www.ickd.cn Open in urlscan Pro
2606:4700:3036::ac43:8afe Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ickd.cn/
Effective URL:
http://www.ickd.cn/
Submission: On October 04 via api (October 4th 2022, 9:43:22 am UTC) from IE — Scanned from DE

Summary HTTP 134 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 10 countries across 31 domains to perform 134 HTTP transactions. The main IP is 2606:4700:3036::ac43:8afe, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ickd.cn.

This is the only time www.ickd.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	101.35.123.11 101.35.123.11	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
10 21	2606:4700:303... 2606:4700:3036::ac43:8afe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.10.104.115 185.10.104.115	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
21	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	45.113.192.81 45.113.192.81	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2	2408:8710:20:... 2408:8710:20:118d:1::f4	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400a:808::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	58.254.150.48 58.254.150.48	136958 (UNICOM-GU...) (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network)
1	218.12.76.163 218.12.76.163	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	45.113.192.101 45.113.192.101	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	2a02:26f0:350... 2a02:26f0:3500:58b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
4 18	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2 2	18.197.134.247 18.197.134.247	16509 (AMAZON-02) (AMAZON-02)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	3.120.13.175 3.120.13.175	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.71.40 3.127.71.40	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:205... 2600:9000:2057:a400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	213.254.244.26 213.254.244.26	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
134	34

2 101.35.123.11 (China) 1 redirects

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

ickd.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.ickd.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3036::ac43:8afe (United States) 10 redirects

ASN13335 (CLOUDFLARENET, US)

www.ickd.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ickd.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.10.104.115 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pic.rmb.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.113.192.81 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

ss0.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2408:8710:20:118d:1::f4 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

lf6-cdn-tos.bytecdntp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400a:808::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.254.150.48 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)

zz.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 218.12.76.163 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cdn.bootcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.113.192.101 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.134.247 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-247.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.13.175 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.71.40 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-71-40.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.26 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	429 KB
29	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 304 ad.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390	150 KB
23	ickd.cn 11 redirects ickd.cn www.ickd.cn cdn.ickd.cn i.ickd.cn	73 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	426 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 136 mts0.google.com — Cisco Umbrella Rank: 6491 www.google.com — Cisco Umbrella Rank: 19	32 KB
7	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 704 rtb0.doubleverify.com — Cisco Umbrella Rank: 1048 tps.doubleverify.com — Cisco Umbrella Rank: 712 tpsc-frc.doubleverify.com	131 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	166 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908	3 KB
4	bdstatic.com pic.rmb.bdstatic.com — Cisco Umbrella Rank: 35168 ss0.bdstatic.com — Cisco Umbrella Rank: 98630 zz.bdstatic.com — Cisco Umbrella Rank: 29770	48 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1080	827 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 430	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 334	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5221	1 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2291	23 KB
3	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7858 sp0.baidu.com — Cisco Umbrella Rank: 20156	12 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 432	801 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 601	957 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 989	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 6371	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 3747	183 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1306	2 KB
2	bytecdntp.com lf6-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 143721	12 KB
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 915	166 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 941	191 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1440	712 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	34 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1009	443 B
1	bootcss.com cdn.bootcss.com — Cisco Umbrella Rank: 44308	4 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	641 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
134	31

	Domain	Requested by
21	pagead2.googlesyndication.com	www.ickd.cn pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com ad.doubleclick.net
20	cdn.ickd.cn	10 redirects www.ickd.cn
17	tpc.googlesyndication.com	googleads.g.doubleclick.net www.ickd.cn tpc.googlesyndication.com pagead2.googlesyndication.com
16	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net www.ickd.cn
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.ickd.cn
8	www.gstatic.com	googleads.g.doubleclick.net www.recaptcha.net www.gstatic.com
5	www.googletagservices.com	googleads.g.doubleclick.net www.ickd.cn cdn.doubleverify.com www.googletagservices.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	1 redirects www.ickd.cn googleads.g.doubleclick.net tpc.googlesyndication.com
4	cdn.doubleverify.com	www.ickd.cn cdn.doubleverify.com
3	onetag-sys.com	2 redirects www.ickd.cn
3	x.bidswitch.net	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.recaptcha.net	www.ickd.cn www.gstatic.com www.recaptcha.net
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	ads.creative-serving.com	2 redirects
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	hm.baidu.com	www.ickd.cn
2	lf6-cdn-tos.bytecdntp.com	www.ickd.cn lf6-cdn-tos.bytecdntp.com
2	pic.rmb.bdstatic.com	www.ickd.cn cdn.ickd.cn
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	ad.doubleclick.net	www.googletagservices.com
1	s.ad.smaato.net	1 redirects
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	sp0.baidu.com	www.ickd.cn
1	cdn.bootcss.com	cdn.ickd.cn
1	zz.bdstatic.com	cdn.ickd.cn
1	i.ickd.cn	cdn.ickd.cn
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ss0.bdstatic.com	www.ickd.cn
1	www.ickd.cn
1	ickd.cn	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
134	47

This site contains links to these domains. Also see Links.

Domain
i.ickd.cn
ai.taobao.com
m.ickd.cn
www.baidu.com
piao.gaotie.cn
beian.miit.gov.cn
service.ickd.cn

Subject Issuer	Validity	Valid
pic.rmb.bdstatic.com TrustAsia TLS RSA CA	`2022-01-21` - `2023-02-21`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.bytecdntp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-29` - `2023-07-28`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.bootcss.com R3	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh

This page contains 20 frames:

Primary Page: http://www.ickd.cn/
Frame ID: C6C74E7516B592E7869D5FE38174F862
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 0C6A22D8C5E5D1BF08EE1FD776C33EDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3195725015930868&output=html&h=280&slotname=5665525344&adk=3234390824&adf=3317876603&pi=t.ma~as.5665525344&w=820&fwrn=4&fwrnh=100&lmt=1664876592&rafmt=1&psa=0&format=820x280&url=http%3A%2F%2Fwww.ickd.cn%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664876592032&bpp=56&bdt=2323&idt=169&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&correlator=6312877788206&frm=20&pv=2&ga_vid=344206501.1664876592&ga_sid=1664876592&ga_hid=1590610993&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=580&ady=271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44773745%2C21065724&oid=2&pvsid=890513528463681&tmod=881134431&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JWTO73uhex&p=http%3A//www.ickd.cn&dtd=194
Frame ID: 81BF7F96378D0865F527912CEF350C79
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3195725015930868&output=html&adk=1812271804&adf=3025194257&lmt=1664876593&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.ickd.cn%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664876593258&bpp=3&bdt=3549&idt=3&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85a0f85ec6c3f758-22f6f8698bd70079%3AT%3D1664876592%3ART%3D1664876592%3AS%3DALNI_MZK7fGzYCdnF2Fb6TTju8edP5AekA&prev_fmts=820x280&nras=1&correlator=6312877788206&frm=20&pv=1&ga_vid=344206501.1664876592&ga_sid=1664876592&ga_hid=1590610993&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44773745%2C21065724&oid=2&pvsid=890513528463681&tmod=881134431&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=11
Frame ID: F0F2E151BD2F76FF3A223A08D2F20211
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld8B88ZAAAAAGFahGDOCvgPld5a98mX7WTe1UFh&co=aHR0cDovL3d3dy5pY2tkLmNuOjgw&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=1jl17ylymkqn
Frame ID: EFF428A52407475E35BE0D2870532439
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 2E16B8DC171C8A5ED6706D40960A0DC6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: F09D6977A443F2B3B83B9AB4CB37D0F8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3EE0677DE68CDAD05BCA271034283CEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_l-DRATAB&v=APEucNW-Caea24g0zonsd8MEFYQ2Ik_OYvcDZ2QXPlucl7Ze56QZkuMA9DU6IoU95kfIMekox0BVclMa-4eWnGx8n1t6zR8kZJ5WJ4FgPaQPdz3XwjB_mwySaiGZUtfiniE5JxUBP8XPdxPTG7-uHIxYf--sZuP-p8qpg34TJNEUsqCUDoODHWE
Frame ID: 85DC5AE65D0EB0D3D51EF2C574241768
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPIlIK70VmY_bDB7FYsF6_NICWD05HnIYGHgFKr0czRVb5HXFx-WR0uZSxMwD6dyWcuVnKHUZfJ7QDB_xT5I0kttFA9uGNUi1dgsHsfKaGvlLcG-35YwJby_si3Tl7i4kPPhE4jvFBUscCiWimQ4mS0lNCxpovAyZiJIxdM3wJLi92ENM&cry=1&dbm_d=AKAmf-Do7_L37teb-JlvniF9Lw0oGn4ttEyqLBxD_lAbKGWieOhUQKRYXpR_fxyOhCx2xkPJANoLhCzHCEDrScaAA69pmNcfn3a8vu6aFZgCdHUgOUr3tkYAx2XJ_Z5XuQUQ85GVc6pp9bovJOECo2-QlpAkK1HxiQu4YlvvnpefwyDwpYmenvdjplAaI-6M4Xqh87mrCkUZ0nk-qf7sm8UwANBwSynfD34lYW9nVxJW1PCNGX1QEMlcuXJ_FEFa4HgjEzVTXlO1oo6oKSxpDq2wYfu-qF8Zk7kT0SH_L9mozLjtqk7Ji16fkEq18kdRLPr_JgrT2lVMoGDbtWxPl2eXShpBDNQcMSpV5_NpfAM-J8F2L-SzEHBFkf6B_YOfrzZHUHQhcSczJmQQ46Q6ux915U58HUsbY6QFuxgVY_aQlXMrBEwp-rETEaeTSkWuSABN3FyeVnScSHMCfY6QNBn00rOA9y3-vDF5E3N4ry-t34Xh-hXJEgaFGL-RMNIxjp2sBhHiD5fAUu-M2QdbP4uXlMe3o5rHvtEW2a9bKT63QZK6NIzu7OTlYWQKQ3VAYDu5DwowosirYGF05i5cSjq_Z7XE98W4lpSv3nebWRmNF4WCwq-_vdfOF30RON9TwDVEp0UNF-ED2NG-z2xTAccJl5I24YqRXJzEiE3svCmMMmorEm4NlZTWWYfgw02wtO454oghDdjHYlksW-QgAqsOTsqv1dio2KPy6-NxdYHXgyEALANUREbWNMDzfERaOkYKeNFrLx7HqCb6TCuttCiLhxoCw2gFoG-McEC94IMxgDwqcCGHQ4VFy971VxKTPPJpnuCIGb8YvloRmcrEbdrG7sstiOFtdme7oJ5yLB4In43GlNQfNiPo9Sl7CsP4KIPn8xKQNaFVUkOhNYk7RZhbJxis3tpCghDE8pLY3cKxUeRKfVQsNFY6MQqWmDtAo6BDmkc-Uu3ajx4v3nvFFya6mHsW86j3CRPGrZbJQaJILpoEDDsYrudB9dZfcUTP3OUiSLagwenRTjGBb1hFionuEqEuM_R4YWNdEe4m-gClWI_bzXp4266Fg_6kQNz07iSnEPDM_fFhmOPrhS29CAjxF2vqym44dutSC--rquuu3_H3Gmp9TaAZlz_PmgERJNutKLB7tzsZSiMiPIvvZriMRVIfmHZlMzU-FeA4mr32bzkddFr2bHIgTbx7NKAqezCZzGr1A1qWm-0PKbinKC8MKA7Hrb7q3boqmoBlyNQR2qWWFIy4zKOgj6d1usEQ85chztNS33HpFY54EjFDTVuZ3cJdAV3fOILPQMhRHdwnckC-bSOduw3kKnLTdHQUNTkp2qYPNtov9k0j9k7XA3j8vEwG3HrGqpcqS2X85F4onDSstvEoWMRwDn9UcU3aAh1eK8sFZDToIAlMGUPbwE2W2NVkfPmXSyUO9QL7hBFjwXM75CLFGsmraxSlXe4XpmgS37AQ5KzYM6jT-kkROQr0YiXiIDulZ6nXw5wZkwlGO3_D6gN0pHen401B17-Z4otB5DVtjvKcGMB2hxFuCEFrzvyLzkrpmWhR7UaNQ2BO-VqH-21hVAnJo6ewOYQ213pLNAssFYKx3qTMLfKdrO8Ligh3Do08emeqGrsTEEov9eDs1hj-LL2aGFw6-RRmzov9zLVgQ04NB9YPrMW8zwTNAMRciMhM4RWS1doOPM_GM6QnH5IAHkSCueBJle4jF87cMvHdazrP4MlxZraKvuLksJ-3Z6uvfTbOp6NlyzQ-sWcUdFYa_pAbhTs5lT4-KGJgbwrZVm7ff75Nvbez4Qi3RzDpPxuhhilKK9WrJDvpi5DyF2TSu7GxK5ZWvUlPhdHCyGVekCKu6e1ZtrBkAyZh5fzHz2e8CcGzoPDGhbv4IAHIiJLOuGWzJza7QxjJ_uvJ1QeuWXRkMquzVjUSnkJX1eUGLRzl1xHGkHsjiAA5ouaEBJOaddz07zwRnvNm8tBF0n0U0IVnn0z_QJuLAfl6ryrmaPXxa-2AnouPb8Z2T4UKMwfQMrVq5zVSf45Isg838Vep-2QFrZhHNYvlovsZlw73Ql4V4wbYIa63JzzHQGBbdmaKDMy9zQVQclOvgnshfVxC3OIC8aOvav4mov_8s6AHRRTwWtKpvUEYJFA8tmpTJorvdNL1PfzfXd7CrYd4Vc6NDJ73DY0vgxgrtnWHvfxso_Lew9vMfagovpsKhO0d9pDTO8YEt4Nidj2SfhMRPZhVRpQDgH4QoKOmXxrp7Sxl9fyi_4E20dd_Nk0VbFxNg1N9042zBG9u4BzUaQVYKzmju9Uoxk8iFEPq8FB2NALi52KFK6mrBNMoYespWp1MrFsKV8T_WjHu0N_VH7w8ym5AL6H3qo_yTrE5yXPfwOONjjGQOeM44yHdlj43aszMWJf5KCe9I093HTSIex0RwrHo3R4a22LUw5d4lLs7iVf5IYY0UA9FKvLCYMQLUdAsbdsVHbMiKMqKSa_DOzW_LgqskTSokRwolhyd6-kuqRHID8uVjX3ZxbPnTnlyE4WdFrMm2LP7hWCtTOe4qoVXKEvBlOg_HjJ1fvhgQw-NSnL1Ni-9dIEabI1ExC3RL_cjPA0mISbC1oe31EbvHlu450sFB5QQBs66j37F7BDc9Y-Hn4JGbHiSZvaa94h0MZgnFx0epmBdDLj9v4nOqBCpy2eZ9QmBgcrK4rvuD5-LfdnidUJTn3oxGB3y6hgM_1yjsVTN3V004MhUqmgwjfL23cj_mcDacT-kA-PFeyFfwIQg-ykaGUkHliJ0gnbIGi3d6__fQPAuaNVwUr1KfuUudu5-ir7iZwuG1_ZQUj45k2EdFORjHBlqkP0_9VR3e2L_LKodSlOv0lWC24G_wumNPQJaMoxoMloB5NNXlas_rXFeRrdQLgoUJHZDG8Z53xsBrBktBrdJhRlB9ZKgYk7z8J9sfN3Y7K2JRWwFwP2sammOQEf2nVjTXipIY1T6IhVgCUBWPO0V9iQczoLQ8uCWG8PU0bdkZdNjgtJeH7H-Caig0kcenKIJGlwDDmgk5h13V8y23ucEm7BmICWJI571YYUQEOZEnCgDYA7FmtN_VycJCgpMCIh655sGE2WQ-B6iPCuXuSm1RaqkBxBi1_611pH64AZ6Dd61nFaq8m4eJgEn04Nxy2LpZahrt9UStvl3tBNY5Q28SDEcB3MD-SuDO9MoEflhygXUYzPRM4ZaOVBeGXP8PAPR-rYOtQ1ScblyVQz1FWWRNLg0_Xqt-T3Qd-NZtrqOfI9r3HVHtoa7gL1kymmT6Sq4QwHerVj7T5M_baEGXMroqhfZUWeWtMZVUrkOTgNt98lltwLsSeeyilq9OGk4Aw&cid=CAASJeRoUqakmIYtBIa7QeJ1vfv_cQ3Rh8othxg7aPZiYGwAlcV4874&rfl=2%2Chttp%253A%252F%252Fwww.ickd.cn%252F%240
Frame ID: 4B98C7FE8BF9F35FB9FC2427DBF6A4C4
Requests: 22 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 41C2846C60011697484FCDE2E588550B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8FDD879DA35A0AB0A36BA5971C3D4BBD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85044F42908DEF6E6B5ED9D46A63C94E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0972E4C173E75942C0AECE13D3FC2F3E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 0F4E686229955B0CDC54649DDA14EAFE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: A47E7031AB7D409276E43CCBC96B608B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B7F38363A98D6DBD4482A6BAC4FE83F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AE5FBC04A4BCFCFCC5B468FA7D7B0A96
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3664F1861247DA066DA40F6BAC753B4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ECB257010FF12E66CCB47FD88797D85A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

快递单号查询_快递查询API接口-爱查快递

Page URL History Show full URLs

http://ickd.cn/ HTTP 301
http://www.ickd.cn/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

134
Requests

79 %
HTTPS

39 %
IPv6

31
Domains

47
Subdomains

34
IPs

10
Countries

1540 kB
Transfer

4121 kB
Size

28
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://i.ickd.cn/login.html
Title: 登录

Search URL Search Domain Scan URL

URL: http://i.ickd.cn/reg.html
Title: 注册

Search URL Search Domain Scan URL

URL: http://i.ickd.cn/
Title: 我的快递单

Search URL Search Domain Scan URL

URL: https://ai.taobao.com/?pid=mm_10616213_2395594_78876612
Title: 领取淘宝红包

Search URL Search Domain Scan URL

URL: http://m.ickd.cn/
Title: 手机版

Search URL Search Domain Scan URL

URL: https://www.baidu.com/
Title: 百度

Search URL Search Domain Scan URL

URL: http://piao.gaotie.cn/
Title: 高铁订票

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 蜀ICP备11019750

Search URL Search Domain Scan URL

URL: http://service.ickd.cn/feedback.html
Title: 反馈

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ickd.cn/ HTTP 301
http://www.ickd.cn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cdn.ickd.cn/www/images/common-388e9dc994.css HTTP 302
https://cdn.ickd.cn/www/images/common-388e9dc994.css

Request Chain 2

http://cdn.ickd.cn/www/images/icon_hongbao.png HTTP 302
https://cdn.ickd.cn/www/images/icon_hongbao.png

Request Chain 3

http://cdn.ickd.cn/www/images/wechat.png HTTP 302
https://cdn.ickd.cn/www/images/wechat.png

Request Chain 5

http://cdn.ickd.cn/www/images/qrcode.jpg HTTP 302
https://cdn.ickd.cn/www/images/qrcode.jpg

Request Chain 6

http://cdn.ickd.cn/www/images/mini-qrcode.jpg HTTP 302
https://cdn.ickd.cn/www/images/mini-qrcode.jpg

Request Chain 8

http://cdn.ickd.cn/www/js/common-933bb4f466.js HTTP 302
https://cdn.ickd.cn/www/js/common-933bb4f466.js

Request Chain 10

http://cdn.ickd.cn/www/js/query-d87778f5e5.js HTTP 302
https://cdn.ickd.cn/www/js/query-d87778f5e5.js

Request Chain 11

http://cdn.ickd.cn/www/js/index-716ccbe67f.js HTTP 302
https://cdn.ickd.cn/www/js/index-716ccbe67f.js

Request Chain 12

http://cdn.ickd.cn/www/js/static-19cb81e682.js HTTP 302
https://cdn.ickd.cn/www/js/static-19cb81e682.js

Request Chain 13

http://cdn.ickd.cn/www/js/bottom-b504de726b.js HTTP 302
https://cdn.ickd.cn/www/js/bottom-b504de726b.js

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzwAM.nLQgeWA.ysTZ30bQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1&google_hm=2

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBnwo0khv22TgicBlLGnLY&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIwMTk2Njk2OTk2ODIxNTg4Mg%3D%3D

Request Chain 94

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&google_cver=1&google_push=AZmPxg-T55nfWUC_EpyA8QxfW0XaxN_ee8hurtzOinf1D-zmNrfd0w_2sSvr4fsvMwlXErTmrSIX4qzEEDyPtXcxCbwQqPjyKxpSUA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&google_cver=1&google_push=AZmPxg-T55nfWUC_EpyA8QxfW0XaxN_ee8hurtzOinf1D-zmNrfd0w_2sSvr4fsvMwlXErTmrSIX4qzEEDyPtXcxCbwQqPjyKxpSUA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cGdZWFNUblQxT0ZFc2o1&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&google_cver=1&google_push=AZmPxg-T55nfWUC_EpyA8QxfW0XaxN_ee8hurtzOinf1D-zmNrfd0w_2sSvr4fsvMwlXErTmrSIX4qzEEDyPtXcxCbwQqPjyKxpSUA

Request Chain 96

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOmBPHoTMwppxWo3y52jzR4&google_cver=1&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzYhq0U0E5zZDVwqJyA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOmBPHoTMwppxWo3y52jzR4&google_cver=1&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzYhq0U0E5zZDVwqJyA HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=cb585cad-005a-43fc-86a6-a0dfddc97bd8 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=cb585cad-005a-43fc-86a6-a0dfddc97bd8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=ae60f9dc-5da2-45b5-852f-f6cc411f78df&ssp=google&expires=30&user_group=5&bsw_param=cb585cad-005a-43fc-86a6-a0dfddc97bd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzYhq0U0E5zZDVwqJyA&google_hm=y1hcrQBaQ_yGpqDf3cl72A==

Request Chain 97

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF_cCKChnnjIAH9FvBzLtNE&google_cver=1&google_push=AZmPxg-kE5050Gk723CFJNhN-ovA-kmdZr92qj79t-AqknFHMtlZAY8JDcOBOlFNAArkkKQA7YePtWoyX9eDxhxfSYU-RgNoR6gK6g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-kE5050Gk723CFJNhN-ovA-kmdZr92qj79t-AqknFHMtlZAY8JDcOBOlFNAArkkKQA7YePtWoyX9eDxhxfSYU-RgNoR6gK6g

Request Chain 98

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPWZH_iAjffEtPRBBCIUxJQ&google_cver=1&google_push=AZmPxg8-mEHa5RjNNQckekQndlq2XIjhX8Viy__Fcxi36ULPxQdZ6LFdeT6pEN2GNJueTP0JkX6cXhK-93lbWGnKmz9jI47XWpLkXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8-mEHa5RjNNQckekQndlq2XIjhX8Viy__Fcxi36ULPxQdZ6LFdeT6pEN2GNJueTP0JkX6cXhK-93lbWGnKmz9jI47XWpLkXw

Request Chain 100

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPWZH_iAjffEtPRBBCIUxJQ&google_cver=1&google_push=AZmPxg-h3x852SMdBVl10SugUIukc32jdd9eC0KEGg_T2FPYudOjEmfnwO-B2LBJlrjD1kYLcSE7ICyxtRUzqsW1CBzrEe22Q0PnULE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-h3x852SMdBVl10SugUIukc32jdd9eC0KEGg_T2FPYudOjEmfnwO-B2LBJlrjD1kYLcSE7ICyxtRUzqsW1CBzrEe22Q0PnULE HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://um.simpli.fi/gp_match?google_gid=CAESEABCQ2eop0cca4KYRyPU9x0&google_cver=1&google_push=AZmPxg91hL0RetflzYTHkamVAX5sBLdeGwsRFa_hg4VK0jcdPXQVVIH0Jop2QZClihsshp6s0SwWJU3MDTcz1uuUR2IcPmw1bYX_Tbo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F572B210068B404A822C8362678B6D8B&google_push=AZmPxg91hL0RetflzYTHkamVAX5sBLdeGwsRFa_hg4VK0jcdPXQVVIH0Jop2QZClihsshp6s0SwWJU3MDTcz1uuUR2IcPmw1bYX_Tbo

Request Chain 118

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG6KZds1coQ1ET0h69ZgQ-8&google_cver=1&google_push=AZmPxg_zAOYJDHGfq83tIxKYxepm0jOJHpps9wjhkRYR89gQtNVhLEgU44gBJYiRQoUiWo0qYw1SZZIv51-v0kxndqjmXvOuMq8SOeU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_zAOYJDHGfq83tIxKYxepm0jOJHpps9wjhkRYR89gQtNVhLEgU44gBJYiRQoUiWo0qYw1SZZIv51-v0kxndqjmXvOuMq8SOeU&google_hm=hmM8ADNzBBVZIpnnmg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D633C0033730415592299E79ABLIS

Request Chain 119

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN-0TcN0XM0hOW0wfF5vKaQ&google_cver=1&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCRdqBkrptmWHP_OBzwja-tRZtCQoOg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN-0TcN0XM0hOW0wfF5vKaQ&google_cver=1&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCRdqBkrptmWHP_OBzwja-tRZtCQoOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg5NDMzNzczNTU1NjIyNDE3Mw&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCRdqBkrptmWHP_OBzwja-tRZtCQoOg

Request Chain 121

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPQv8OQXL72yCQw1-egW5pE&google_cver=1&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-DWWnmi52P472Mp2LRmAcLu-unbx7MJJoR0K54N3SjTlLP8s HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-DWWnmi52P472Mp2LRmAcLu-unbx7MJJoR0K54N3SjTlLP8s&google_gid=CAESEPQv8OQXL72yCQw1-egW5pE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0NzcwNTQyMDIzODYzNDMyMzY0NQ%3D%3D&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-DWWnmi52P472Mp2LRmAcLu-unbx7MJJoR0K54N3SjTlLP8s

Request Chain 122

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENaAYDIUisxnNq52RdU0_Rs&google_cver=1&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3JpxiuuvIjjkwOS4vV7Ojx5WGeiZJWuBm-nPJJxfGxhBfybGQ6 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENaAYDIUisxnNq52RdU0_Rs&google_cver=1&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3JpxiuuvIjjkwOS4vV7Ojx5WGeiZJWuBm-nPJJxfGxhBfybGQ6&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01WjBVdEpaRTJ1RVVWaUVuVmE1MmVNeXVQUFRmRXQ2Qn5B&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3JpxiuuvIjjkwOS4vV7Ojx5WGeiZJWuBm-nPJJxfGxhBfybGQ6

134 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.ickd.cn/
Redirect Chain

http://ickd.cn/
http://www.ickd.cn/

17 KB
6 KB

1240ms
978ms

Document
text/html

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ickd.cn/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4926b9dfd9a25e01edb50340271e0e757e72971921776e48f8f25264ed07d51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 754cf8b7898bbc04-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Tue, 04 Oct 2022 09:43:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxckIC7KTcxdzmZZR7q4A1oOIWQ%2Fn6XpBowpSmAFoEWgiClD7lzeq6059fDbnjO%2Fxyds9Qx0%2Fxxqt3ttMHmhEk0pXmr1b%2FX6Dc09VUfjJS00Q8267YfeRdyYxUc%2Bn3CCvvujGgnDmvOtwg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 04 Oct 2022 09:43:08 GMT
Location: http://www.ickd.cn/
Server: nginx

GET
H2

200

common-388e9dc994.css
cdn.ickd.cn/www/images/
Redirect Chain

http://cdn.ickd.cn/www/images/common-388e9dc994.css
https://cdn.ickd.cn/www/images/common-388e9dc994.css

30 KB
8 KB

1172ms
760ms

Stylesheet
text/css

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ickd.cn/www/images/common-388e9dc994.css
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b83983a9480d7d58b818028bd9b95ac89e757cb5668b6d678f7e91452127917b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: br
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cos-request-id: NjMzYTM1MTRfM2JiOTJhMDlfMjAzNGVfMWU4YzFiNw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cos-hash-crc64ecma: 1571677371315680200
last-modified: Tue, 26 Jul 2022 16:04:06 GMT
server: cloudflare
etag: W/"21bb757af52239bb0242ef38778c2b1d-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Fg%2FWfuUBizwIf53zd9QBn5HGrxw4PXHddkhBkkU%2Be3YUvu%2FIR8pmQJdFI27PSw1NRASuWt%2F%2FI8ycHnWhKz9gC84Hkh1%2BytBw2qdNLtmlS96HXPYasYihhmuTFyV5UJ3Ge0s4IjquIcO2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
x-nws-log-uuid: 15225183856169023197
cf-ray: 754cf8c74e4a5caa-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:10 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcPsIHUM8iE9d2gS%2F3gkED4Z9I%2FFUrbC6DQi5nyD0pEQ1HPHs5rdsPGCo1ccj6VLFgAuyqTbqqjrUX6KmmM8651%2FGVmJeUSptv7rwRMvOf2BbCmH1Z9DZCg6pcNGg2D%2BOigE%2Bnalt%2FBBgA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/images/common-388e9dc994.css
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 6402787050463249482
Connection: keep-alive
CF-RAY: 754cf8bfaa3fbb5f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2 200 189cb99e94a32ef33a8e8a96d1c38dae.png
pic.rmb.bdstatic.com/bjh/news/ 4 KB
5 KB 2024ms
7ms Image
image/png 185.10.104.115
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/news/189cb99e94a32ef33a8e8a96d1c38dae.png
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 5c1007d0b410dc64f328a12594caaa0fd3db04ef82c5339909d9b1eda89b8525

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

ohc-file-size: 4463
date: Tue, 04 Oct 2022 09:43:11 GMT
content-md5: GJy5npSjLvM6joqW0cONrg==
age: 1291631
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 4463
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache115 [1], xaix159 [2]
last-modified: Fri, 22 Apr 2022 10:39:31 GMT
server: JSP3/2.0.14
etag: "189cb99e94a32ef33a8e8a96d1c38dae"
x-bce-request-id: 219ccadf-b63e-41a2-b5e8-7181f531eeb4
content-type: image/png
x-bce-debug-id: dZ/QTyC6K2BnroAYDjDuhwuoqduMtvbtSR9FmPWQSzIiKEaVzWHLCadKT9/dYJ+nkglCPFV0fo6txl6sxx1ABA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3865940843
expires: Wed, 14 Sep 2022 01:35:19 GMT

GET
H3

200

icon_hongbao.png
cdn.ickd.cn/www/images/
Redirect Chain

http://cdn.ickd.cn/www/images/icon_hongbao.png
https://cdn.ickd.cn/www/images/icon_hongbao.png

558 B
1 KB

787ms
787ms

Image
image/png

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ickd.cn/www/images/icon_hongbao.png
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H3
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee854d774241fddf9cb691acfbb809cb9741d364db17dd399c55383e8eb584d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cos-request-id: NjMzNzIzZjZfOThiMzE0MGJfMTdmMTZfNDA2NjlkZQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 558
last-modified: Tue, 02 Apr 2019 11:41:21 GMT
server: cloudflare
etag: "c50324e62ceb74cc31c1ee46c4619ee2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3oDMevUlFhNZCXJSJI7MGmEflQn78HK%2F7VQADcnUDwJP9IQusuhh1Jj9Pwd%2BD7i%2FrGLMKqEpM0d%2F1L%2FraUYx833RkMPVrHAEwGL3ElEFn%2B%2B0BIs4DGyhFB4sZ4jO1F5MRVwZyIwseeF1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
x-nws-log-uuid: 1011272645931451135
accept-ranges: bytes
cf-ray: 754cf8d0a96a9a23-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:12 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlofsGYpuqRz10KUVNZPgfGU7%2F1AEf6S6MPlPQj7egDDWqAbxITV9z1lqDEx3ewyKAjwiV4b7Bsujsq3MEkwfyvu%2Bfn%2FGFVIQunBMhlcSVuSo62jFSo3PzJsTx70hu7QWwU5zNbanmwnuA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/images/icon_hongbao.png
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 13727281277532507112
Connection: keep-alive
CF-RAY: 754cf8cc1e22bb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H3

200

wechat.png
cdn.ickd.cn/www/images/
Redirect Chain

http://cdn.ickd.cn/www/images/wechat.png
https://cdn.ickd.cn/www/images/wechat.png

2 KB
3 KB

248ms
248ms

Image
image/png

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ickd.cn/www/images/wechat.png
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H3
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00743b36fb54848a953069e98027c00e38a7233c5ce0c5d2dc16454680332e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cos-request-id: NjMzOGUyMzNfYTY1MWMwMDlfMmI4OTNfMWUwNWNlOA==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2093
last-modified: Fri, 20 Dec 2019 14:51:02 GMT
server: cloudflare
etag: "041fe1e42acf5f9625a1b8842920cc8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxMWdLFABlT%2B168bX4yBu%2FoFrd4xTN0iZGdd495Clx93G39rCTftpyAmg%2F%2BjYiJ5l8IUtNS7AhyYGzVtT1KNwcbE1J0yPQb9Oqb%2F8ascW0DXXWHZAkAMgQ8atYl0%2FDLDc%2FHjVfaAGUpBvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
x-nws-log-uuid: 3222301277210759070
accept-ranges: bytes
cf-ray: 754cf8d0a9789a23-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:12 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUAeJ%2BfjBNidCgt9TJIbjlS2NRoWCwQVfVgLDuteynua5Ft0ObWB7D9JLJpAgKAQleTSrXqO9HZPIdaYUN4kemALMAh0i63MebVszTZO36%2FK28pnZL50F0aUunZqflU0CQoc5Z%2Bn63O%2FsA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/images/wechat.png
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 4652734125937452522
Connection: keep-alive
CF-RAY: 754cf8cc6f229131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
57 KB 45ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4eeba7847f84afbae5fd785b87c2abfe74df234fee82497e4af1cc0d64fae6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:43:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 10117584945302788608
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 58081
X-XSS-Protection: 0
Expires: Tue, 04 Oct 2022 09:43:09 GMT

GET
H3

200

qrcode.jpg
cdn.ickd.cn/www/images/
Redirect Chain

http://cdn.ickd.cn/www/images/qrcode.jpg
https://cdn.ickd.cn/www/images/qrcode.jpg

5 KB
6 KB

757ms
737ms

Image
image/jpeg

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ickd.cn/www/images/qrcode.jpg
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H3
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40f11eb60da08515f874879f34f7a06cac9fb40399ed239e4f4c0995f755fa1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cos-request-id: NjMzNTNhNThfNjk0ZTQ0MGJfNzg4XzM2ZmIyNzE=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5245
x-cos-hash-crc64ecma: 10418130416771308996
last-modified: Tue, 26 Jul 2022 16:14:04 GMT
server: cloudflare
etag: "4646cf12fda8dda2637ed13c985eed67-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crep4lABJE9lzqOtXp9Ayu1Ul%2FY%2F3Ct%2F71lxJnOGsebme7Y4tBsy0JT4oUHCmBgEiiKgIoypPbGbj5R6R99Ski%2FbF64ZuDuWryA%2Bt9VxIgely6qJSVeVM8nE60LoxUyGZossd0PlA0Zt3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
x-nws-log-uuid: 7068013687234833968
accept-ranges: bytes
cf-ray: 754cf8cf3e669a23-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:12 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kIK1aGAs7fvur56DEArIU3Y96YTncb35PagvEJZ7lVKISmF8lkxghmVs%2FLp9bF6jUm7SzqsgEDpXkQ%2BBCO1KJuLaJMOIvjGD5cFtIN97Q6l4nPnEBnKCx%2BBKReVuaEV4AMMRTMk9Nef5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/images/qrcode.jpg
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 11576965847804608718
Connection: keep-alive
CF-RAY: 754cf8cc8a696963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H3

200

mini-qrcode.jpg
cdn.ickd.cn/www/images/
Redirect Chain

http://cdn.ickd.cn/www/images/mini-qrcode.jpg
https://cdn.ickd.cn/www/images/mini-qrcode.jpg

4 KB
5 KB

802ms
781ms

Image
image/jpeg

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ickd.cn/www/images/mini-qrcode.jpg
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H3
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cb24bae1fec78bfc97589cfd19f2d7cd622c4d5c422a55991114ccbdc1df640

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cos-request-id: NjMzN2U5NmJfMjBlZDIzMGJfMWRiN2RfM2QzZTJkMg==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4426
x-cos-hash-crc64ecma: 18102359736122509785
last-modified: Tue, 26 Jul 2022 16:13:35 GMT
server: cloudflare
etag: "1eca20c571aa7af93b28da48e76eaccc-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxKM8L4jQUghvWVq0nbO6hO8IFLnqpo4wksv9rEiFLCN5%2FkeiheDruRU12gIm1UfyjJl18X6l6QYkuugR0UoLH4pdhFz2EXkAErfErsd4U%2BGNYrpLpXKvc3sw8RMBGII%2B6TY9TQNnDBzLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
x-nws-log-uuid: 14901011912002579068
accept-ranges: bytes
cf-ray: 754cf8cf2e5f9a23-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:12 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M8em%2BnYiHNEbB3v4VL9QBcIh8QlETNEHp%2BtN6c7VLhgJsYPIYnKEFrdOpJnVAQBrFCvyq8yEwqQIy4um%2BGVQntp6%2FkwuYtydBOLzv6%2FOT%2B%2Blm%2FR9Iyro6admXi%2BF7QncRhSNGOXDLmkxg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/images/mini-qrcode.jpg
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 3427394849602792715
Connection: keep-alive
CF-RAY: 754cf8cc8c6bbb5f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2 200 jquery-1.10.2_1c4228b8.js Show response
ss0.bdstatic.com/5aV1bjqh_Q23odCf/static/superman/js/lib/ 98 KB
40 KB 3458ms
158ms Script
application/x-javascript 45.113.192.81
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: https://ss0.bdstatic.com/5aV1bjqh_Q23odCf/static/superman/js/lib/jquery-1.10.2_1c4228b8.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.113.192.81 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 9e9f2dadb51777dc69589bbbe20a76bfc7218b67a972afb3234fd76bbd5561b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
content-encoding: gzip
ohc-cache-hit: sin01-sys-jorcol06.sin01.baidu.com [2]
ohc-response-time: 1 0 0 0 0 0
last-modified: Fri, 11 Jan 2019 09:26:44 GMT
server: JSP3/2.0.14
age: 1126272
etag: W/"5c386154-18885"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 21 Oct 2022 08:51:48 GMT

GET
H2

200

common-933bb4f466.js Show response
cdn.ickd.cn/www/js/
Redirect Chain

http://cdn.ickd.cn/www/js/common-933bb4f466.js
https://cdn.ickd.cn/www/js/common-933bb4f466.js

7 KB
4 KB

1208ms
806ms

Script
application/javascript

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ickd.cn/www/js/common-933bb4f466.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d148103887c0c8a14046c95e5fe8f0e44adae73e58c8db26cfcfe5793030b313

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: br
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cos-request-id: NjMzYTQ3M2JfYmI0ZTQ0MGJfMjBkOTlfNDA5ODZmNw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cos-hash-crc64ecma: 1170118291532771683
last-modified: Thu, 27 Feb 2020 10:24:51 GMT
server: cloudflare
etag: W/"4e2b4a9cb6e3b1b28362d73ffde07ba3-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ly8ZK%2FNGFaCiVTdVmBqIqccUHpicrcNuH6f7flzzvGqqgWcokb5C9EIrXcCrDDrwpWXJeCmZvI6yOPetb8hzsPm8hZI%2F3c%2FgZCYupvS92Ue24Qdsr5jnpsvcFhTb2%2B3q7zuGbX5xr82fJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-nws-log-uuid: 10710462173791499000
cf-ray: 754cf8c75e535caa-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:10 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b13k7oTR5gpwB2TEMCwKo0lXTjCeZNzR5DSuMD%2BqsfyqaNcIk9eZPa2ul7m9Zjiv8wZk8EbbcFLT4EoKv1UFpf08FucykZ%2F%2BK1FxYx64%2FXVHgIUSdbNPkXvtq7VAF%2FtbEsHfJJKme0kXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/js/common-933bb4f466.js
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 9960903956601839313
Connection: keep-alive
CF-RAY: 754cf8bfab009131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2 200 layer.min.js Show response
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/ 22 KB
8 KB 3490ms
260ms Script
application/javascript 2408:8710:20:118d:1::f4
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.min.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2408:8710:20:118d:1::f4 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: be5b759996d0b5b388dc5922f99d18d5f3feb0ffb3b1a9d5b73b8c0a427ab8d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:37:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 327947
x-link-via: tjun03:443;taizmp03:443;
x-cache-status: HIT from KS-CLOUD-TAIZ-MP-03-18, HIT from KS-CLOUD-TJ-UN-03-07
server-timing: inner; dur=14
content-length: 7689
last-modified: Sun, 24 Apr 2022 19:58:21 GMT
server: nginx
etag: W/"6265abdd-56f0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-tt-trace-host: 01d186d67f23944e36d40f5ab5fd274cf17b3a161c9e148aa05c117b845363c1f9d34b45fea73f299c380d370358f83a9dd8c274e52dffe9b2b0e675efe87cee6a742714f48dfe553e30b5dbd3b4010430dd7c26ae85eb54913def8cc5d07d95b7e54cdd9cc041d9847bfeef4bd3a45f59
x-response-cinfo: 2a00:c98:2050:a007:2::5
accept-ranges: bytes
x-response-cache: edge_hit
timing-allow-origin: *
x-cdn-request-id: e0b4fc1abdf1b889f218bb58d4ffd995
expires: Sun, 30 Oct 2022 14:37:25 GMT

GET
H2

200

query-d87778f5e5.js Show response
cdn.ickd.cn/www/js/
Redirect Chain

http://cdn.ickd.cn/www/js/query-d87778f5e5.js
https://cdn.ickd.cn/www/js/query-d87778f5e5.js

29 KB
11 KB

1731ms
1250ms

Script
application/javascript

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ickd.cn/www/js/query-d87778f5e5.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d435cd43d147ac3a85b14c3b4a11f12fa51e67a6408b5bdec76bf447610e1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: br
x-cache-lookup: Cache Hit
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cos-request-id: NjMzYWRlOTlfZDRhYzE0MGJfOTkyYl80N2IzYTNh
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cos-hash-crc64ecma: 4460258744309518151
last-modified: Thu, 08 Sep 2022 15:09:52 GMT
server: cloudflare
etag: W/"b225781f95c437ca29bc51b7fafc62c3-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpoQZOFxA4Ot2Jp1CwDhsXInEvTI3sMqMOjLktuEPGQkWbFf88tRqpridpjkcH30RYIWlXxq%2F91Ww%2FZ7P6s45XdW9e%2BFC3PGTooZkvKjVVaOTLl8sCGaxJmgLZ9Dip6Ds4Tt2y%2F85IYQsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-nws-log-uuid: 16729613109471661997
cf-ray: 754cf8c75e4e5caa-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:10 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBerqLSPGLkQJDqecUcl0Cm4mKCGMEG5Pmf6s0bWu0PnSFn9gkfjAG29h9JfuOL85%2FgmFscJpmZ5BtnVn4Fwn%2FxHk71pD9wfX1vWKmPI596DS%2FYZ%2B10CgGuTDzGiI05jAN8FdB8bMNSLxA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/js/query-d87778f5e5.js
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 2280537686964382207
Connection: keep-alive
CF-RAY: 754cf8bfae719ba1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

index-716ccbe67f.js Show response
cdn.ickd.cn/www/js/
Redirect Chain

http://cdn.ickd.cn/www/js/index-716ccbe67f.js
https://cdn.ickd.cn/www/js/index-716ccbe67f.js

57 KB
18 KB

1595ms
1125ms

Script
application/javascript

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ickd.cn/www/js/index-716ccbe67f.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f25124b87ab04c6028e9a19e4a7c81de35d88f5b4de65829f1e94a8851104088

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: br
x-cache-lookup: Cache Hit
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cos-request-id: NjMzYTEzZDFfZjZiNTE0MGJfMTRkNGNfNDY0NDJlMw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cos-hash-crc64ecma: 15495328221941753548
last-modified: Tue, 30 Nov 2021 08:55:57 GMT
server: cloudflare
etag: W/"e306c866577f4067a17f89f830f0ffa6-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQcvirgoo5E%2FpwW62UDvQXyGBTY%2FH58750I9fN6QxUXf8MwEDQocEvwfAw8ngRg94JxxQ7jsLhVCq%2FRU%2FzCYWWTQM9hFhPqckzoAq7iYT1%2BzgtHGTuVl5a3%2BBkqJHdxqyC37mJ6ro5aivw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-nws-log-uuid: 13486153186577921991
cf-ray: 754cf8c75e505caa-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:10 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy%2BU6k1arye45Oupx0%2BtfBMisxonTJ7v6giRgKOg42FORBfiaZbMriEqX0a2rOEp7GfjO3WkpJjtF0hA2Sk4vWYDvKytV1Vg75Rb7PCx1f3RVuBuPCC%2FxqEFW%2FRcRjfJs5Jjfjw7AxYZRg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/js/index-716ccbe67f.js
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 949730780652792957
Connection: keep-alive
CF-RAY: 754cf8bfab36bbe5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

static-19cb81e682.js Show response
cdn.ickd.cn/www/js/
Redirect Chain

http://cdn.ickd.cn/www/js/static-19cb81e682.js
https://cdn.ickd.cn/www/js/static-19cb81e682.js

5 KB
3 KB

1556ms
1231ms

Script
application/javascript

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ickd.cn/www/js/static-19cb81e682.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a06b189c10f264dc2efa516c69d509a2c3db16caf19f7fee98a3e1db4a5c329

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: br
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cos-request-id: NjMzMjUwMzVfODRjOTJhMDlfMTQzYTdfMjBiMzQ4Zg==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cos-hash-crc64ecma: 17134071811881596094
last-modified: Fri, 22 Apr 2022 12:20:44 GMT
server: cloudflare
etag: W/"ec96714e408321199601caeb09827338-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4Ju462%2BH7meVkyGa1xDXaHE9eRmhVRGH6yD3gdAJ02uw1WaDYtigjYR21WBJML4FjPK7o5OyaAmswcNKEqSvoE%2Bau%2BOfrlIlSaKJ3Y%2BAmCYq6fiukaXVdPw3x4Snov3O21EpVE%2B%2Fo1XzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-nws-log-uuid: 11585662059618222019
cf-ray: 754cf8c75e545caa-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:10 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6KxbGAXWf9S6%2BlVoNkNIMyJWjxobI5ne4bGOIcCZSHibRp0uKWuP8uNOLMzmamNNZ9FqC2MtSj2xymrzYaaGvlSjEi8JkFLxILywOUsC6%2FFmtyOCiz8t1j7wCXepvOagx4tAIB06pg8sg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/js/static-19cb81e682.js
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 16859321466778808935
Connection: keep-alive
CF-RAY: 754cf8bfbbbebb43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

bottom-b504de726b.js Show response
cdn.ickd.cn/www/js/
Redirect Chain

http://cdn.ickd.cn/www/js/bottom-b504de726b.js
https://cdn.ickd.cn/www/js/bottom-b504de726b.js

3 KB
2 KB

1280ms
848ms

Script
application/javascript

2606:4700:3036::ac43:8afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ickd.cn/www/js/bottom-b504de726b.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Server: 2606:4700:3036::ac43:8afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ed7b4da0a175a05ececea3222f8906c44cd6255f8f5874e3c12e1b044b6b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: br
x-cache-lookup: Cache Hit, Hit From Inner Cluster
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cos-request-id: NjMzODM1NjdfMmVhZTE0MGJfMTRhZV80MjdkODY3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cos-hash-crc64ecma: 6385591055051157863
last-modified: Fri, 22 Apr 2022 12:20:38 GMT
server: cloudflare
etag: W/"3613a18a7b16c40f5a67e6818f5ae217-1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FhfHCE82nyyd9PedvivsqwrjvE15LhN5CzGKmcs6v7OZcO%2FenN%2Ft92oDygyun6ycgkutOUKm1DGU7YwBAaZGL2rmXG7WoRRv2MGYy%2BH%2BToiZ13wpu5KxGTyQ72A1QBuXz6T9Cwbb%2FoNhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
x-nws-log-uuid: 2694029234493301192
cf-ray: 754cf8c75e515caa-FRA

Redirect headers

Date: Tue, 04 Oct 2022 09:43:10 GMT
X-Cache-Lookup: Return Directly
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBmZeq7S9Pfv%2FjhhLI1b6%2FD5njRCvlQyOH3ZGxlqHQlmymOwNm71xS%2FnDZBs3NYs8rsokBgruZka1Ner5SKytrH%2BoTwgsUIGyWC%2F1IyUyZLeDb7ObgrXjlZp%2BS5c0Q7emI14i3RJ2vw2ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.ickd.cn/www/js/bottom-b504de726b.js
Cache-Control: max-age=86400
X-NWS-LOG-UUID: 9702800927137457158
Connection: keep-alive
CF-RAY: 754cf8bfa9126963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1400ms
377ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?39418dcb8e053c84230016438f4ac86c

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

335cebfc0890a3c8ec008c097fcd086740b0e93a73c7a36e630435356251c013

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:43:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 53f83225acbf75b1a0e77f57cdf71b8e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11481

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 887 B
1001 B 67ms
29ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6Ld8B88ZAAAAAGFahGDOCvgPld5a98mX7WTe1UFh

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

065687804bcf46dabed4ccfc02d71ee3737d6c839aea8f9364ddd33cdab20fe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Tue, 04 Oct 2022 09:43:09 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/ 349 KB
115 KB 105ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195725015930868&plah=www.ickd.cn

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f47650fc62b6c1dc3616032d4f1217edf9d45478b8d68b22ad5fd5eea60ea8bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117176
x-xss-protection: 0
server: cafe
etag: 10564910986899484210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 09:43:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 0C6A 10 KB
5 KB 120ms
32ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 22:20:34 GMT
etag: 9671129459699598864
expires: Mon, 17 Oct 2022 22:20:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
641 B 69ms
33ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.ickd.cn&callback=_gfp_s_&client=ca-pub-3195725015930868

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3195725015930868&plah=www.ickd.cn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

1f2999ea640ebe8941dc2b66b1af40e50b1aa7a38e8e7ee1365eaf4826de8d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 61ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ickd.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
51ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ickd.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81BF 117 KB
36 KB 882ms
881ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3195725015930868&output=html&h=280&slotname=5665525344&adk=3234390824&adf=3317876603&pi=t.ma~as.5665525344&w=820&fwrn=4&fwrnh=100&lmt=1664876592&rafmt=1&psa=0&format=820x280&url=http%3A%2F%2Fwww.ickd.cn%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664876592032&bpp=56&bdt=2323&idt=169&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&correlator=6312877788206&frm=20&pv=2&ga_vid=344206501.1664876592&ga_sid=1664876592&ga_hid=1590610993&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=580&ady=271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44773745%2C21065724&oid=2&pvsid=890513528463681&tmod=881134431&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JWTO73uhex&p=http%3A//www.ickd.cn&dtd=194

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bf815d7bf03f0177428055d28ee4c0c5254e2bcf3548fa82fcfd5ec85652193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36648
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:43:13 GMT
expires: Tue, 04 Oct 2022 09:43:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 81BF 8 KB
1 KB 636ms
45ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3195725015930868&output=html&h=280&slotname=5665525344&adk=3234390824&adf=3317876603&pi=t.ma~as.5665525344&w=820&fwrn=4&fwrnh=100&lmt=1664876592&rafmt=1&psa=0&format=820x280&url=http%3A%2F%2Fwww.ickd.cn%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664876592032&bpp=56&bdt=2323&idt=169&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&correlator=6312877788206&frm=20&pv=2&ga_vid=344206501.1664876592&ga_sid=1664876592&ga_hid=1590610993&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=580&ady=271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44773745%2C21065724&oid=2&pvsid=890513528463681&tmod=881134431&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JWTO73uhex&p=http%3A//www.ickd.cn&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 09:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:22:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Oct 2022 09:43:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 81BF 2 KB
983 B 605ms
38ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:32:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81BF 0
0 72ms
72ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmb_8MAA8Y6PKEN20iQaK6qnQBMekrqRp85zCs_QPkKeA7JACEAEg8ufIHWCVwqaCsAegAYbCrbIoyAEJqQKmGjI1NoCwPqgDAcgDywSqBM4BT9DNCo4OIzoqtJMJIajaMJaUZFzrj6k70ALeQayFLX7UBEyvAf6vwmflfUEESV7wOMTPLHnjebxl5s3NUspncMCjs5uaiSZ6Px5_ZBcqSD7vSgNdNHcpwsXPJ3PaR4SlOfA2IF0Ldtdvha-Fy_BepVDRhG6Jzk2BBp9h33Jl6iNwmvEd9dau2e0nfdgDyDRgP3IUwC_tyQjgYNHjadsT01VpzV7jZeObRPXNnYf1K1g4Cnif3iUQyyXgopidnpA_mWzUASExpogQ6G0UhYbABLjWv_GKBJIFBAgEGAGSBQQIBRgEoAYugAeG-v2RA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJbOMNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi0zMTk1NzI1MDE1OTMwODY4GAA&sigh=nNQRRm9x6P0&uach_m=[UACH]&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3195725015930868&output=html&h=280&slotname=5665525344&adk=3234390824&adf=3317876603&pi=t.ma~as.5665525344&w=820&fwrn=4&fwrnh=100&lmt=1664876592&rafmt=1&psa=0&format=820x280&url=http%3A%2F%2Fwww.ickd.cn%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664876592032&bpp=56&bdt=2323&idt=169&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&correlator=6312877788206&frm=20&pv=2&ga_vid=344206501.1664876592&ga_sid=1664876592&ga_hid=1590610993&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=580&ady=271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44773745%2C21065724&oid=2&pvsid=890513528463681&tmod=881134431&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=JWTO73uhex&p=http%3A//www.ickd.cn&dtd=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 04 Oct 2022 09:43:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 04 Oct 2022 09:43:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 81BF 23 KB
10 KB 591ms
29ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:31:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 81BF 3 KB
1 KB 592ms
38ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:34:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 81BF 17 KB
7 KB 588ms
34ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:38:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:38:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81BF 141 KB
44 KB 586ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 09:43:13 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 81BF 32 KB
14 KB 579ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 11:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Jan 2023 11:54:12 GMT

GET
H2 200 data=NxOGK_A2P4sL9otioa_utbgIHyfNzi6lEcT-y92od4NzVYcTN47ar84EBH2Ywmz0WajVTar4TDlrC9NJisdOkw
mts0.google.com/vt/ Frame 81BF 31 KB
31 KB 650ms
97ms Image
image/png 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=NxOGK_A2P4sL9otioa_utbgIHyfNzi6lEcT-y92od4NzVYcTN47ar84EBH2Ywmz0WajVTar4TDlrC9NJisdOkw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ee4062a98ddebfdafc026aedf74c6493b48d572902b4e8eb4b31693ea50b2946

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=83
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31310
x-xss-protection: 0
x-server-version-bin: CggIBBDKoOqZBg==
server: scaffolding on HTTPServer2
etag: 0aa19de9a860337c6
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Tue, 04 Oct 2022 10:43:13 GMT

GET
DATA 200
OK truncated
/ Frame 81BF 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 81BF 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 81BF 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 81BF 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 layer.css
lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/theme/default/ 14 KB
3 KB 252ms
251ms Stylesheet
text/css 2408:8710:20:118d:1::f4
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/theme/default/layer.css?v=3.5.1
Requested by: Host: lf6-cdn-tos.bytecdntp.com
URL: https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/layer/3.5.1/layer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2408:8710:20:118d:1::f4 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx /
Resource Hash: 5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 13:30:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 72790
x-link-via: tjun03:443;zaozmp23:443;
x-cache-status: HIT from KS-CLOUD-ZAOZ-MP-23-22, HIT from KS-CLOUD-TJ-UN-03-11
server-timing: inner; dur=6
content-length: 2789
last-modified: Sun, 24 Apr 2022 19:58:21 GMT
server: nginx
etag: W/"6265abdd-37bf"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-tt-trace-host: 01a5a32a4c20068f6f1e7775216eae9213e089ead44e68fc7d61edb778452690d460fc38b04a7f7f35ef0b560300fb322a517276f56b95e4f630c7be196147070ce564b0709b8eff7cb97791369620b03c91365a1c12d6522e7beeee54d6f098339f1f77b64173cb102c6fd714ab9cdd40
x-response-cinfo: 2a00:c98:2050:a007:2::5
accept-ranges: bytes
x-response-cache: edge_hit
timing-allow-origin: *
x-cdn-request-id: b9847bedb422f99dfe938b731cf6992b
expires: Wed, 02 Nov 2022 13:30:02 GMT

GET
H/1.1 404
Not Found loginStatus.do
i.ickd.cn/ 0
0 1279ms
258ms Script
application/json 101.35.123.11
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: http://i.ickd.cn/loginStatus.do
Requested by: Host: cdn.ickd.cn
URL: http://cdn.ickd.cn/www/js/static-19cb81e682.js
Protocol: HTTP/1.1
Server: 101.35.123.11 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
512 B 1162ms
187ms Script
application/x-javascript 58.254.150.48
UNICOM-GUANGZHOU-...

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: cdn.ickd.cn
URL: http://cdn.ickd.cn/www/js/static-19cb81e682.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.254.150.48 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: br
tracecode: 31413257130553357066100416
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 02 Jun 2022 02:13:32 GMT
server: JSP3/2.0.14
age: 1836
etag: "62981ccc-134"
ohc-cache-hit: gz3un55 [2], zhuzuncache56 [2]
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes

GET
H2 200 clipboard.min.js Show response
cdn.bootcss.com/clipboard.js/2.0.1/ 10 KB
4 KB 3862ms
247ms Script
application/javascript 218.12.76.163
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bootcss.com/clipboard.js/2.0.1/clipboard.min.js
Requested by: Host: cdn.ickd.cn
URL: http://cdn.ickd.cn/www/js/static-19cb81e682.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 218.12.76.163 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 848bc8c5eaa119917e55578ce79934989bd6a50ea04e45a4dc499cf8d9a8c180

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

ohc-file-size: 3281
x-log: X-Log
date: Tue, 04 Oct 2022 09:43:16 GMT
content-encoding: gzip
via: CHN-HEshijiazhuang-AREACUCC1-CACHE38[4],CHN-HEshijiazhuang-AREACUCC1-CACHE44[0,TCP_HIT,2],CHN-TJ-GLOBAL1-CACHE114[30],CHN-TJ-GLOBAL1-CACHE105[0,TCP_HIT,28]
x-ccdn-cachettl: 31536000
x-svr: IO
content-md5: rEHmPRXojX2b3UJZL//3og==
age: 11297658
x-reqid: TBQAAACGzrY0Kt0W
nginx-hit: 1
content-transfer-encoding: binary
content-disposition: inline; filename="clipboard.min.js"; filename*=utf-8''clipboard.min.js
nginx-vary: Accept-Encoding
content-length: 3281
ohc-cache-hit: tj4ct68 [4], xactcache92 [2], czix92 [2]
last-modified: Wed, 16 May 2018 09:19:03 GMT
server: openresty
etag: "FtJmzzhszH5kkbiQVloa6hUcq4cH.gz"
access-control-max-age: 2592000
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
x-ccdn-expires: 20238342
accept-ranges: bytes
timing-allow-origin: *
x-hcs-proxy-type: 1

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 356ms
354ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=443796454&si=39418dcb8e053c84230016438f4ac86c&v=1.2.97&lv=1&sn=25453&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.ickd.cn%2F&tt=%E5%BF%AB%E9%80%92%E5%8D%95%E5%8F%B7%E6%9F%A5%E8%AF%A2_%E5%BF%AB%E9%80%92%E6%9F%A5%E8%AF%A2API%E6%8E%A5%E5%8F%A3-%E7%88%B1%E6%9F%A5%E5%BF%AB%E9%80%92

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 09:43:13 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 392 KB
157 KB 488ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6Ld8B88ZAAAAAGFahGDOCvgPld5a98mX7WTe1UFh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ickd.cn/
Origin: http://www.ickd.cn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 09:33:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 109ms
50ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ickd.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 109ms
51ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ickd.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0F2 188 KB
55 KB 889ms
872ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3195725015930868&output=html&adk=1812271804&adf=3025194257&lmt=1664876593&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.ickd.cn%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664876593258&bpp=3&bdt=3549&idt=3&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85a0f85ec6c3f758-22f6f8698bd70079%3AT%3D1664876592%3ART%3D1664876592%3AS%3DALNI_MZK7fGzYCdnF2Fb6TTju8edP5AekA&prev_fmts=820x280&nras=1&correlator=6312877788206&frm=20&pv=1&ga_vid=344206501.1664876592&ga_sid=1664876592&ga_hid=1590610993&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44773745%2C21065724&oid=2&pvsid=890513528463681&tmod=881134431&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e695c779de944ef778e8e5dcbc806b04a32057a954bd9ee4629148aa2952857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 56304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:43:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 27d56333ea9ca0a204a7c25b39cc5f7b.png
pic.rmb.bdstatic.com/bjh/news/ 3 KB
3 KB 8ms
8ms Image
image/png 185.10.104.115
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/news/27d56333ea9ca0a204a7c25b39cc5f7b.png
Requested by: Host: cdn.ickd.cn
URL: https://cdn.ickd.cn/www/images/common-388e9dc994.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 2aade5ddd8c8666864e7868e2f06dcc49be10d54fb49103554668e8c72bf8491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

ohc-file-size: 2959
date: Tue, 04 Oct 2022 09:43:13 GMT
content-md5: J9VjM+qcoKIEp8JbOcxfew==
age: 1287085
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 2959
ohc-cache-hit: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache68 [4], bdix68 [2]
last-modified: Fri, 22 Apr 2022 11:28:09 GMT
server: JSP3/2.0.14
etag: "27d56333ea9ca0a204a7c25b39cc5f7b"
x-bce-request-id: ca8fb535-d65c-4d49-9b02-1b3fc0e42f49
content-type: image/png
x-bce-debug-id: cYt79cWPgUkQ0mPh+QsVV7vv48Pd6Brts2NSkDQAidU1Mopq5Js/Io6JQaN8U//bFwg9BXwZJhPj9uL07jtRjQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2435368330
expires: Thu, 22 Sep 2022 11:28:25 GMT

GET
DATA 200
OK truncated
/ Frame 81BF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7731795fc0ebfa7770c9cd0a5c4494c26335a14f72a2367623ebd9c7f95238bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame EFF4 42 KB
22 KB 106ms
75ms Document
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld8B88ZAAAAAGFahGDOCvgPld5a98mX7WTe1UFh&co=aHR0cDovL3d3dy5pY2tkLmNuOjgw&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=1jl17ylymkqn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb70ce30591c266a79ab984dbc5c90a2a328317d66f738397665dcf702670f18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jcQSBA-ZVDbdw9WW472D3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22003
content-security-policy: script-src 'report-sample' 'nonce-jcQSBA-ZVDbdw9WW472D3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:43:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 81BF 28 KB
28 KB 54ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 521909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 08:44:44 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E16 36 KB
16 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 17:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 17:54:43 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame EFF4 52 KB
24 KB 52ms
25ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld8B88ZAAAAAGFahGDOCvgPld5a98mX7WTe1UFh&co=aHR0cDovL3d3dy5pY2tkLmNuOjgw&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=1jl17ylymkqn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 08:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 08:46:45 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame EFF4 392 KB
156 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 09:33:05 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EFF4 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 396185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 06 Oct 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFF4 15 KB
15 KB 47ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 599109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFF4 15 KB
15 KB 50ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 571406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame EFF4 102 B
134 B 24ms
24ms Other
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld8B88ZAAAAAGFahGDOCvgPld5a98mX7WTe1UFh&co=aHR0cDovL3d3dy5pY2tkLmNuOjgw&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=1jl17ylymkqn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 04 Oct 2022 09:43:14 GMT

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 2137ms
288ms Image
text/plain 45.113.192.101
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=http://www.ickd.cn/
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.113.192.101 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:43:16 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/ 151 KB
54 KB 179ms
179ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bfb6e9d9c54fbcc49976caaf6037306c3f096725d462c01e75ee0f51037d20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55036
x-xss-protection: 0
server: cafe
etag: 14032329638911472573
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 09:43:14 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 51ms
51ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ickd.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ickd.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame F09D 10 KB
4 KB 28ms
28ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 23:57:38 GMT
etag: 9671129459699598864
expires: Mon, 17 Oct 2022 23:57:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame 3EE0 10 KB
4 KB 30ms
28ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 23:57:38 GMT
etag: 9671129459699598864
expires: Mon, 17 Oct 2022 23:57:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame F09D 4 KB
636 B 102ms
42ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:23:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Oct 2022 09:43:14 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F09D 205 B
229 B 14ms
13ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:00:34 GMT
x-content-type-options: nosniff
age: 2560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Oct 2023 09:00:34 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F09D 604 B
628 B 14ms
13ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:28:03 GMT
x-content-type-options: nosniff
age: 911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Oct 2023 09:28:03 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame F09D 19 KB
8 KB 94ms
33ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:25:31 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 85DC 624 B
297 B 53ms
53ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_l-DRATAB&v=APEucNW-Caea24g0zonsd8MEFYQ2Ik_OYvcDZ2QXPlucl7Ze56QZkuMA9DU6IoU95kfIMekox0BVclMa-4eWnGx8n1t6zR8kZJ5WJ4FgPaQPdz3XwjB_mwySaiGZUtfiniE5JxUBP8XPdxPTG7-uHIxYf--sZuP-p8qpg34TJNEUsqCUDoODHWE

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:43:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4B98 27 KB
16 KB 87ms
86ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPIlIK70VmY_bDB7FYsF6_NICWD05HnIYGHgFKr0czRVb5HXFx-WR0uZSxMwD6dyWcuVnKHUZfJ7QDB_xT5I0kttFA9uGNUi1dgsHsfKaGvlLcG-35YwJby_si3Tl7i4kPPhE4jvFBUscCiWimQ4mS0lNCxpovAyZiJIxdM3wJLi92ENM&cry=1&dbm_d=AKAmf-Do7_L37teb-JlvniF9Lw0oGn4ttEyqLBxD_lAbKGWieOhUQKRYXpR_fxyOhCx2xkPJANoLhCzHCEDrScaAA69pmNcfn3a8vu6aFZgCdHUgOUr3tkYAx2XJ_Z5XuQUQ85GVc6pp9bovJOECo2-QlpAkK1HxiQu4YlvvnpefwyDwpYmenvdjplAaI-6M4Xqh87mrCkUZ0nk-qf7sm8UwANBwSynfD34lYW9nVxJW1PCNGX1QEMlcuXJ_FEFa4HgjEzVTXlO1oo6oKSxpDq2wYfu-qF8Zk7kT0SH_L9mozLjtqk7Ji16fkEq18kdRLPr_JgrT2lVMoGDbtWxPl2eXShpBDNQcMSpV5_NpfAM-J8F2L-SzEHBFkf6B_YOfrzZHUHQhcSczJmQQ46Q6ux915U58HUsbY6QFuxgVY_aQlXMrBEwp-rETEaeTSkWuSABN3FyeVnScSHMCfY6QNBn00rOA9y3-vDF5E3N4ry-t34Xh-hXJEgaFGL-RMNIxjp2sBhHiD5fAUu-M2QdbP4uXlMe3o5rHvtEW2a9bKT63QZK6NIzu7OTlYWQKQ3VAYDu5DwowosirYGF05i5cSjq_Z7XE98W4lpSv3nebWRmNF4WCwq-_vdfOF30RON9TwDVEp0UNF-ED2NG-z2xTAccJl5I24YqRXJzEiE3svCmMMmorEm4NlZTWWYfgw02wtO454oghDdjHYlksW-QgAqsOTsqv1dio2KPy6-NxdYHXgyEALANUREbWNMDzfERaOkYKeNFrLx7HqCb6TCuttCiLhxoCw2gFoG-McEC94IMxgDwqcCGHQ4VFy971VxKTPPJpnuCIGb8YvloRmcrEbdrG7sstiOFtdme7oJ5yLB4In43GlNQfNiPo9Sl7CsP4KIPn8xKQNaFVUkOhNYk7RZhbJxis3tpCghDE8pLY3cKxUeRKfVQsNFY6MQqWmDtAo6BDmkc-Uu3ajx4v3nvFFya6mHsW86j3CRPGrZbJQaJILpoEDDsYrudB9dZfcUTP3OUiSLagwenRTjGBb1hFionuEqEuM_R4YWNdEe4m-gClWI_bzXp4266Fg_6kQNz07iSnEPDM_fFhmOPrhS29CAjxF2vqym44dutSC--rquuu3_H3Gmp9TaAZlz_PmgERJNutKLB7tzsZSiMiPIvvZriMRVIfmHZlMzU-FeA4mr32bzkddFr2bHIgTbx7NKAqezCZzGr1A1qWm-0PKbinKC8MKA7Hrb7q3boqmoBlyNQR2qWWFIy4zKOgj6d1usEQ85chztNS33HpFY54EjFDTVuZ3cJdAV3fOILPQMhRHdwnckC-bSOduw3kKnLTdHQUNTkp2qYPNtov9k0j9k7XA3j8vEwG3HrGqpcqS2X85F4onDSstvEoWMRwDn9UcU3aAh1eK8sFZDToIAlMGUPbwE2W2NVkfPmXSyUO9QL7hBFjwXM75CLFGsmraxSlXe4XpmgS37AQ5KzYM6jT-kkROQr0YiXiIDulZ6nXw5wZkwlGO3_D6gN0pHen401B17-Z4otB5DVtjvKcGMB2hxFuCEFrzvyLzkrpmWhR7UaNQ2BO-VqH-21hVAnJo6ewOYQ213pLNAssFYKx3qTMLfKdrO8Ligh3Do08emeqGrsTEEov9eDs1hj-LL2aGFw6-RRmzov9zLVgQ04NB9YPrMW8zwTNAMRciMhM4RWS1doOPM_GM6QnH5IAHkSCueBJle4jF87cMvHdazrP4MlxZraKvuLksJ-3Z6uvfTbOp6NlyzQ-sWcUdFYa_pAbhTs5lT4-KGJgbwrZVm7ff75Nvbez4Qi3RzDpPxuhhilKK9WrJDvpi5DyF2TSu7GxK5ZWvUlPhdHCyGVekCKu6e1ZtrBkAyZh5fzHz2e8CcGzoPDGhbv4IAHIiJLOuGWzJza7QxjJ_uvJ1QeuWXRkMquzVjUSnkJX1eUGLRzl1xHGkHsjiAA5ouaEBJOaddz07zwRnvNm8tBF0n0U0IVnn0z_QJuLAfl6ryrmaPXxa-2AnouPb8Z2T4UKMwfQMrVq5zVSf45Isg838Vep-2QFrZhHNYvlovsZlw73Ql4V4wbYIa63JzzHQGBbdmaKDMy9zQVQclOvgnshfVxC3OIC8aOvav4mov_8s6AHRRTwWtKpvUEYJFA8tmpTJorvdNL1PfzfXd7CrYd4Vc6NDJ73DY0vgxgrtnWHvfxso_Lew9vMfagovpsKhO0d9pDTO8YEt4Nidj2SfhMRPZhVRpQDgH4QoKOmXxrp7Sxl9fyi_4E20dd_Nk0VbFxNg1N9042zBG9u4BzUaQVYKzmju9Uoxk8iFEPq8FB2NALi52KFK6mrBNMoYespWp1MrFsKV8T_WjHu0N_VH7w8ym5AL6H3qo_yTrE5yXPfwOONjjGQOeM44yHdlj43aszMWJf5KCe9I093HTSIex0RwrHo3R4a22LUw5d4lLs7iVf5IYY0UA9FKvLCYMQLUdAsbdsVHbMiKMqKSa_DOzW_LgqskTSokRwolhyd6-kuqRHID8uVjX3ZxbPnTnlyE4WdFrMm2LP7hWCtTOe4qoVXKEvBlOg_HjJ1fvhgQw-NSnL1Ni-9dIEabI1ExC3RL_cjPA0mISbC1oe31EbvHlu450sFB5QQBs66j37F7BDc9Y-Hn4JGbHiSZvaa94h0MZgnFx0epmBdDLj9v4nOqBCpy2eZ9QmBgcrK4rvuD5-LfdnidUJTn3oxGB3y6hgM_1yjsVTN3V004MhUqmgwjfL23cj_mcDacT-kA-PFeyFfwIQg-ykaGUkHliJ0gnbIGi3d6__fQPAuaNVwUr1KfuUudu5-ir7iZwuG1_ZQUj45k2EdFORjHBlqkP0_9VR3e2L_LKodSlOv0lWC24G_wumNPQJaMoxoMloB5NNXlas_rXFeRrdQLgoUJHZDG8Z53xsBrBktBrdJhRlB9ZKgYk7z8J9sfN3Y7K2JRWwFwP2sammOQEf2nVjTXipIY1T6IhVgCUBWPO0V9iQczoLQ8uCWG8PU0bdkZdNjgtJeH7H-Caig0kcenKIJGlwDDmgk5h13V8y23ucEm7BmICWJI571YYUQEOZEnCgDYA7FmtN_VycJCgpMCIh655sGE2WQ-B6iPCuXuSm1RaqkBxBi1_611pH64AZ6Dd61nFaq8m4eJgEn04Nxy2LpZahrt9UStvl3tBNY5Q28SDEcB3MD-SuDO9MoEflhygXUYzPRM4ZaOVBeGXP8PAPR-rYOtQ1ScblyVQz1FWWRNLg0_Xqt-T3Qd-NZtrqOfI9r3HVHtoa7gL1kymmT6Sq4QwHerVj7T5M_baEGXMroqhfZUWeWtMZVUrkOTgNt98lltwLsSeeyilq9OGk4Aw&cid=CAASJeRoUqakmIYtBIa7QeJ1vfv_cQ3Rh8othxg7aPZiYGwAlcV4874&rfl=2%2Chttp%253A%252F%252Fwww.ickd.cn%252F%240

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67df85f68de5f600af6bbc31cc9481affc47515f34da08cd1fcbeb92987cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16636
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 4B98 2 KB
1 KB 59ms
7ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688591&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0hJRngQUEnguCWCrEjjB434&c1=3060631&auorder=1008947089&aulitem=18146614290&aucrtv=439880703&auxch=1&pltfrm=1&ausite=38881320727&turl=http://www.ickd.cn/&aubndl=&audeal=
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:19:47 GMT
Server: Microsoft-IIS/10.0
ETag: "f128ce2aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4B98 8 KB
4 KB 60ms
8ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0hJRngQUEnguCWCrEjjB434&c1=3060631&auorder=1008947089&aulitem=18146614290&aucrtv=439880703&auxch=1&pltfrm=1&ausite=38881320727&turl=http://www.ickd.cn/&aubndl=&audeal=
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:59:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fc3bc740ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 4B98 3 KB
1 KB 63ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:04:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 4B98 17 KB
7 KB 64ms
29ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:23:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4B98 0
0 132ms
51ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMTRMP2OWvYURTvY1uI99dM34dS7dTK-5EZg9TpFUgZ_isiLe55sOFldlFwxD_Q_OWv4rcpNEbQoF6ulF8l2gQv4WckA
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B98 141 KB
44 KB 78ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 09:43:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B98 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_Tiq1ZJj2bN7eSMN-l1htBjg30z_BnkVYe0uvkOCGK_ghfSQXePc6YdT4NmFtthNvzRmwMcbdAVJtBAA1gq_rzhc3ALcpLGk5dKaoW31JhNOr2gA

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 85DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1

43 B
842 B

44ms
40ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_l-DRATAB&v=APEucNW-Caea24g0zonsd8MEFYQ2Ik_OYvcDZ2QXPlucl7Ze56QZkuMA9DU6IoU95kfIMekox0BVclMa-4eWnGx8n1t6zR8kZJ5WJ4FgPaQPdz3XwjB_mwySaiGZUtfiniE5JxUBP8XPdxPTG7-uHIxYf--sZuP-p8qpg34TJNEUsqCUDoODHWE
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u60ve5gfTRsArCDAz7uxKa4S0vQhAcqS%2BpGxTB3%2B9yAn8StxsNe0HsPkBL65cQDK2TS%2FlO4jS6BXt%2B4E189pAJYctq5YhODavUJBRHisuPU7j90b1Rbtm68LkOXzMIOhFiGZrPFtV3bVqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 754cf8df0b27906d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 85DC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzwAM.nLQgeWA.ysTZ30bQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1&google_hm=2

43 B
842 B

25ms
24ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_l-DRATAB&v=APEucNW-Caea24g0zonsd8MEFYQ2Ik_OYvcDZ2QXPlucl7Ze56QZkuMA9DU6IoU95kfIMekox0BVclMa-4eWnGx8n1t6zR8kZJ5WJ4FgPaQPdz3XwjB_mwySaiGZUtfiniE5JxUBP8XPdxPTG7-uHIxYf--sZuP-p8qpg34TJNEUsqCUDoODHWE
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPfjMjNeLWgYo4%2BStWljmHBLeajqFJS1CSi3ulk5iLOSbX%2BBPM0M8z4oTyZZ6Ujm9iVUcn6tMVwAQO4IDqZhQ1k00smya2saL%2FWAbY%2BxRY2tNlATailAes0bhKKWQZO3triB5yJdy4tVnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 754cf8df8c33906d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZ6_nYYqHNXt2eqLUE0r8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 85DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGBnwo0khv22TgicBlLGnLY&google_cver=1

43 B
1020 B

18ms
13ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGBnwo0khv22TgicBlLGnLY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj_l-DRATAB&v=APEucNW-Caea24g0zonsd8MEFYQ2Ik_OYvcDZ2QXPlucl7Ze56QZkuMA9DU6IoU95kfIMekox0BVclMa-4eWnGx8n1t6zR8kZJ5WJ4FgPaQPdz3XwjB_mwySaiGZUtfiniE5JxUBP8XPdxPTG7-uHIxYf--sZuP-p8qpg34TJNEUsqCUDoODHWE

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 09:43:15 GMT
AN-X-Request-Uuid: a61b01d3-e4be-4b92-bef4-6b17792eed6e
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGBnwo0khv22TgicBlLGnLY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85DC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIwMTk2Njk2OTk2ODIxNTg4Mg%3D%3D

170 B
188 B

63ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIwMTk2Njk2OTk2ODIxNTg4Mg%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 09:43:15 GMT
AN-X-Request-Uuid: f6585a03-5655-4e47-b50f-9bc6e85df246
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIwMTk2Njk2OTk2ODIxNTg4Mg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81BF 42 B
64 B 77ms
48ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYDeaTyPIPge0sD3qC8nh00XZg133fP7t22l335z_wKOXop1btl2rPZIgAtJ3kc4Oc7R7O36-dEBs46q8ltQGj_boZn6tCCmuvYKVxV6CpJfKTNHqzmtMJ3iunDOkFGtrPV-JnnA&sai=AMfl-YTVXbxK0fSV0YvQnDm0CYyau3Tm64mBOkvnhGXtnpCMEEXlvac994RB4AhxahwOd_3avorJfF8CpNlViWc&sig=Cg0ArKJSzE_CaSdAhQipEAE&id=lidar2&mcvt=1006&p=0,0,280,820&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3234390824&rs=2&la=0&cr=0&vs=4&r=v&rst=1664876592228&rpt=1724&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 41C2 8 KB
895 B 46ms
45ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 09:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 08:21:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Oct 2022 09:43:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 41C2 2 KB
902 B 32ms
32ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:32:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 41C2 23 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:41:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 41C2 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:04:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 41C2 17 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:23:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 41C2 0
0 50ms
48ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIe_hzsEwOmKJcdd6VH5tD0OdkePTV04W22K6aw1CKMURRstbpsMoYxbufeJOVRawbuZin_gIjhHi2E4fMkFQ3z19wNw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41C2 141 KB
44 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44883
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664796838458510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 09:43:15 GMT

GET
H3 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame 41C2 32 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 11:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Jan 2023 11:54:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 4B98 30 KB
11 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPIlIK70VmY_bDB7FYsF6_NICWD05HnIYGHgFKr0czRVb5HXFx-WR0uZSxMwD6dyWcuVnKHUZfJ7QDB_xT5I0kttFA9uGNUi1dgsHsfKaGvlLcG-35YwJby_si3Tl7i4kPPhE4jvFBUscCiWimQ4mS0lNCxpovAyZiJIxdM3wJLi92ENM&cry=1&dbm_d=AKAmf-Do7_L37teb-JlvniF9Lw0oGn4ttEyqLBxD_lAbKGWieOhUQKRYXpR_fxyOhCx2xkPJANoLhCzHCEDrScaAA69pmNcfn3a8vu6aFZgCdHUgOUr3tkYAx2XJ_Z5XuQUQ85GVc6pp9bovJOECo2-QlpAkK1HxiQu4YlvvnpefwyDwpYmenvdjplAaI-6M4Xqh87mrCkUZ0nk-qf7sm8UwANBwSynfD34lYW9nVxJW1PCNGX1QEMlcuXJ_FEFa4HgjEzVTXlO1oo6oKSxpDq2wYfu-qF8Zk7kT0SH_L9mozLjtqk7Ji16fkEq18kdRLPr_JgrT2lVMoGDbtWxPl2eXShpBDNQcMSpV5_NpfAM-J8F2L-SzEHBFkf6B_YOfrzZHUHQhcSczJmQQ46Q6ux915U58HUsbY6QFuxgVY_aQlXMrBEwp-rETEaeTSkWuSABN3FyeVnScSHMCfY6QNBn00rOA9y3-vDF5E3N4ry-t34Xh-hXJEgaFGL-RMNIxjp2sBhHiD5fAUu-M2QdbP4uXlMe3o5rHvtEW2a9bKT63QZK6NIzu7OTlYWQKQ3VAYDu5DwowosirYGF05i5cSjq_Z7XE98W4lpSv3nebWRmNF4WCwq-_vdfOF30RON9TwDVEp0UNF-ED2NG-z2xTAccJl5I24YqRXJzEiE3svCmMMmorEm4NlZTWWYfgw02wtO454oghDdjHYlksW-QgAqsOTsqv1dio2KPy6-NxdYHXgyEALANUREbWNMDzfERaOkYKeNFrLx7HqCb6TCuttCiLhxoCw2gFoG-McEC94IMxgDwqcCGHQ4VFy971VxKTPPJpnuCIGb8YvloRmcrEbdrG7sstiOFtdme7oJ5yLB4In43GlNQfNiPo9Sl7CsP4KIPn8xKQNaFVUkOhNYk7RZhbJxis3tpCghDE8pLY3cKxUeRKfVQsNFY6MQqWmDtAo6BDmkc-Uu3ajx4v3nvFFya6mHsW86j3CRPGrZbJQaJILpoEDDsYrudB9dZfcUTP3OUiSLagwenRTjGBb1hFionuEqEuM_R4YWNdEe4m-gClWI_bzXp4266Fg_6kQNz07iSnEPDM_fFhmOPrhS29CAjxF2vqym44dutSC--rquuu3_H3Gmp9TaAZlz_PmgERJNutKLB7tzsZSiMiPIvvZriMRVIfmHZlMzU-FeA4mr32bzkddFr2bHIgTbx7NKAqezCZzGr1A1qWm-0PKbinKC8MKA7Hrb7q3boqmoBlyNQR2qWWFIy4zKOgj6d1usEQ85chztNS33HpFY54EjFDTVuZ3cJdAV3fOILPQMhRHdwnckC-bSOduw3kKnLTdHQUNTkp2qYPNtov9k0j9k7XA3j8vEwG3HrGqpcqS2X85F4onDSstvEoWMRwDn9UcU3aAh1eK8sFZDToIAlMGUPbwE2W2NVkfPmXSyUO9QL7hBFjwXM75CLFGsmraxSlXe4XpmgS37AQ5KzYM6jT-kkROQr0YiXiIDulZ6nXw5wZkwlGO3_D6gN0pHen401B17-Z4otB5DVtjvKcGMB2hxFuCEFrzvyLzkrpmWhR7UaNQ2BO-VqH-21hVAnJo6ewOYQ213pLNAssFYKx3qTMLfKdrO8Ligh3Do08emeqGrsTEEov9eDs1hj-LL2aGFw6-RRmzov9zLVgQ04NB9YPrMW8zwTNAMRciMhM4RWS1doOPM_GM6QnH5IAHkSCueBJle4jF87cMvHdazrP4MlxZraKvuLksJ-3Z6uvfTbOp6NlyzQ-sWcUdFYa_pAbhTs5lT4-KGJgbwrZVm7ff75Nvbez4Qi3RzDpPxuhhilKK9WrJDvpi5DyF2TSu7GxK5ZWvUlPhdHCyGVekCKu6e1ZtrBkAyZh5fzHz2e8CcGzoPDGhbv4IAHIiJLOuGWzJza7QxjJ_uvJ1QeuWXRkMquzVjUSnkJX1eUGLRzl1xHGkHsjiAA5ouaEBJOaddz07zwRnvNm8tBF0n0U0IVnn0z_QJuLAfl6ryrmaPXxa-2AnouPb8Z2T4UKMwfQMrVq5zVSf45Isg838Vep-2QFrZhHNYvlovsZlw73Ql4V4wbYIa63JzzHQGBbdmaKDMy9zQVQclOvgnshfVxC3OIC8aOvav4mov_8s6AHRRTwWtKpvUEYJFA8tmpTJorvdNL1PfzfXd7CrYd4Vc6NDJ73DY0vgxgrtnWHvfxso_Lew9vMfagovpsKhO0d9pDTO8YEt4Nidj2SfhMRPZhVRpQDgH4QoKOmXxrp7Sxl9fyi_4E20dd_Nk0VbFxNg1N9042zBG9u4BzUaQVYKzmju9Uoxk8iFEPq8FB2NALi52KFK6mrBNMoYespWp1MrFsKV8T_WjHu0N_VH7w8ym5AL6H3qo_yTrE5yXPfwOONjjGQOeM44yHdlj43aszMWJf5KCe9I093HTSIex0RwrHo3R4a22LUw5d4lLs7iVf5IYY0UA9FKvLCYMQLUdAsbdsVHbMiKMqKSa_DOzW_LgqskTSokRwolhyd6-kuqRHID8uVjX3ZxbPnTnlyE4WdFrMm2LP7hWCtTOe4qoVXKEvBlOg_HjJ1fvhgQw-NSnL1Ni-9dIEabI1ExC3RL_cjPA0mISbC1oe31EbvHlu450sFB5QQBs66j37F7BDc9Y-Hn4JGbHiSZvaa94h0MZgnFx0epmBdDLj9v4nOqBCpy2eZ9QmBgcrK4rvuD5-LfdnidUJTn3oxGB3y6hgM_1yjsVTN3V004MhUqmgwjfL23cj_mcDacT-kA-PFeyFfwIQg-ykaGUkHliJ0gnbIGi3d6__fQPAuaNVwUr1KfuUudu5-ir7iZwuG1_ZQUj45k2EdFORjHBlqkP0_9VR3e2L_LKodSlOv0lWC24G_wumNPQJaMoxoMloB5NNXlas_rXFeRrdQLgoUJHZDG8Z53xsBrBktBrdJhRlB9ZKgYk7z8J9sfN3Y7K2JRWwFwP2sammOQEf2nVjTXipIY1T6IhVgCUBWPO0V9iQczoLQ8uCWG8PU0bdkZdNjgtJeH7H-Caig0kcenKIJGlwDDmgk5h13V8y23ucEm7BmICWJI571YYUQEOZEnCgDYA7FmtN_VycJCgpMCIh655sGE2WQ-B6iPCuXuSm1RaqkBxBi1_611pH64AZ6Dd61nFaq8m4eJgEn04Nxy2LpZahrt9UStvl3tBNY5Q28SDEcB3MD-SuDO9MoEflhygXUYzPRM4ZaOVBeGXP8PAPR-rYOtQ1ScblyVQz1FWWRNLg0_Xqt-T3Qd-NZtrqOfI9r3HVHtoa7gL1kymmT6Sq4QwHerVj7T5M_baEGXMroqhfZUWeWtMZVUrkOTgNt98lltwLsSeeyilq9OGk4Aw&cid=CAASJeRoUqakmIYtBIa7QeJ1vfv_cQ3Rh8othxg7aPZiYGwAlcV4874&rfl=2%2Chttp%253A%252F%252Fwww.ickd.cn%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:41:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B98 41 KB
15 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H/1.1 200
OK dvbs_src_internal109.js Show response
cdn.doubleverify.com/ Frame 4B98 59 KB
19 KB 11ms
7ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688591&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0hJRngQUEnguCWCrEjjB434&c1=3060631&auorder=1008947089&aulitem=18146614290&aucrtv=439880703&auxch=1&pltfrm=1&ausite=38881320727&turl=http://www.ickd.cn/&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:43:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:20:14 GMT
Server: Microsoft-IIS/10.0
ETag: "03bb312aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19455

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FDD 143 B
166 B 34ms
33ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:37:00 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8504 1 KB
749 B 14ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 15:14:25 GMT
etag: 48472445140208031
expires: Tue, 04 Oct 2022 15:14:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0972 22 KB
8 KB 28ms
28ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 56647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 17:59:08 GMT
expires: Tue, 03 Oct 2023 17:59:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 4B98 1 KB
896 B 212ms
29ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_932683851595&jsTagObjCallback=__tagObject_callback_932683851595&num=6&ctx=1828362&cmp=189093&plc=6688591&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=932683851595&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=106&bridua=3&dup=null&ppid=103&auevent=ABAjH0hJRngQUEnguCWCrEjjB434&aucrtv=439880703&auorder=1008947089&ausite=38881320727&auxch=1&aulitem=18146614290&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=http://www.ickd.cn/&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5D%3A4%3C5%5D4%3FTauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5D%3A4%3C5%5D4%3FTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=9.40&aubndl=&audeal=&callbackName=__verify_callback_932683851595
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 2fd7d2ef96b66a0dc89bd35b66668843113e91e49f4952d5b87619650f7dda46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 09:43:15 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/03/2022 09:43:15

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8504
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cGdZWFNUblQxT0ZFc2o1&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&google_cver=1&google_push=AZmPxg-T55nfWUC_EpyA8QxfW0XaxN_ee8hurtzOinf1D-z...

170 B
188 B

29ms
28ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cGdZWFNUblQxT0ZFc2o1&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&google_cver=1&google_push=AZmPxg-T55nfWUC_EpyA8QxfW0XaxN_ee8hurtzOinf1D-zmNrfd0w_2sSvr4fsvMwlXErTmrSIX4qzEEDyPtXcxCbwQqPjyKxpSUA

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 09:43:14 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cGdZWFNUblQxT0ZFc2o1&google_gid=CAESECGL_WJ_SxLB4XsDcfiTImE&google_cver=1&google_push=AZmPxg-T55nfWUC_EpyA8QxfW0XaxN_ee8hurtzOinf1D-zmNrfd0w_2sSvr4fsvMwlXErTmrSIX4qzEEDyPtXcxCbwQqPjyKxpSUA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8504 0
172 B 56ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG6KZds1coQ1ET0h69ZgQ-8&google_cver=1&google_push=AZmPxg8we_GY1_X59oMMrId6nBxaywt3ZVmSbMi3IgkqvfqKDG9bO-RAp3FmdtKVykqBsgdIzKzwpPX3PCQEjiT1WGqS2p2y37B83A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8504
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOmBPHoTMwppxWo3y52jzR4&google_cver=1&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzYhq0U0E...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOmBPHoTMwppxWo3y52jzR4&google_cver=1&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzY...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=cb585cad-005a-43fc-86a6-a0dfddc97bd8
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=cb585cad-005a-43fc-86a6-a0dfddc97bd8
https://x.bidswitch.net/sync?dsp_id=4&user_id=ae60f9dc-5da2-45b5-852f-f6cc411f78df&ssp=google&expires=30&user_group=5&bsw_param=cb585cad-005a-43fc-86a6-a0dfddc97bd8
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzYhq0U0E5zZDVwqJyA&google_hm=y1hcrQBaQ_yGpqDf3cl72A==

170 B
188 B

24ms
23ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzYhq0U0E5zZDVwqJyA&google_hm=y1hcrQBaQ_yGpqDf3cl72A==

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_btbhSvqqRUgNKtv1PRBVd-w8CiRziTeZ6nyvNeTEJmeEBbQJNYOZKWL2xqHbOX83bYk9TnpX8ILjZzYhq0U0E5zZDVwqJyA&google_hm=y1hcrQBaQ_yGpqDf3cl72A==
Date: Tue, 04 Oct 2022 09:43:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8504
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF_cCKChnnjIAH9FvBzLtNE&google_cver=1&google_push=AZmPxg-kE5050Gk723CFJNhN-ovA-kmdZr92qj79t-AqknFHMtlZAY8JDcOBOlFNAArkkKQA7YePtWoyX9eDxhxf...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-kE5050Gk723CFJNhN-ovA-kmdZr92qj79t-AqknFHMtlZAY8JDcOBOlFNAArkkKQA7YePtWoyX9eDxhxfSYU-RgNoR6gK6g

170 B
188 B

24ms
23ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-kE5050Gk723CFJNhN-ovA-kmdZr92qj79t-AqknFHMtlZAY8JDcOBOlFNAArkkKQA7YePtWoyX9eDxhxfSYU-RgNoR6gK6g

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 Oct 2022 09:43:15 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-kE5050Gk723CFJNhN-ovA-kmdZr92qj79t-AqknFHMtlZAY8JDcOBOlFNAArkkKQA7YePtWoyX9eDxhxfSYU-RgNoR6gK6g
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 5TYia2-q7zW3flZRFbd-AsmgSI_ALYnxCGq8E0n3eWyDE4oFrDkkfw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8504
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPWZH_iAjffEtPRBBCIUxJQ&google_cver=1&google_push=AZmPxg8-mEHa5RjNNQckekQndlq2XIjhX8Viy__Fcxi36ULPxQdZ6LFdeT6pEN2GNJueTP0JkX6cXhK-93lb...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8-mEHa5RjNNQckekQndlq2XIjhX8Viy__Fcxi36ULPxQdZ6LFdeT6pEN2GNJueTP0JkX6cXhK-93lbWGnKmz9jI47XWpLkXw

170 B
188 B

27ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8-mEHa5RjNNQckekQndlq2XIjhX8Viy__Fcxi36ULPxQdZ6LFdeT6pEN2GNJueTP0JkX6cXhK-93lbWGnKmz9jI47XWpLkXw

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8-mEHa5RjNNQckekQndlq2XIjhX8Viy__Fcxi36ULPxQdZ6LFdeT6pEN2GNJueTP0JkX6cXhK-93lbWGnKmz9jI47XWpLkXw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET googleredir
googlecm.hit.gemius.pl/ Frame 8504 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 8504
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPWZH_iAjffEtPRBBCIUxJQ&google_cver=1&google_push=AZmPxg-h3x852SMdBVl10SugUIukc32jdd9eC0KEGg_T2FPYudOjEmfnwO-B2LBJlrjD1kYLcSE7ICyxtRU...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-h3x852SMdBVl10SugUIukc32jdd9eC0KEGg_T2FPYudOjEmfnwO-B2LBJlrjD1kYLcSE7ICyxtRUzqsW1CBzrEe22Q0PnULE
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

15ms
15ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8504 0
12 B 27ms
23ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JG1oV8fuxm_oiuedvVyYAALyD2xZEVl29NgfyhBceRGLd-DQWC13DJt7Ac5BcqfGLeJydSkwo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FDD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
63ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:43:15 GMT
expires: Tue, 04 Oct 2022 09:43:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:43:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F4E 36 KB
16 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: www.ickd.cn
URL: http://www.ickd.cn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 17:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 17:54:43 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0972 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 17:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 17:54:43 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 4B98 28 KB
11 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10831
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 04 Oct 2022 10:26:54 GMT

GET
H3 200 impl_v91.js Show response
www.googletagservices.com/dcm/ Frame 4B98 61 KB
23 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v91.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 13:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23646
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 13:36:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0972 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjNjuMgA8Y6uvOdq99u8PgPGVmAEAAAAAOAHgBAI&bg=!Hh2lHVnNAAYQgTJdMIE7ACkAdvg8WtCO2VjWpRJFKYoqxoI47FasOgHDadmjSG2dzryP_1YhTqeY_wIAAABlUgAAAAJoAQeZAuwD5pl5O59Q3tVsgKm1HyoThYSJP7JT7pysBV1Gd1KgAMqA0HJCZb5QDtgAxGAW7_Gpl2h__-kcWeqT_nJm-hgS2VBq3zFHFkrn4PDufWWCCBSjvjEq6M41bcndbDsvKZKOE9zmsqh-2MICh5ID0yzaBEGKy7E8yB6hy4k8JtdTFlfHWWkWdO9lcIVdHcAuE3ZF39HsMK8lPhbqr_6e9tU5tkPrK9s4ZBlrb3PYgdTKf50wxQzNkXlwCuzLu7KmSFfUz1NjIJFq-ccM0Cl-AHg47Zy-AzYIFcePztqrkl7sLS2fRxNEARuojmgqNJovMl2WI7Tbu8VFaNMYDs14-00lMfJqKqIaZq-sqGWIy5f0_mNMllaQxD7MMGQPeEmy-1AXNRARqnL9bQwNrsFJ4bZAo3Kd4UZrUqHT_Q9nHXAOInkQkEco1xa-s6oykbpmuMThLXqkkUqXnC4-7-ivxykDMzZeaktM4ThiU0jHFtOz_RKdRGMQTgzLvQmAHiK6AQorbzph7Stfchk3qRy1VLnxocsu0sAje9fimf31uuQ1IDufKDQ7wDwymfJfVCQFAa68Dffyynxr4xwyc7zdzIuRX53v-ckuZpIhykF4fvaNXBdiDukmOs0ArrgbjvBHu81jyWTbauO6LiDWhKKMXVtBVvTPr2HK5dYRjY2qlvyjesn1pX2KW5cLCAwzBU7AVO82Qw_otgmXmQECXrJLJqY4jRGIrjTqWBXTXw7PKgQ-W3eQAiXC7KuRIuj3MMmh9QnuAu7LoejCo2X3GC7tF0YsNtO6FaEQ94TsNsQq7ZlsIgNGsCh7WittT6jco9DkEbvc0X1FVXHELbBGoxR3VM-pABbcVq00n5KLhOrBmhxtk7bfkPbpVTJTc8kDu5sVHgtptLdtXA8Lq4hWb9A6KN1euA6NB9UNWMLdP6uRoe-Vk33VX1Bz0PxvQs3cRGMi2b7QWmkmeIBpqSWiD7hW8XNOnBFkophqvvGCaoYv

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B9689862.280630144;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=521587881;ord=3t7t2d;dc_rfl=2,http%3A%2F%2Fwww.ickd.cn%2F$0;xdt=1;crlt=t4i.b1PiE);stc=1;sttr=28;prcl=s Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 4B98 56 KB
26 KB 111ms
56ms Script
text/javascript 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=521587881;ord=3t7t2d;dc_rfl=2,http%3A%2F%2Fwww.ickd.cn%2F$0;xdt=1;crlt=t4i.b1PiE);stc=1;sttr=28;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e6fed762dfc9c91ee723d50f78ca40eb2f7ebcf090b1e40cb17f42e2c23efec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25902
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 4B98 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=521587881;ord=3t7t2d;dc_rfl=2,http%3A%2F%2Fwww.ickd.cn%2F$0;xdt=1;crlt=t4i.b1PiE);stc=1;sttr=28;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 09:36:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B98 0
259 B 66ms
51ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvKR290SXipjWCfsrQS_t61486rdxTDD8-e4I5SZNv-LktWxpL0JCQGk_asaO0P9ratPq3wD5TRgNkdQ5D-2oAZThmxIn7MUjClFDeNMzI0gIJIeOfoVCdVTHvou2bFDBaK8E0sGSxk-vrMf-WXqT0QLazCw&sig=Cg0ArKJSzM5CIAShC1gWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220928.93574&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 16962963768266320094
s0.2mdn.net/simgad/ Frame 4B98 33 KB
34 KB 67ms
16ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16962963768266320094

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:37:17 GMT
x-content-type-options: nosniff
age: 342358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34175
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:29:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 10:37:17 GMT

GET
H/1.1 200
OK dv-measurements3094.js Show response
cdn.doubleverify.com/ Frame A47E 545 KB
105 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3094.js
Requested by: Host: www.ickd.cn
URL: http://www.ickd.cn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 09:43:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 19:04:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0cf338991cbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106974

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1B7F 1 KB
749 B 13ms
12ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 15:14:25 GMT
etag: 48472445140208031
expires: Tue, 04 Oct 2022 15:14:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B98 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01c245392d251252062d619dcd4b5b01090694cb6796a86b4b68b42332774616

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AE5F 22 KB
8 KB 28ms
28ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 56647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 17:59:08 GMT
expires: Tue, 03 Oct 2023 17:59:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B7F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEABCQ2eop0cca4KYRyPU9x0&google_cver=1&google_push=AZmPxg91hL0RetflzYTHkamVAX5sBLdeGwsRFa_hg4VK0jcdPXQVVIH0Jop2QZClihsshp6s0SwWJU3MDTcz1uuUR2IcPmw1bYX_Tbo
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F572B210068B404A822C8362678B6D8B&google_push=AZmPxg91hL0RetflzYTHkamVAX5sBLdeGwsRFa_hg4VK0jcdPXQVVIH0Jop2QZClihsshp6s0SwWJU3MDTcz1uu...

170 B
188 B

26ms
26ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F572B210068B404A822C8362678B6D8B&google_push=AZmPxg91hL0RetflzYTHkamVAX5sBLdeGwsRFa_hg4VK0jcdPXQVVIH0Jop2QZClihsshp6s0SwWJU3MDTcz1uuUR2IcPmw1bYX_Tbo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 Oct 2022 09:43:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F572B210068B404A822C8362678B6D8B&google_push=AZmPxg91hL0RetflzYTHkamVAX5sBLdeGwsRFa_hg4VK0jcdPXQVVIH0Jop2QZClihsshp6s0SwWJU3MDTcz1uuUR2IcPmw1bYX_Tbo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 03 Oct 2022 09:43:15 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1B7F 0
191 B 103ms
40ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOrksS_dslU5c49YqBKj5e4&google_cver=1&google_push=AZmPxg-7xxZE3jmZsJA9je00FYe-LPaxcL6zWVPUNfRIiY-vUS3AtbNYchqIldh1R333ObZ4Wuyc3pgrwF6adPWet6IRb8t5gucjvfs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B7F
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG6KZds1coQ1ET0h69ZgQ-8&google_cver=1&google_push=AZmPxg_zAOYJDHGfq83tIxKYxepm0jOJHpps9wjhkRYR89gQtNVhLEgU44gBJYiRQoUiWo0qYw1SZZIv51-v0k...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_zAOYJDHGfq83tIxKYxepm0jOJHpps9wjhkRYR89gQtNVhLEgU44gBJYiRQoUiWo0qYw1SZZIv51-v0kxndqjmXvOuMq8SOeU&google_hm=hmM8ADNzBBVZIp...

170 B
188 B

27ms
26ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_zAOYJDHGfq83tIxKYxepm0jOJHpps9wjhkRYR89gQtNVhLEgU44gBJYiRQoUiWo0qYw1SZZIv51-v0kxndqjmXvOuMq8SOeU&google_hm=hmM8ADNzBBVZIpnnmg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D633C0033730415592299E79ABLIS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AZmPxg_zAOYJDHGfq83tIxKYxepm0jOJHpps9wjhkRYR89gQtNVhLEgU44gBJYiRQoUiWo0qYw1SZZIv51-v0kxndqjmXvOuMq8SOeU&google_hm=hmM8ADNzBBVZIpnnmg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D633C0033730415592299E79ABLIS
date: Tue, 04 Oct 2022 09:43:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B7F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN-0TcN0XM0hOW0wfF5vKaQ&google_cver=1&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCRdqBkr...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN-0TcN0XM0hOW0wfF5vKaQ&google_cver=1&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg5NDMzNzczNTU1NjIyNDE3Mw&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCRdqB...

170 B
188 B

24ms
24ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg5NDMzNzczNTU1NjIyNDE3Mw&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCRdqBkrptmWHP_OBzwja-tRZtCQoOg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg5NDMzNzczNTU1NjIyNDE3Mw&google_push=AZmPxg9Z2703i9Jx9ckQ7S7mdTGKa0jl_1HejSikccYibF36EIpFbT8Qv2Cf8JgXLvZa_TnReCRdqBkrptmWHP_OBzwja-tRZtCQoOg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1B7F 0
166 B 542ms
12ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGK0gx60fLnF8XfyYrTsbks&google_cver=1&google_push=AZmPxg8fZJEJ2H1p6WenVhXt2uNRIaeYmssDEvki_ZLK_r5MPXu7qEh4e-8oeEOqMl1b6QHqFxYQkigIqf2JeSfhJNNSEM-hZpA0OKM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 04 Oct 2022 09:43:15 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B7F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPQv8OQXL72yCQw1-egW5pE&google_cver=1&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-DWWnmi52P472Mp2LRmAcLu-unbx7MJJoR0K54N3SjT...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-DWWnmi52P472Mp2LRmAcLu-unbx7MJJoR0K54N3SjTl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0NzcwNTQyMDIzODYzNDMyMzY0NQ%3D%3D&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-...

170 B
188 B

25ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0NzcwNTQyMDIzODYzNDMyMzY0NQ%3D%3D&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-DWWnmi52P472Mp2LRmAcLu-unbx7MJJoR0K54N3SjTlLP8s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0NzcwNTQyMDIzODYzNDMyMzY0NQ%3D%3D&google_push=AZmPxg_C6Tu9ogQF4ERr9p-QMtSLPos3CeXLGyDuCgrggvrsasC_h_U-DWWnmi52P472Mp2LRmAcLu-unbx7MJJoR0K54N3SjTlLP8s
date: Tue, 04 Oct 2022 09:43:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B7F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENaAYDIUisxnNq52RdU0_Rs&google_cver=1&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3JpxiuuvIjjkwOS4vV7O...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENaAYDIUisxnNq52RdU0_Rs&google_cver=1&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3JpxiuuvIjjkwOS4vV7O...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01WjBVdEpaRTJ1RVVWaUVuVmE1MmVNeXVQUFRmRXQ2Qn5B&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3Jp...

170 B
188 B

24ms
23ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01WjBVdEpaRTJ1RVVWaUVuVmE1MmVNeXVQUFRmRXQ2Qn5B&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3JpxiuuvIjjkwOS4vV7Ojx5WGeiZJWuBm-nPJJxfGxhBfybGQ6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01WjBVdEpaRTJ1RVVWaUVuVmE1MmVNeXVQUFRmRXQ2Qn5B&google_push=AZmPxg-VLYxiLc9Dn_wUgIzMMSWTpsUaTGltVGc7v5tymQtg1tEtFN3JpxiuuvIjjkwOS4vV7Ojx5WGeiZJWuBm-nPJJxfGxhBfybGQ6
date: Tue, 04 Oct 2022 09:43:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1B7F 0
12 B 23ms
22ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ih8Ye5yxk7wfuZKFXUSJonGiGbpSALp9DVAmnT5UK57odQuOnqjFaaQLXQP0Z29se1BOU8aA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame A47E 694 B
683 B 409ms
20ms Script
text/javascript 213.254.244.26
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=74&ttfrms=28&brid=3&brver=106.0.5249.91&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5D%3A4%3C5%5D4%3FTauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5D%3A4%3C5%5D4%3FTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1664876595604364&jsCallback=dvCallback_1664876595604279&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.91%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220928%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=7&brh=2&sdf=2&dvp_epl=232&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=http://www.ickd.cn/&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0hJRngQUEnguCWCrEjjB434&aucrtv=439880703&auorder=1008947089&ausite=38881320727&auxch=1&aulitem=18146614290&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=469104252250.78217&dvp_tukv=110944248497.78284&dvp_uuid=9171431434.944935&dvp_strhd=0.40000009536743164&dvpx_strhd=0.40000009536743164&dvp_tuid=741285452184
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 659bd18df1c6db0d0d695af4152e4ec2154050f8277e9ae97ab504ca11e54ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Oct 2022 09:43:12 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 10/03/2022 09:43:16

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B98 0
26 B 51ms
51ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame AE5F 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:37:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE5F 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw0zKMwA8Y7vaG6qO7_UPuv-kmAQAAAAAOAHgBAI&bg=!oKOlo-fNAAYQgTJdMIE7ACkAdvg8WtDKepOpHbDZ3I_SaIGSq2TWq-jFbqzc6A2uSecjL1pv1epPdgIAAABSUgAAAAFoAQeZAt6uGwiQTjynBMFB3X392pdYOCZzT54JsQ2_Jd_1hzlR2t2IVeXDE1ImY10ISTm2ScfrNiYJ2Yst2FtHqwpuoAzFnIzGUG8IE7QlPlOZL9zbZxf_oQOKtfoLKTMpHqILm81cbzGQrcG2lHsrrufNV-itpFPxCK9gy-jU7EPBy_mRmGuYcPwQvWa-UBXJkeHdoFdn5Qz8FTH6BTqGfaOhql_VlrzZYQrT3m5OwF7M36OOJZODu2QJoS03HZin1HhS4Npo2bPuq4nA5uwefuhuVH-Y6V-l5DvWFDD8ZK694rIQ0ZLNAs75TFvexFn9DKcan25XdWBug0YqolqA3kyDUY8uUCNV1t5vlQ7z-txFDswjFSpzV-PBbLTiKVgla2k-E3aoxoiin_pqBnYKbqYuPvDF_sEznbjyqtYSJfm4B-tWrfJr8Cp9Z3eLleiQFLJIIxbRrPi4TlGVym8MQEJ7X1XS06iUIYvOx5yGXaLGyPGpgAx-gKosDGaqXlM0O7q_60XrsBU29QOtTpYQwu2n3_FqQLRAeBvufDM8_yqUaCgeZ2LPx1LAfDNXYboG3MDtDeI7EeSkM5Tu_sV6emG9mB9Pu6eQJQFcZjmVdBYl4t3kR6ShIWx8rhJG6Xk1AjbN0Mpglx173eOcdN61R193ov7Df7zIIC98g54p8leVVquaZf1-_KNUAhFi46Bd8Z05MkwapXkchUabYEC-h0txOqap8oopl0i1MzqZuonXg4HQ8KJVFSDeJ8N_Uc8AopZzfbGMlzPqWOhnk8GNeAWErvo6IClyCmqYkODUT9-5ydjZJwJa7H6BgjPDv8HAynApjkwxR2aiv7qOPdNxjGWeiGNxFQf3nrwnaC24kM0Yf8sIF-nnUyb136SPRooXju00ocKFwbdlgLUSb-0DstOK5XNJ0E8XVq6QRJpAgSmaqnPbWl2yhKulZS1U2vo-vc9xpqs4uI3C_D9l0SDPtDaWVA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B98 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfbZeEDG6bxCT_HEWqWqWlgTZsrhR_6QuflDLMmW60taF9_T5LIrGu90_A6MMX1zuv7yo9fDr0TL4JMWT3Aw80dIvhXryb3A7i8d0b58JcIJ2PrqSvyiGjK0wzkqhkCp9a7mSwig&sai=AMfl-YQUX47fpB7NRV6f-PW26e8a91L8zg3GzQSiw7vldayk0OGD-91JHw_3uJFOtDTGkttek1tqD5URZ57rSJq9HvBwcheARkfpy38lMJwzgU53oo2ukMlPj_xdxuz9q74&sig=Cg0ArKJSzBTGLCmkjkjmEAE&cid=CAASJeRoUqakmIYtBIa7QeJ1vfv_cQ3Rh8othxg7aPZiYGwAlcV4874&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1664876594889&rpt=740&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B98 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQbDNlVPJ5C4mv-DRexe2G_dhwIbaC0Uu_UN3hz9KoX9QZzX-yqpJu0eBHTg0n2BPdydeAPdL4aU-eU7kWiBZmOTxJTORa&sig=Cg0ArKJSzHQyclNuqZcWEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=782,1002,1002,1002,1002&tos=782,220,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=521587881&rs=6&la=0&cr=0&vs=4&r=v&rst=1664876594889&rpt=742&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Oct 2022 09:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 29ms
28ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbb6aa2777c04356fb5bab1d11a108c2a09e42402be1181cd975d0618c3f5b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11113
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 144ms
143ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Oct 2022 09:43:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3664 13 KB
5 KB 34ms
30ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 11:36:42 GMT
expires: Tue, 03 Oct 2023 11:36:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ECB2 783 B
534 B 61ms
57ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74808b663d6b7c691e55b304b1d6cbc1512d8cfaaa974f026004854663323a07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FeJA1ITxNdlO2JEPPM-zbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.ickd.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-FeJA1ITxNdlO2JEPPM-zbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:43:17 GMT
expires: Tue, 04 Oct 2022 09:43:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3664 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 17:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 17:54:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ECB2 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=890513528463681&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3664 0
10 B 28ms
28ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QOw8hg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:43:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=890513528463681&bg=!sbKlsvbNAAYQgTJdMIE7ACkAdvg8WrtAd2HVtB13c9n5-KQmoR42JWzsdihmJJ1c8h42da_QPsJ-4gIAAABxUgAAAAJoAQcKAAzWJzdT1suolVgN4h-ZApRWLEw4UUCXh3lMpSYWZMpfnbhQTQS1q80gn_nGtuIQIk7L6_Ddtp5qseZKE08x0_ONSQRO2ghSV6cQ-HjkpZDsS6pPXzfTAht_gZiXcCtUHeUSLpbQlcSnTtRZbvVA2wSgrf1_COxfir-YXe8wXFwapImtTK3KwopzuZiTCnz1F8NRl6otbZ9BRTnRXyw5qnhnI1y-yqb9UTExX6qLzs9ENYphoGLlx-qKjlrlCz3PifEEcXe0zQ8Jayl9H_tiIQez8nnW6Kt4poqjFGX1ur1nCpXEyHXwpnCIrmPC3WElinUJ88d2wuCyhFeH_dFb7kyX07Zvok0vwOVKa5vzsQMCps2yWJyTR1gIDhQKEt67tHM6Gpbw6QJub-iYbfl0hS6oLPPV2QdfXPF-sGxAo4-bwzaXg_zBnIkThHM8BexcMkd2OduAFgN9zarJxd6wz2-vWmRGVgW7QsymqBEjLYAVqJSCyAeiDcYAHI-NrUBtxF3Fp4pLr_UNn0mzY3wbHzz6J3o60G4_toYTzc7QPtnqdtFRbQDM7wrCGJb7TkEMNkTVGFzt5jSzhVbqO7dnlm9MUMMSAOLhCDby-VUV7LnSX7v3c_or_q8sqV89n6vWesZVu_gEGalpQ0oUVYiJLT-ZRaRYlvrJgFzlx7euOzePeaP7lVFzzqS9C7eNOY38d6-zOYSzvgHCZ5eOvZe53_Q5j8qpJciZKaOxQg03i44h4_HnpSGBVknBy5K_9y_EFT98j2Hqt8QYInfzd-KmnyPN_a1ALN3b3Ieve7qBz7rGsLLA52PUb2IW4izlgZi5cs6FuE4ndUsHaXJUukGrD19-xk0Uv_LNabn2SYTixzgxR8HWjkZND5p1EjGrXbsWq89Ech8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ickd.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame A47E 0
210 B 360ms
8ms Ping
text/plain 213.254.244.26
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=3ea083b49c114908887e56f8008612e2&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=411&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=11&msltms=19&vltms=411&sei=289&vetms=16&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=37&isumms=36&nvr=6&isgmmims=37&isgmv4mims=37&elmtp=6&isbxdms=2536&b0=100&b10=201&b11=2313&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2614&sftb=2614&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1036&isuiabvms=1036&isgmpims=336&isgmv4dpims=1237&ispmxpms=1237&engalms=35&engscrlms=138&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ttfurm=3448&cbust=1664876599027415
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 04 Oct 2022 09:43:18 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 10/03/2022 09:43:19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDLDb_Vdu6ObWXawLPdrw9o&google_cver=1&google_push=AZmPxg_s7ZlTlHgnKJW4MKZoJKQeFWXh4nB250kZGwdO8LNPBX1Ou9baZxs8a2vts-alfYhm-cIWh6cM1GrzyyKDgEiElHU6fDO9D9E

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ickd.cn/	1969-12-31 23:59:59	Name: JSESSIONID Value: BE20DDE2E866494E5B28913E1239B659
.hm.baidu.com/	1970-01-20 16:03:56	Name: HMACCOUNT_BFESS Value: F02D4EA9B292C349
.ickd.cn/	1970-01-20 15:49:32	Name: __gads Value: ID=85a0f85ec6c3f758-22f6f8698bd70079:T=1664876592:RT=1664876592:S=ALNI_MZK7fGzYCdnF2Fb6TTju8edP5AekA
.doubleclick.net/	1970-01-20 15:49:32	Name: IDE Value: AHWqTUk5optUxLBXGUayLu5E2QvcQIHx6qRSqIXWlK5rLXXUCZMXuwAW7B-CCuzIGmk
.ickd.cn/	1970-01-20 15:13:32	Name: Hm_lvt_39418dcb8e053c84230016438f4ac86c Value: 1664876593
.ickd.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_39418dcb8e053c84230016438f4ac86c Value: 1664876593
.adnxs.com/	1970-01-20 08:37:32	Name: uuid2 Value: 2201966969968215882
.casalemedia.com/	1970-01-20 15:13:32	Name: CMID Value: YzwAM.nLQgeWA.ysTZ30bQAA
.casalemedia.com/	1970-01-20 08:37:32	Name: CMPS Value: 5137
.casalemedia.com/	1970-01-20 08:37:32	Name: CMPRO Value: 5137
.adnxs.com/	1970-01-20 08:37:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImSnTF.M!@wnfH8K6pQK`!5=E<L5?%M<1Fgpp.CUDFfA(?x4^J7yf%'ew?MJVePVHwp%nugO%v4VB%nnjz4D4G
.casalemedia.com/	1970-01-20 08:37:32	Name: CMTS Value: 1168
.blismedia.com/	1970-01-20 15:13:36	Name: b Value: 633C0033730415592299E79ABLIS
.w55c.net/	1970-01-20 15:58:10	Name: wfivefivec Value: pgYXSTnT1OFEsj5
.bidswitch.net/	1970-01-20 15:13:32	Name: tuuid Value: cb585cad-005a-43fc-86a6-a0dfddc97bd8
.bidswitch.net/	1970-01-20 15:13:32	Name: c Value: 1664876595
.bidswitch.net/	1970-01-20 15:13:32	Name: tuuid_lu Value: 1664876595
.w55c.net/	1970-01-20 07:11:08	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-20 06:28:00	Name: DSID Value: NO_DATA
.creative-serving.com/	1970-01-20 15:49:32	Name: tuuid Value: ae60f9dc-5da2-45b5-852f-f6cc411f78df
.creative-serving.com/	1970-01-20 15:49:32	Name: c Value: 1664876595
.creative-serving.com/	1970-01-20 15:49:32	Name: tuuid_lu Value: 1664876595
.3lift.com/	1970-01-20 08:37:32	Name: tluid Value: 1947705420238634323645
.yahoo.com/	1970-01-20 15:13:54	Name: A3 Value: d=AQABBDMAPGMCELP3PPSyPY3ySL0gQsCCO_UFEgEBAQFRPWNFYwAAAAAA_eMAAA&S=AQAAAou2-oe-coQdfthbqpq_av4
.simpli.fi/	1970-01-20 15:14:58	Name: suid Value: F572B210068B404A822C8362678B6D8B
.analytics.yahoo.com/	1970-01-20 15:13:32	Name: IDSYNC Value: 18yx~27ix
.adform.net/	1970-01-20 07:12:34	Name: C Value: 1
.adform.net/	1970-01-20 07:54:20	Name: uid Value: 4894337735556224173

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://i.ickd.cn/loginStatus.do Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDLDb_Vdu6ObWXawLPdrw9o&google_cver=1&google_push=AZmPxg_s7ZlTlHgnKJW4MKZoJKQeFWXh4nB250kZGwdO8LNPBX1Ou9baZxs8a2vts-alfYhm-cIWh6cM1GrzyyKDgEiElHU6fDO9D9E Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	warning	URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.creative-serving.com
adservice.google.com
adservice.google.de
c1.adform.net
cdn.bootcss.com
cdn.doubleverify.com
cdn.ickd.cn
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hm.baidu.com
i.ickd.cn
ib.adnxs.com
ickd.cn
image6.pubmatic.com
lf6-cdn-tos.bytecdntp.com
mts0.google.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pic.rmb.bdstatic.com
pixel-sync.sitescout.com
pm.w55c.net
rtb0.doubleverify.com
s.ad.smaato.net
s0.2mdn.net
sp0.baidu.com
ss0.bdstatic.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.ickd.cn
www.recaptcha.net
x.bidswitch.net
zz.bdstatic.com
googlecm.hit.gemius.pl
101.35.123.11
103.235.46.191
104.18.19.126
142.250.184.194
142.250.185.102
172.217.18.2
18.197.134.247
185.10.104.115
185.89.211.84
198.47.127.19
213.254.244.26
218.12.76.163
2408:8710:20:118d:1::f4
2600:9000:2057:a400:1b:5138:8a40:93a1
2606:4700:3036::ac43:8afe
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400a:808::200a
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:807::2004
2a00:1450:400d:80e::2002
2a02:26f0:3500:58b::4469
3.120.13.175
3.126.56.137
3.127.71.40
34.149.12.213
34.96.105.8
35.204.74.118
37.157.5.142
45.113.192.101
45.113.192.81
51.89.9.254
58.254.150.48
66.155.71.25
76.223.111.18
00743b36fb54848a953069e98027c00e38a7233c5ce0c5d2dc16454680332e04
01c245392d251252062d619dcd4b5b01090694cb6796a86b4b68b42332774616
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
065687804bcf46dabed4ccfc02d71ee3737d6c839aea8f9364ddd33cdab20fe4
0a06b189c10f264dc2efa516c69d509a2c3db16caf19f7fee98a3e1db4a5c329
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f2999ea640ebe8941dc2b66b1af40e50b1aa7a38e8e7ee1365eaf4826de8d5d
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
2aade5ddd8c8666864e7868e2f06dcc49be10d54fb49103554668e8c72bf8491
2e695c779de944ef778e8e5dcbc806b04a32057a954bd9ee4629148aa2952857
2fd7d2ef96b66a0dc89bd35b66668843113e91e49f4952d5b87619650f7dda46
335cebfc0890a3c8ec008c097fcd086740b0e93a73c7a36e630435356251c013
380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44
3bfb6e9d9c54fbcc49976caaf6037306c3f096725d462c01e75ee0f51037d20a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f11eb60da08515f874879f34f7a06cac9fb40399ed239e4f4c0995f755fa1b
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1007d0b410dc64f328a12594caaa0fd3db04ef82c5339909d9b1eda89b8525
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
5d435cd43d147ac3a85b14c3b4a11f12fa51e67a6408b5bdec76bf447610e1d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
659bd18df1c6db0d0d695af4152e4ec2154050f8277e9ae97ab504ca11e54ea7
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1
74808b663d6b7c691e55b304b1d6cbc1512d8cfaaa974f026004854663323a07
7731795fc0ebfa7770c9cd0a5c4494c26335a14f72a2367623ebd9c7f95238bc
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7bf815d7bf03f0177428055d28ee4c0c5254e2bcf3548fa82fcfd5ec85652193
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
80ed7b4da0a175a05ececea3222f8906c44cd6255f8f5874e3c12e1b044b6b96
848bc8c5eaa119917e55578ce79934989bd6a50ea04e45a4dc499cf8d9a8c180
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb24bae1fec78bfc97589cfd19f2d7cd622c4d5c422a55991114ccbdc1df640
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9e9f2dadb51777dc69589bbbe20a76bfc7218b67a972afb3234fd76bbd5561b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b83983a9480d7d58b818028bd9b95ac89e757cb5668b6d678f7e91452127917b
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be5b759996d0b5b388dc5922f99d18d5f3feb0ffb3b1a9d5b73b8c0a427ab8d4
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d148103887c0c8a14046c95e5fe8f0e44adae73e58c8db26cfcfe5793030b313
d4eeba7847f84afbae5fd785b87c2abfe74df234fee82497e4af1cc0d64fae6d
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4926b9dfd9a25e01edb50340271e0e757e72971921776e48f8f25264ed07d51
e67df85f68de5f600af6bbc31cc9481affc47515f34da08cd1fcbeb92987cfd3
e6fed762dfc9c91ee723d50f78ca40eb2f7ebcf090b1e40cb17f42e2c23efec2
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
ee4062a98ddebfdafc026aedf74c6493b48d572902b4e8eb4b31693ea50b2946
ee854d774241fddf9cb691acfbb809cb9741d364db17dd399c55383e8eb584d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
f25124b87ab04c6028e9a19e4a7c81de35d88f5b4de65829f1e94a8851104088
f47650fc62b6c1dc3616032d4f1217edf9d45478b8d68b22ad5fd5eea60ea8bc
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
fb70ce30591c266a79ab984dbc5c90a2a328317d66f738397665dcf702670f18
fbb6aa2777c04356fb5bab1d11a108c2a09e42402be1181cd975d0618c3f5b81

www.ickd.cn Open in urlscan Pro 2606:4700:3036::ac43:8afe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

79 %HTTPS

39 %IPv6

31 Domains

47 Subdomains

34 IPs

10 Countries

1540 kBTransfer

4121 kBSize

28 Cookies

9 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ickd.cn Open in urlscan Pro
2606:4700:3036::ac43:8afe Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

79 %
HTTPS

39 %
IPv6

31
Domains

47
Subdomains

34
IPs

10
Countries

1540 kB
Transfer

4121 kB
Size

28
Cookies

134 HTTP transactions
6 data transactions