[2,0]
x-oss-request-id: 64671C88E8996430361463DA
content-md5: yb/prnjbmScA+igt+ahUgQ==
age: 2791
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:1345266082
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 06:54:22 GMT
content-length: 29497
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:18 GMT
server: Tengine
etag: "C9BFE9AE78DB992700FA282DF9A85481"
ali-swift-global-savetime: 1684479112
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 643181593274405500
eagleid: 7ae4079916844819033931673e
x-oss-server-time: 31

GET
H2 200 download_pattern_right.png
ali-static.firim.ink/images/ 30 KB
31 KB 586ms
560ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/download_pattern_right.png
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: c4efb350d2f5dfc1365beb221c4cf8416996cd00b201f3d0220a609bb2530be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:50:35 GMT
via: cache30.l2cn1816[0,0,304-0,H], cache13.l2cn1816[1,0], kunlun8.cn3468[0,0,200-0,H], kunlun5.cn3468[3,0]
x-oss-request-id: 64671C3B0C2315363269F233
content-md5: X7ix2zRjcbXwEoU5Brl35A==
age: 2868
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:175148827
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 06:50:59 GMT
content-length: 31022
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:18 GMT
server: Tengine
etag: "5FB8B1DB346371B5F012853906B977E4"
ali-swift-global-savetime: 1684479035
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 8217470047730058548
eagleid: 7ae4079916844819033931676e
x-oss-server-time: 22

GET
H2 200 analytics.js Show response
dn-firweb.qbox.me/ 25 KB
11 KB 256ms
239ms Script
text/javascript 240e:96c:1100:5a01:3::3e6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://dn-firweb.qbox.me/analytics.js
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:96c:1100:5a01:3::3e6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 72ee717857b92f6ac3313a97ad58b9d2275973aa426e18175d3dc401ae85d1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-log: X-Log
date: Thu, 18 May 2023 12:07:08 GMT
via: cache69.l2cn3047[0,0,304-0,H], cache65.l2cn3047[1,0], vcache8.cn3775[0,0,200-0,H], vcache9.cn3775[1,0]
content-encoding: gzip
x-svr: IO
x-reqid: Z9gAAAAGGohzO2AX
age: 70275
x-swift-cachetime: 86241
x-bill: Tbl:firweb;FileType:0
x-cache: HIT TCP_MEM_HIT dirn:9:331665469
content-transfer-encoding: binary
content-disposition: inline; filename="analytics.js"; filename*=utf-8''analytics.js
x-swift-savetime: Thu, 18 May 2023 12:09:47 GMT
content-length: 11257
last-modified: Mon, 12 Jan 2015 10:56:11 GMT
server: Tengine
etag: "Fu7hAxCBtOL0Vz-9TYcIpz7MqwZh.gz"
access-control-max-age: 2592000
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
ali-swift-global-savetime: 1684411628
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=2592000
accept-ranges: bytes
x-qiniu-zone: 0
timing-allow-origin: *
eagleid: 65e21a9d16844819034898604e

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 347ms
343ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?11417a0de2093ccfc6a808f3fbf8113a

Requested by

Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

c12f0042b9c78f74314e8b7b246bef442cbeae0c30cb98790ea9653e357b3a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:38:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: ec7293178b650977ec9ffbd63095632a
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H2 200 qrcode.js Show response
ali-static.firim.ink/lib/ 20 KB
7 KB 468ms
461ms Script
application/javascript 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/lib/qrcode.js
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: f4189344acbcf118820e0160b785c36616ecf61865baa54113041b781eee04f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:01:23 GMT
via: cache24.l2cn1823[63,63,304-0,M], cache8.l2cn1823[64,0], kunlun1.cn3468[0,0,200-0,H], kunlun5.cn3468[2,0]
content-encoding: gzip
x-oss-request-id: 64671EC3E899643133CA72EA
content-md5: PsnnB3IHZWfv4wOK+sHW7w==
age: 2220
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:791616623
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:01:23 GMT
content-length: 7046
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:24 GMT
server: Tengine
etag: "3EC9E70772076567EFE3038AFAC1D6EF"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479683
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 15482610862001169273
eagleid: 7ae4079916844819034881845e
x-oss-server-time: 8

GET
H2 200 markup.js Show response
ali-static.firim.ink/lib/ 5 KB
2 KB 468ms
462ms Script
application/javascript 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/lib/markup.js
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 44f7d5529261cb6d28279ccfe99e2b10785b347b2f08d4f788218c8a3eb1c9d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:01:23 GMT
via: cache16.l2cn1823[70,69,304-0,M], cache36.l2cn1823[71,0], kunlun7.cn3468[0,0,200-0,H], kunlun5.cn3468[2,0]
content-encoding: gzip
x-oss-request-id: 64671EC35FCE0B3032CE66F7
content-md5: 6Q8I0ADoeT9NdlcEl9YRmg==
age: 2220
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:9:653349914
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:01:23 GMT
content-length: 2012
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:24 GMT
server: Tengine
etag: "E90F08D000E8793F4D76570497D6119A"
vary: Accept-Encoding
ali-swift-global-savetime: 1684479683
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 14797096622991097543
eagleid: 7ae4079916844819034881847e
x-oss-server-time: 2

GET
H/1.1 200
OK jweixin-1.2.0.js Show response
res.wx.qq.com/open/js/ 11 KB
4 KB 12ms
9ms Script
application/x-javascript 101.33.11.88
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://res.wx.qq.com/open/js/jweixin-1.2.0.js
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWS_SSD_MID /
Resource Hash: f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 14 May 2023 23:15:39 GMT
Content-Encoding: gzip
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster
Connection: keep-alive
X-Verify-Code: bc6b965a9c564f77a4a6288b337bdc13
Content-Length: 3818
Last-Modified: Sun, 14 May 2023 23:10:00 GMT
Server: NWS_SSD_MID
Vary: Origin
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://open.weixin.qq.com
Cache-Control: max-age=31536000
X-Daa-Tunnel: hop_count=1
X-NWS-LOG-UUID: 3183900131081179242
Accept-Ranges: bytes
Expires: Mon, 13 May 2024 23:15:39 GMT

GET
H2 200 fd4630b3.download.js Show response
ali-static.firim.ink/assets/javascripts/ 149 KB
53 KB 469ms
463ms Script
application/javascript 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ali-static.firim.ink/assets/javascripts/fd4630b3.download.js
Requested by: Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 06bede5781863c26b35056fc2dd76c78820384adfdda5e0a618d28e4b44aa536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:08:28 GMT
via: cache50.l2cn1823[99,99,304-0,M], cache17.l2cn1823[101,0], kunlun9.cn3468[0,0,200-0,H], kunlun5.cn3468[3,0]
content-encoding: gzip
x-oss-request-id: 6467206C823A7931380C7417
content-md5: /UYws9YMyDAlDkdLZrUL/g==
age: 1794
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:11:1496744234
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:08:29 GMT
content-length: 53927
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:02 GMT
server: Tengine
etag: "FD4630B3D60CC830250E474B66B50BFE"
vary: Accept-Encoding
ali-swift-global-savetime: 1684480109
content-type: application/javascript
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 14728407688397251979
eagleid: 7ae4079916844819034881848e
x-oss-server-time: 16

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/ 355 KB
120 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1012394556950347&plah=spark.appc02.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1012394556950347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd0ddcdb9c3a64bba2ded0a18cc987bc6d93f334e97dfb59474dd548e54f8259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122595
x-xss-protection: 0
server: cafe
etag: 16812954881666793610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 May 2023 07:38:23 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 0F18 10 KB
4 KB 41ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1012394556950347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spark.appc02.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 21:48:13 GMT
etag: 15057649708203361565
expires: Thu, 01 Jun 2023 21:48:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-229768408-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36f129d8f19afd7490b9d70289355a51686ac088653a8fc7d9d19bacd4a756d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46628
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 07:38:23 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 27ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3EMB6JL0XV&gtm=45je35h0&_p=221211804&_gaz=1&cid=605726452.1684481903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684481903&sct=1&seg=0&dl=https%3A%2F%2Fspark.appc02.com%2Ft3ke&dr=https%3A%2F%2Fugc-test.scandown.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://spark.appc02.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
72 B 24ms
22ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3EMB6JL0XV&cid=605726452.1684481903&gtm=45je35h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://spark.appc02.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
63ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3EMB6JL0XV&cid=605726452.1684481903&gtm=45je35h0&aip=1&z=1024000808

Requested by

Host: spark.appc02.com
URL: https://spark.appc02.com/t3ke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 51 KB
20 KB 79ms
47ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-229768408-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 07:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2003
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 09:05:00 GMT

GET collect
ga.fir.im/r/ 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
318 B 51ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=spark.appc02.com&callback=_gfp_s_&client=ca-pub-1012394556950347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1012394556950347&plah=spark.appc02.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb05f667c05632ce68ff90a8482bf17f07e8137401ec31f7b463da018e8222fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 87ms
53ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=spark.appc02.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 85ms
52ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=spark.appc02.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DCD 603 B
68 B 198ms
195ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1012394556950347&output=html&adk=1812271804&adf=1573534164&lmt=1682664940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fspark.appc02.com%2Ft3ke&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684481903406&bpp=3&bdt=477&idt=259&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5349729834318&frm=20&pv=2&ga_vid=605726452.1684481903&ga_sid=1684481904&ga_hid=221211804&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44788441%2C44789779&oid=2&pvsid=42201670562559&tmod=1568380433&uas=0&nvt=1&ref=https%3A%2F%2Fugc-test.scandown.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spark.appc02.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:38:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET cityjson
pv.sohu.com/ 0
0

OPTIONS
H/1.1 200
OK t3ke
download.appmeta.cn/ Frame 0
0 334ms
334ms Preflight
text/plain 122.228.223.154
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://download.appmeta.cn/t3ke?referer=spark.appc02.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.223.154 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-token,download-token,passwd
Access-Control-Request-Method: GET
Origin: https://spark.appc02.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-token,download-token,passwd
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Access-Control-Allow-Origin: https://spark.appc02.com
Access-Control-Expose-Headers: Link, X-Records
Access-Control-Max-Age: 1728000
Ali-Swift-Global-Savetime: 1684481904
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/plain
Date: Fri, 19 May 2023 07:38:24 GMT
EagleId: 7ae4df1716844819043171663e
RemotePort: 4516
Server: Tengine
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: cache13.l2cn1816[57,57,200-0,M], cache13.l2cn1816[58,0], kunlun3.cn5212[74,73,200-0,M], kunlun3.cn5212[76,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Request-Id: a4bb9974-55d4-46fe-b114-32ade295f7be
X-Runtime: 0.001055
X-Swift-CacheTime: 0
X-Swift-SaveTime: Fri, 19 May 2023 07:38:24 GMT

GET
H/1.1 200
OK t3ke Show response
download.appmeta.cn/ 2 KB
3 KB 340ms
332ms XHR
application/json 122.228.223.154
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.appmeta.cn/t3ke?referer=spark.appc02.com

Requested by

Host: ali-static.firim.ink
URL: https://ali-static.firim.ink/assets/javascripts/fd4630b3.download.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

122.228.223.154 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),

Reverse DNS

Software

Tengine /

Resource Hash

c313cdb12b9ec746fa31e2cbf2d30acf21b06160761834ddf439145b4e1d0ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://spark.appc02.com/
Passwd
accept-language: de-DE,de;q=0.9
Access-Token
Download-Token
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 07:38:24 GMT
Via: cache22.l2cn1816[63,63,200-0,M], cache4.l2cn1816[63,0], kunlun2.cn5212[81,80,200-0,M], kunlun3.cn5212[82,0]
X-Content-Type-Options: nosniff
X-Swift-CacheTime: 0
RemotePort: 43362
Transfer-Encoding: chunked
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Fri, 19 May 2023 07:38:24 GMT
X-XSS-Protection: 1; mode=block
X-Request-Id: b9b80334-b9cb-44fd-a81d-eda12244f2b2
X-Runtime: 0.007125
Server: Tengine
ETag: W/"11edf20cadb7557bae0211091c72f05c"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://spark.appc02.com
Ali-Swift-Global-Savetime: 1684481904
Access-Control-Expose-Headers: Link, X-Records
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
X-Frame-Options: SAMEORIGIN
Timing-Allow-Origin: *
Vary: Origin
EagleId: 7ae4df1716844819046622166e

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 95ms
95ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230515&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db5ed57e0374cd39d1ac4b5f0a04649c8fa7f659f703d33cf9aff4d22bedac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11211
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 May 2023 07:38:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 390D 13 KB
5 KB 46ms
41ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://spark.appc02.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:08:03 GMT
expires: Sat, 18 May 2024 07:08:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6147 783 B
765 B 63ms
55ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c49fea1a25caa950297b87069ea16387b2b3e16da780c46b97ac0d714e460ea5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dSsB0WfhHkNbkDhdqNMJ7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spark.appc02.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-dSsB0WfhHkNbkDhdqNMJ7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 07:38:24 GMT
expires: Fri, 19 May 2023 07:38:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6147 0
0 86ms
85ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230515&jk=42201670562559&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js Show response
pagead2.googlesyndication.com/bg/ Frame 390D 37 KB
14 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 16:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 May 2024 16:03:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 390D 0
10 B 92ms
90ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Kd5v-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 32ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3EMB6JL0XV&gtm=45je35h0&_p=221211804&cid=605726452.1684481903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1684481903&sct=1&seg=0&dl=https%3A%2F%2Fspark.appc02.com%2Ft3ke&dr=https%3A%2F%2Fugc-test.scandown.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EMB6JL0XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://spark.appc02.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 345ms
344ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=375289106&si=11417a0de2093ccfc6a808f3fbf8113a&su=https%3A%2F%2Fspark.appc02.com%2Ft3ke&v=1.3.0&cv=3*short*t3ke&lv=1&api=6_1&sn=35800&r=0&ww=1600&u=https%3A%2F%2Fspark.appc02.com%2Ft3ke

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 May 2023 07:38:25 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET collect
ga.fir.im/ 0
0

GET
H2 200 babbbf3249bb857a504582057add28be8855c70e
ali-fir-pro-icon.firim.ink/ 10 KB
11 KB 229ms
228ms Image
image/png 122.228.223.187

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-fir-pro-icon.firim.ink/babbbf3249bb857a504582057add28be8855c70e?auth_key=1684482190-0-0-3a39a818929f1ffbe4faaf7d0696654e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.223.187 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: a1bea7df0b8d8b08f4a4c9e60ea53846074327a94bebc981d303cebdb47d0701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:38:22 GMT
via: cache38.l2cn1816[54,54,200-0,M], cache26.l2cn1816[55,0], kunlun7.cn5212[0,0,200-0,H], kunlun14.cn5212[1,0]
x-oss-request-id: 6467276E1812283835142E45
content-md5: sjRfuX8tVy7u/FWOSvrnMQ==
age: 3
x-swift-cachetime: 1569
x-cache: HIT TCP_MEM_HIT dirn:10:187850834
x-oss-cdn-auth: success
content-disposition: attachment; filename* = UTF-8''blob
x-swift-savetime: Fri, 19 May 2023 07:38:22 GMT
content-length: 10680
x-oss-object-type: Normal
last-modified: Fri, 19 May 2023 03:16:48 GMT
server: Tengine
etag: "B2345FB97F2D572EEEFC558E4AFAE731"
ali-swift-global-savetime: 1684481902
content-type: image/png
cache-control: 86400
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 6785670126259873341
eagleid: 7ae4df2216844819050247795e
x-oss-server-time: 25

GET
H2 200 directjumpBlue.png
ali-static.firim.ink/images/turntable/ 127 KB
128 KB 338ms
337ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/turntable/directjumpBlue.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: e0dc8f09121b11e503c92f7ccc45270618f9864dcb24bb0f27554f2c3125294c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:58:12 GMT
via: cache36.l2cn1823[73,74,304-0,M], cache18.l2cn1823[75,0], kunlun7.cn3468[0,-1,200-0,H], kunlun5.cn3468[4,0]
x-oss-request-id: 64671E040C23153830A1A340
content-md5: MtXgF5qbYJFYa6xEXmWP/A==
age: 2413
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:9:498541496
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 06:58:12 GMT
content-length: 130417
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:22 GMT
server: Tengine
etag: "32D5E0179A9B6091586BAC445E658FFC"
ali-swift-global-savetime: 1684479492
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 9165190677877348623
eagleid: 7ae4079916844819050333958e
x-oss-server-time: 6

GET
H2 200 middle-tip.png
ali-static.firim.ink/images/ 2 KB
3 KB 257ms
256ms Image
image/png 122.228.7.229
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ali-static.firim.ink/images/middle-tip.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.7.229 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: e4e8386738c4e25a99f9db4d0d4fe0678729202ffb2aa6d9e4538e06e12c2eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:19:34 GMT
via: cache15.l2cn1823[0,0,304-0,H], cache34.l2cn1823[1,0], kunlun4.cn3468[0,0,200-0,H], kunlun5.cn3468[4,0]
x-oss-request-id: 64672306A0836D3230AC1AEF
content-md5: gC/c5K2uFsjky+z6pQ3Ryw==
age: 1131
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:10:1493352570
x-oss-cdn-auth: success
x-swift-savetime: Fri, 19 May 2023 07:21:09 GMT
content-length: 2520
x-oss-object-type: Normal
last-modified: Fri, 28 Apr 2023 06:54:19 GMT
server: Tengine
etag: "802FDCE4ADAE16C8E4CBECFAA50DD1CB"
ali-swift-global-savetime: 1684480774
content-type: image/png
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 17670227550039951875
eagleid: 7ae4079916844819050333961e
x-oss-server-time: 18

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-1012394556950347&su=spark.appc02.com&eid=44759875%2C44759926%2C44759842%2C42531705%2C44788441%2C44789779&doc=complete&pg_h=1200&pg_w=1600&pg_hs=1200&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 07:38:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230515&jk=42201670562559&bg=!PzylPGjNAAYldGN0BXQ7ADkAdvg8Wr_SoAuPaAhEULahqbMtKY7gAROMZb83bO2fve8qdPLbIkBkmQMIUdzk2L3b-3cg7Dm3qWkCAAAArlIAAAAEaAEHCgBigEWUfYao1rfjVcwb3HRRUhKDJAkqYlj8lwH0oWf3hsFU0NjXppNzys_NJrpevE3QWINBedm5jbGIu_v7IxW1zSQcDDn64vlIVKzk4rX6rRoIcFNi1Gx1nqBdQ8pHwzailTGZAphT0a9lqj_Y9hzAv9OjKMzTyWZJygxfmcYRMg2EZ97W7bZ1zP6uA2t2YvVYp6GMoX7jVvRvAY2X1ROqzwYZikTNlyfwN4yvGF0HTOTPDbSO2kIrPX1GalLo-AkwbjZKqGhxdycPmLhCGyscT5VfoEZDMkxY3WZx0_I7Q9xIMQJf72H4SaVMDpSG6iOUeTTM_Lvhc9XjJz-5ZZRR3xgT1LisLCyDuC9fRIT_uz3Bhdf2cj_ZCtop2gNKr8eQ64g4cq1xC3YofeUzTzp2LOzs28IPOPLspPnm0k14u6or3V4IOiFYLk3KT6inpRJBTn8rhCwHhJPXLOmco_xXTBTxKjmxxzOuuahNm0FJLEo031Zp6Du-_PxwUdkvVrJpSvsfXGPNgpT-YlxQsRU2QnrT_6W373t3KwaCBCr9ooCduYjcpzQfvRrUwJWyLjgQBUrITRFhiA1YsfzzqdJl1MOz7bLZDduTk2P4fRodjMFN3LHCCAwdchc7FVRvIY3PvCzzV8VLiLFVMTHgYrsDAIoffCy90FYcHSRjUC11jCKHs5GC0P7mneVRKxRn_iqAIs15bmTsdeIkWyzAufA4wbmxgCW-Q4OVfNPkb9CXcJuD5wx0U6Xu_Y3gIsnx8b8sdaisg-qDH5tjgzGlYV_g3kDhAw8dBmPENhY-fPZYHph-cG7E1ziFds_nuuUKga_HEvzCrkXfCz0-xtMI3nU0kgNr_DnETF3shIZq2C_5TDOr4L6ZoWNs5ekESKK4a1JOa-3aQ52VURiYC804hpmLDZ61xkCID3AqY0AO3xjBNXb1UwBfAJL6ny75pPU9gjGIaWWWOrRn_bgCgoj-3vD0CGKtpBTmqi54E6yfv0XzsFOdNio8G8panP-Qu1Eb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spark.appc02.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pv.sohu.com
URL: http://pv.sohu.com/cityjson?ie=utf-8

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3EMB6JL0XV&gtm=45je35h0&_p=1503752238&cid=1168552515.1684481897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1684481896&sct=1&seg=0&dl=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&dt=&_s=3

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?hca=3F7EB05C972FF216&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=4288%2C4287&et=3&ja=0&ln=en-us&lo=0&rnd=290285631&si=11417a0de2093ccfc6a808f3fbf8113a&su=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&v=1.3.0&cv=3*short*t3ke&lv=1&sn=35796&r=0&ww=1600&u=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke

Domain: ga.fir.im
URL: https://ga.fir.im/r/collect?v=1&_v=j31&a=221211804&t=pageview&_s=1&dl=https%3A%2F%2Fspark.appc02.com%2Ft3ke&dr=https%3A%2F%2Fugc-test.scandown.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=cACAAUQBI~&jid=1365805439&cid=605726452.1684481903&tid=UA-229768408-1&_r=1&gtm=457e35h0&jsscut=1&z=550696835

Domain: pv.sohu.com
URL: http://pv.sohu.com/cityjson?ie=utf-8

Domain: ga.fir.im
URL: https://ga.fir.im/collect?v=1&_v=j31&a=221211804&t=event&_s=2&dl=https%3A%2F%2Fspark.appc02.com%2Ft3ke&dr=https%3A%2F%2Fugc-test.scandown.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=failureJumpToDomain&ea=failureJumpToDomain&el=failureJumpToDomain&ev=1&_u=eACAAUQFI~&jid=&cid=605726452.1684481903&tid=UA-229768408-1&gtm=457e35h0&jsscut=1&z=797508502

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scandown.com/	1970-01-20 21:30:41	Name: _ga Value: GA1.2.1168552515.1684481897
.scandown.com/	1970-01-20 11:56:08	Name: _gid Value: GA1.2.380266583.1684481897
.scandown.com/	1970-01-20 11:54:41	Name: _gat_gtag_UA_229768408_1 Value: 1
.scandown.com/	1970-01-20 21:16:17	Name: __gads Value: ID=89757ac1a4392b48-224f5dcbd9dd0099:T=1684481897:RT=1684481897:S=ALNI_MYm7OIUVmJ1_CBWUpaYteHVNwaM4A
.scandown.com/	1970-01-20 21:16:17	Name: __gpi Value: UID=00000c1868e968fc:T=1684481897:RT=1684481897:S=ALNI_MZvVoRCbGF6T-vFZTsYq0vLrIA_gg
.doubleclick.net/	1970-01-20 11:54:42	Name: test_cookie Value: CheckForPermission
.hm.baidu.com/	1970-01-20 21:30:41	Name: HMACCOUNT_BFESS Value: 3F7EB05C972FF216
.ugc-test.scandown.com/	1970-01-20 20:40:17	Name: Hm_lvt_11417a0de2093ccfc6a808f3fbf8113a Value: 1684481899
.ugc-test.scandown.com/	1969-12-31 23:59:59	Name: Hm_lpvt_11417a0de2093ccfc6a808f3fbf8113a Value: 1684481899
.scandown.com/	1970-01-20 21:30:41	Name: _ga_3EMB6JL0XV Value: GS1.1.1684481896.1.0.1684481902.54.0.0
.appc02.com/	1970-01-20 21:30:41	Name: _ga Value: GA1.1.605726452.1684481903
.appc02.com/	1970-01-20 21:30:41	Name: _ga_3EMB6JL0XV Value: GS1.1.1684481903.1.0.1684481903.60.0.0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1012394556950347&output=html&adk=1812271804&adf=1573534164&lmt=1682664940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fugc-test.scandown.com%2Ft3ke&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684481896757&bpp=4&bdt=2220&idt=620&shv=r20230515&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6056360456156&frm=20&pv=2&ga_vid=1168552515.1684481897&ga_sid=1684481897&ga_hid=1503752238&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31074718%2C44788442%2C44789923&oid=2&pvsid=4406030818214387&tmod=95941692&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=678 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://ugc-test.scandown.com/t3ke Message: Mixed Content: The page at 'https://ugc-test.scandown.com/t3ke' was loaded over HTTPS, but requested an insecure script 'http://pv.sohu.com/cityjson?ie=utf-8'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://ga.fir.im/r/collect?v=1&_v=j31&a=221211804&t=pageview&_s=1&dl=https%3A%2F%2Fspark.appc02.com%2Ft3ke&dr=https%3A%2F%2Fugc-test.scandown.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=cACAAUQBI~&jid=1365805439&cid=605726452.1684481903&tid=UA-229768408-1&_r=1&gtm=457e35h0&jsscut=1&z=550696835 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1012394556950347&output=html&adk=1812271804&adf=1573534164&lmt=1682664940&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fspark.appc02.com%2Ft3ke&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684481903406&bpp=3&bdt=477&idt=259&shv=r20230515&mjsv=m202305150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5349729834318&frm=20&pv=2&ga_vid=605726452.1684481903&ga_sid=1684481904&ga_hid=221211804&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44788441%2C44789779&oid=2&pvsid=42201670562559&tmod=1568380433&uas=0&nvt=1&ref=https%3A%2F%2Fugc-test.scandown.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://spark.appc02.com/t3ke Message: Mixed Content: The page at 'https://spark.appc02.com/t3ke' was loaded over HTTPS, but requested an insecure script 'http://pv.sohu.com/cityjson?ie=utf-8'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://ga.fir.im/collect?v=1&_v=j31&a=221211804&t=event&_s=2&dl=https%3A%2F%2Fspark.appc02.com%2Ft3ke&dr=https%3A%2F%2Fugc-test.scandown.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=failureJumpToDomain&ea=failureJumpToDomain&el=failureJumpToDomain&ev=1&_u=eACAAUQFI~&jid=&cid=605726452.1684481903&tid=UA-229768408-1&gtm=457e35h0&jsscut=1&z=797508502 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ali-fir-pro-icon.firim.ink
ali-static.firim.ink
dn-firweb.qbox.me
download.appmeta.cn
ga.fir.im
googleads.g.doubleclick.net
hm.baidu.com
pagead2.googlesyndication.com
partner.googleadservices.com
pv.sohu.com
region1.analytics.google.com
res.wx.qq.com
spark.appc02.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ugc-test.scandown.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
ga.fir.im
hm.baidu.com
pv.sohu.com
region1.analytics.google.com
101.33.11.88
103.235.46.191
122.228.223.154
122.228.223.187
122.228.7.223
122.228.7.229
163.181.56.161
2001:4860:4802:32::36
240e:96c:1100:5a01:3::3e6
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c04::9d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
06bede5781863c26b35056fc2dd76c78820384adfdda5e0a618d28e4b44aa536
10290080c8c0092d0b9fdf962a2e25a0d9df6c135356bfb3048939d64dd90828
23e1b3166f80c4c508f58c7cf6c2b2d79e0bb906260405d97b2c6e35bdc032f4
36f129d8f19afd7490b9d70289355a51686ac088653a8fc7d9d19bacd4a756d3
3aab8d3ad2af513f4aa67607550212768afee56601d22e0a6115406f92094916
3de19b25006c954fa8f520a5276fb1981f56f62e4f006822e8c7a8b8db0f7940
3f9846e03765e05438daa2515a7c4ce4783e77df6a49cc08f83d669bb9f5927f
44f7d5529261cb6d28279ccfe99e2b10785b347b2f08d4f788218c8a3eb1c9d4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592918e9ee157c8f0958b654234e2ff645b6704ca8bef98870b6bf1b41e8664e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631bab3984af245dddde5587ffc6d38cd95c97f765c98a3cb01f06838c28cde7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5bdae08256c1ed2d3642b799089b3fe34dc8f023f8a7305ac951d4eddb658c
72ee717857b92f6ac3313a97ad58b9d2275973aa426e18175d3dc401ae85d1b0
7f87a8412771bd57a8b735ac9327ab94f12e4ea5073c93b83ffd2b41474849b5
87915a7a28c6d7c9af2f4553602b8a8e3d345b96884933b640c5502286088721
88b164644c62347067919e482105ab990806392765a7a7a57aec07f1f0ea160f
a1bea7df0b8d8b08f4a4c9e60ea53846074327a94bebc981d303cebdb47d0701
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
c12f0042b9c78f74314e8b7b246bef442cbeae0c30cb98790ea9653e357b3a2a
c313cdb12b9ec746fa31e2cbf2d30acf21b06160761834ddf439145b4e1d0ed4
c49fea1a25caa950297b87069ea16387b2b3e16da780c46b97ac0d714e460ea5
c4efb350d2f5dfc1365beb221c4cf8416996cd00b201f3d0220a609bb2530be2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db5ed57e0374cd39d1ac4b5f0a04649c8fa7f659f703d33cf9aff4d22bedac5d
dd0ddcdb9c3a64bba2ded0a18cc987bc6d93f334e97dfb59474dd548e54f8259
e0dc8f09121b11e503c92f7ccc45270618f9864dcb24bb0f27554f2c3125294c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e8386738c4e25a99f9db4d0d4fe0678729202ffb2aa6d9e4538e06e12c2eb0
e6a552046f0d354395864471fb51d3fe7245a5c6d5aefccab0a6641a2ea701cb
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e85f242a587df87a657b820620f437d9f9c6e94d2467df54d89b85ae9696642d
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4189344acbcf118820e0160b785c36616ecf61865baa54113041b781eee04f0
f46308ef482b00d82694640bfa978af8f128d45c57918783215d90997eb2553f
fb05f667c05632ce68ff90a8482bf17f07e8137401ec31f7b463da018e8222fd

spark.appc02.com Open in urlscan Pro 122.228.7.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

92 %HTTPS

65 %IPv6

16 Domains

22 Subdomains

21 IPs

5 Countries

1425 kBTransfer

3071 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

spark.appc02.com Open in urlscan Pro
122.228.7.223 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

92 %
HTTPS

65 %
IPv6

16
Domains

22
Subdomains

21
IPs

5
Countries

1425 kB
Transfer

3071 kB
Size

12
Cookies

87 HTTP transactions
0 data transactions