urlscan.io logo urlscan.io
SecurityTrails logo

ld246.com Open in urlscan Pro
47.246.43.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ld246.com/
Effective URL: https://ld246.com/
Submission: On July 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 57 HTTP transactions. The main IP is 47.246.43.175, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is ld246.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 7th 2021. Valid for: a year.
This is the only time ld246.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 47.246.43.175 24429 (TAOBAO Zh...)
5 2a04:4e42:3::485 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 240e:e9:9005:... 23650 (CHINANET-...)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
57 14
6    47.246.43.175 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ld246.com
5    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    240e:e9:9005:2:3::3fc (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)
b3logfile.com
11    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
11 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 pagead2.googlesyndication.com ld246.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 b3logfile.com ld246.com
6 ld246.com 1 redirects ld246.com
5 cdn.jsdelivr.net ld246.com
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
57 13

This site contains links to these domains. Also see Links.

Domain
b3log.org
github.com
routinepanic.com
weibo.com
beian.miit.gov.cn
Subject Issuer Validity Valid
ld246.com
Encryption Everywhere DV TLS CA - G1		 2021-02-07 -
2022-02-07		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
b3logfile.com
Encryption Everywhere DV TLS CA - G1		 2021-04-12 -
2022-04-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-05 -
2021-09-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://ld246.com/
Frame ID: 4B25D4B3E6547D08533C047C9AB3CC6E
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210727/r20190131/zrt_lookup.html
Frame ID: 220629ABEE1D1793E61367C254EFE042
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Frame ID: 608E0A56DB3D44F37493054AEF979C9C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Frame ID: 52DAC7973382D3E0E50A38323D48AD3F
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&adk=1812271804&adf=3025194257&lmt=1627496410&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fld246.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410473&bpp=3&bdt=659&idt=122&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600%2C919x127&nras=1&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=146
Frame ID: 60691D3A98826F0F64E6DCF99B3A00E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8D0A8D67B83E94BA48BE737445F887FA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7FF502B1BCCF100FB946389D1AC06DF6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js
Frame ID: B5C374CC4A1D49E53F422853145A4824
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js
Frame ID: A804899D1011B4FE1FF855EFA7871FFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0A924B05B9398AA9468A0796CD22962E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BFEED516CC951FF97CDD33DF08503CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ld246.com/ HTTP 301
    https://ld246.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Tengine/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

57
Requests

100 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

741 kB
Transfer

1967 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ld246.com/ HTTP 301
    https://ld246.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 47
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ld246.com/
Redirect Chain
  • http://ld246.com/
  • https://ld246.com/
98 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ld246.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.175 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
481de68d07d6c503ce4a68bc2466f0570d4c88e241fccbfa4e9fcf89ae9527d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Host
ld246.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Tengine
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31104000
Date
Wed, 28 Jul 2021 18:20:09 GMT
X-Xss-Options
1; mode=block
X-Frame-Options
deny
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests
Via
cache69.l2cm10-9[205,0], cache7.de2[381,0]
Content-Encoding
br
Timing-Allow-Origin
*
EagleId
2ff62b9b16274964093775592e

Redirect headers

Server
Tengine
Date
Wed, 28 Jul 2021 18:20:09 GMT
Content-Type
text/html
Content-Length
262
Connection
keep-alive
Location
https://ld246.com/
Via
cache5.de2[,0]
Timing-Allow-Origin
*
EagleId
2ff62b9916274964092978413e
icon.js
cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/classic/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/classic/icon.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
441552b98b52701f227bea4b17f5c1f93f35fd6b720c0960aebf7a127c43bd50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
425559
x-jsd-version
0.1.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
28890
etag
W/"13d06-BzKiBItZU5bJjIXH9HhG1YqlF0Y"
x-served-by
cache-fra19147-FRA
x-jsd-version-type
version
date
Wed, 28 Jul 2021 18:20:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3002399
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
30948
etag
W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
x-served-by
cache-fra19147-FRA
date
Wed, 28 Jul 2021 18:20:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
lib.js
cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/kanbanniang-tia@0.1.4/symx/lib.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6074cf1763a8e736bf5210f32b605268e1e36ce51caa83e88c411eb9ed3e5f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
425559
x-jsd-version
0.1.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
10043
etag
W/"66ba-y1Ur8FXrRhvVJiXHWOW1v/w6P48"
x-served-by
cache-fra19147-FRA
x-jsd-version-type
version
date
Wed, 28 Jul 2021 18:20:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
index.min.js
cdn.jsdelivr.net/npm/vditor@3.8.4/dist/ 		266 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vditor@3.8.4/dist/index.min.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54e3366aea0fb236c97a6348577c44f2940a57853cce9de10716b78570f5d2d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
564194
x-jsd-version
3.8.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
67065
etag
W/"42948-49XEXZ8+GnIrNhyWFnUyeucjCzY"
x-served-by
cache-fra19147-FRA
x-jsd-version-type
version
date
Wed, 28 Jul 2021 18:20:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
index.f6bd609d6ab07dff0390.css
ld246.com/dist/skins/classic/ 		107 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ld246.com/dist/skins/classic/index.f6bd609d6ab07dff0390.css
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.175 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
876787349b6e68a66feca6ab18e3cce5ad5b8c0170c2c2ff97cfd8acdf0867ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ld246.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://ld246.com/
Connection
keep-alive
Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31104000
Via
cache30.l2ot7-1[0,0,200-0,H], cache2.l2ot7-1[0,0], cache1.de2[0,203,200-0,H], cache5.de2[206,0]
X-Content-Type-Options
nosniff
Content-Type
text/css
Age
2406687
Transfer-Encoding
chunked
X-Cache
HIT TCP_HIT dirn:10:196358206
X-Swift-CacheTime
463366
Connection
keep-alive
Content-Encoding
br
Server
Tengine
X-Frame-Options
deny
Date
Wed, 30 Jun 2021 21:48:42 GMT
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1625089723
X-Xss-Options
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Timing-Allow-Origin
*
EagleId
2ff62b9916274964098442004e
X-Swift-SaveTime
Sun, 25 Jul 2021 13:05:57 GMT
index.86cab399ed9468f76416.js
ld246.com/dist/skins/classic/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ld246.com/dist/skins/classic/index.86cab399ed9468f76416.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.175 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cdcad3327c1862ddd8ed7080ec6503d1064d71afc57d15536b9f189110bd4926
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ld246.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://ld246.com/
Connection
keep-alive
Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31104000
Via
cache6.l2de2[0,0,200-0,H], cache6.l2de2[1,0], cache9.de2[0,0,200-0,H], cache11.de2[2,0]
X-Content-Type-Options
nosniff
Content-Type
application/javascript
Age
1028403
Transfer-Encoding
chunked
X-Cache
HIT TCP_HIT dirn:10:380369940
X-Swift-CacheTime
2171647
Connection
keep-alive
Content-Encoding
br
Server
Tengine
X-Frame-Options
deny
Date
Fri, 16 Jul 2021 20:40:06 GMT
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1626468006
X-Xss-Options
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Timing-Allow-Origin
*
EagleId
2ff62b9f16274964098408655e
X-Swift-SaveTime
Wed, 21 Jul 2021 17:25:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fe29d1aea6be110f3e6f4a774d327cbb8ebcf6db34ad8d20da3cfb840df5eaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
cafe
etag
1919570356283978166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Jul 2021 18:20:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210727/r20190131/ Frame 2206 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210727/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210727/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 27 Jul 2021 19:25:37 GMT
expires
Tue, 10 Aug 2021 19:25:37 GMT
content-type
text/html; charset=UTF-8
etag
4389807852502320046
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
cache-control
public, max-age=1209600
age
82472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
banner.png
ld246.com/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ld246.com/images/banner.png
Requested by
Host: ld246.com
URL: https://ld246.com/dist/skins/classic/index.f6bd609d6ab07dff0390.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.175 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3815f77c560a3b5999cd5a6c25e0c36711eecaa07abbe4a93312b7e01a37a777
Security Headers
Name Value
Strict-Transport-Security max-age=31104000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ld246.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ld246.com/dist/skins/classic/index.f6bd609d6ab07dff0390.css
Connection
keep-alive
Referer
https://ld246.com/dist/skins/classic/index.f6bd609d6ab07dff0390.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31104000
Via
cache6.l2de2[405,404,304-0,M], cache19.l2de2[406,0], cache11.de2[414,417,200-0,H], cache5.de2[419,0]
ETag
"6101129b-b9ea"
Age
0
X-Cache
HIT TCP_REFRESH_HIT dirn:0:259535203
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
47594
Last-Modified
Wed, 28 Jul 2021 08:17:31 GMT
Server
Tengine
Date
Wed, 28 Jul 2021 18:20:10 GMT
Ali-Swift-Global-Savetime
1627460293
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Timing-Allow-Origin
*
EagleId
2ff62b9916274964100972754e
X-Swift-SaveTime
Wed, 28 Jul 2021 18:20:10 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67cf345cf4c473ad8313631db870f9b2cc5c8464d25ee55bc9816458d3f45d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95257
x-xss-protection
0
server
cafe
etag
5523451261749374150
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Jul 2021 18:20:10 GMT
user-thumbnail.png
ld246.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ld246.com/images/user-thumbnail.png
Requested by
Host: ld246.com
URL: https://ld246.com/dist/skins/classic/index.f6bd609d6ab07dff0390.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.175 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d20701e6ea1e1e137c4b63042b698a95551218b6073e0569e852bba510b251e0
Security Headers
Name Value
Strict-Transport-Security max-age=31104000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ld246.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ld246.com/dist/skins/classic/index.f6bd609d6ab07dff0390.css
Connection
keep-alive
Referer
https://ld246.com/dist/skins/classic/index.f6bd609d6ab07dff0390.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31104000
Via
cache23.l2de2[435,434,304-0,M], cache18.l2de2[436,0], cache11.de2[443,443,200-0,H], cache7.de2[446,0]
ETag
"6101129b-dc8"
Age
0
X-Cache
HIT TCP_REFRESH_HIT dirn:10:97355128
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
3528
Last-Modified
Wed, 28 Jul 2021 08:17:31 GMT
Server
Tengine
Date
Wed, 28 Jul 2021 18:20:10 GMT
Ali-Swift-Global-Savetime
1627460293
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Timing-Allow-Origin
*
EagleId
2ff62b9b16274964102558629e
X-Swift-SaveTime
Wed, 28 Jul 2021 18:20:10 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ld246.com&callback=_gfp_s_&client=ca-pub-5357405790190342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9a8571d3e609a4e68151242c498820ad58eaaeab468d07ea826d7ceed49e5c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ld246.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Jul 2021 18:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ld246.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Jul 2021 18:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 608E 		58 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d32680f0ced514269392f03ff2d894aa2ac10ef7747d8dbb497587075c0a49e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Jul 2021 18:20:11 GMT
server
cafe
content-length
22580
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Jul-2021 18:35:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Jul 2021 18:20:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:20:10 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627298829912756"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Wed, 28 Jul 2021 18:20:10 GMT
light.css
cdn.jsdelivr.net/npm/vditor@3.8.4/dist/css/content-theme/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vditor@3.8.4/dist/css/content-theme/light.css
Requested by
Host: ld246.com
URL: https://ld246.com/dist/skins/classic/index.86cab399ed9468f76416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
179e795aac2ebe391c288a6fb8dd4b3bcfc40dfefd8a2a5f8a3250b67f8d5159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
250814
x-jsd-version
3.8.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1122
etag
W/"90b-3YWo5Pa2cabX+W7BBmWf4vCO1+Q"
x-served-by
cache-fra19147-FRA
x-jsd-version-type
version
date
Wed, 28 Jul 2021 18:20:10 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
ads
googleads.g.doubleclick.net/pagead/ Frame 52DA 		81 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
055444425d46f9f9796434d397bb1b8e6ee6fdf4f2996cb113cd47da6109f99a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Jul 2021 18:20:11 GMT
server
cafe
content-length
28593
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Jul-2021 18:35:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Jul 2021 18:20:11 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6069 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&adk=1812271804&adf=3025194257&lmt=1627496410&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fld246.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410473&bpp=3&bdt=659&idt=122&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600%2C919x127&nras=1&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22125e4350932fb9dcdb9ac21dbc5d691c8af41ce2c3368700368648b5ebb573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5357405790190342&output=html&adk=1812271804&adf=3025194257&lmt=1627496410&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fld246.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410473&bpp=3&bdt=659&idt=122&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600%2C919x127&nras=1&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=146
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Jul 2021 18:20:10 GMT
server
cafe
content-length
4708
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Jul-2021 18:35:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Jul 2021 18:20:10 GMT
cache-control
private
1610205759005_1610205899060.jpeg
b3logfile.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1610205759005_1610205899060.jpeg?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
702f8f755dcbfc6aada2be0a7180d87ad52fdad264e114441a6edd5a1c444ee4

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:48;BOOTS-PROXY:49;BOOTS-PROXY:60;BOOTS-PIPE:61;BOOTS-PROXY:64;BOOTS-PROXY:65;X-Log;FUSIONGATE:69;DORA-PROXY:70
date
Tue, 20 Jul 2021 08:45:43 GMT
via
cache62.l2cn3036[0,0,304-0,H], cache26.l2cn3036[0,0], cache26.l2cn3036[1,0], kunlun4.cn190[0,0,200-0,H], kunlun9.cn190[4,0]
x-svr
IO
age
483975
x-cache
HIT TCP_MEM_HIT dirn:0:603035952
content-transfer-encoding
binary
x-swift-cachetime
519158
content-disposition
inline; filename="1610205759005_1610205899060.jpeg"; filename*=utf-8''1610205759005_1610205899060.jpeg
x-swift-savetime
Fri, 23 Jul 2021 03:53:56 GMT
content-length
1856
x-m-reqid
7x0AANBaMTxfc5MW
x-m-log
QNM:xs447;QNM3/304
server
Tengine
etag
"AD9iWqkFU_qbP-ta74OSvhEAxETw"
access-control-max-age
2592000
ali-swift-global-savetime
1618468738
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964117198376e
x-reqid
oQIAAOtXS0DiW48W
1609164469923_1627122809129.jpeg
b3logfile.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1609164469923_1627122809129.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
fc3a2831c7ad0d52d5b5a8e3349d6673acf71458510ebe8566098ff818435d28

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:57;BOOTS-PROXY:57;BOOTS-PROXY:58;BOOTS-PIPE:59;BOOTS-PROXY:59;BOOTS-PROXY:61;X-Log;FUSIONGATE:65;DORA-PROXY:66
date
Tue, 27 Jul 2021 12:27:09 GMT
via
cache43.l2cn3036[21,20,304-0,M], cache60.l2cn3036[22,0], cache60.l2cn3036[22,0], kunlun10.cn190[0,0,200-0,H], kunlun9.cn190[4,0]
x-svr
IO
age
107582
x-cache
HIT TCP_HIT dirn:10:843301176
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1609164469923_1627122809129.jpeg"; filename*=utf-8''1609164469923_1627122809129.jpeg
x-swift-savetime
Tue, 27 Jul 2021 12:27:09 GMT
content-length
2385
x-m-reqid
-SUAAN5ktauEpZUW
x-m-log
QNM:xs1175;QNM3/304
server
Tengine
etag
"AOpIVncZPGu2pqL2zcCE_PUvF7zI"
access-control-max-age
2592000
ali-swift-global-savetime
1627125556
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964117208381e
x-reqid
-SUAAI5x7YY4tJQW
1619450149506_1619450274375.jpeg
b3logfile.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1619450149506_1619450274375.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
656547c684d54f3dc11a43f54009f65afbf525200168025c7d8358b209204583

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:194;BOOTS-PROXY:195;BOOTS-PROXY:196;BOOTS-PIPE:196;BOOTS-PROXY:197;BOOTS-PROXY:197;X-Log;FUSIONGATE:199;DORA-PROXY:199
date
Mon, 26 Jul 2021 08:48:10 GMT
via
cache68.l2cn3036[0,0,304-0,H], cache6.l2cn3036[1,0], cache6.l2cn3036[1,0], kunlun2.cn190[0,0,200-0,H], kunlun9.cn190[3,0]
x-svr
IO
age
204277
x-cache
HIT TCP_HIT dirn:10:185536559
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1619450149506_1619450274375.jpeg"; filename*=utf-8''1619450149506_1619450274375.jpeg
x-swift-savetime
Mon, 26 Jul 2021 09:35:34 GMT
content-length
2508
x-m-reqid
bmAAADLbY-X8SpUW
x-m-log
QNM:xs458;QNM3/304
server
Tengine
etag
"AE2hgf8jCznIkppP3pl78jng0Xs-"
access-control-max-age
2592000
ali-swift-global-savetime
1626203693
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964117208379e
x-reqid
KAsAALe2Dr307Y4W
1614273872338.png
b3logfile.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1614273872338.png?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1e7e1d2756deb1d56179273ba4a9188a7c7970cde51d89d14d4aa2d65b6a6000

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:26;BOOTS-PROXY:27;BOOTS-PROXY:28;BOOTS-PIPE:28;BOOTS-PROXY:29;BOOTS-PROXY:30;X-Log;FUSIONGATE:36;DORA-PROXY:37
date
Tue, 27 Jul 2021 03:06:13 GMT
via
cache54.l2cn3036[0,0,304-0,H], cache10.l2cn3036[0,0], cache10.l2cn3036[1,0], kunlun7.cn190[0,0,200-0,H], kunlun9.cn190[4,0]
x-svr
IO
age
62169
x-cache
HIT TCP_HIT dirn:0:101370508
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1614273872338.png"; filename*=utf-8''1614273872338.png
x-swift-savetime
Wed, 28 Jul 2021 01:04:02 GMT
content-length
1030
x-m-reqid
XyQAAMHA9YfohpUW
x-m-log
QNM:xs1167;QNM3/304
server
Tengine
etag
"AKTz6wEPXdnqzwAZNfl_ilkFW1sV"
access-control-max-age
2592000
ali-swift-global-savetime
1616243792
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964117208382e
x-reqid
XiUAAP3h3IUyKY8W
1353745196354_1611386411315.jpeg
b3logfile.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1353745196354_1611386411315.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7060040df6bffac74508cb78f47ad843887fd1492c1a7d61410945c0ed26c4b7

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:49;BOOTS-PROXY:53;BOOTS-PROXY:54;BOOTS-PIPE:58;BOOTS-PROXY:59;BOOTS-PROXY:79;X-Log;FUSIONGATE:84;DORA-PROXY:85
date
Sun, 25 Jul 2021 15:30:58 GMT
via
cache47.l2cn3036[0,0,304-0,H], cache12.l2cn3036[1,0], cache12.l2cn3036[1,0], kunlun3.cn190[0,0,200-0,H], kunlun9.cn190[3,0]
x-svr
IO
age
205584
x-cache
HIT TCP_HIT dirn:0:537604307
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1353745196354_1611386411315.jpeg"; filename*=utf-8''1353745196354_1611386411315.jpeg
x-swift-savetime
Mon, 26 Jul 2021 09:13:47 GMT
content-length
2977
x-m-reqid
FFgAAGk6O3JjEpUW
x-m-log
QNM:xs466;QNM3/304
server
Tengine
etag
"AMoy4XAidwNpMOI2f8l-GboFDRNQ"
access-control-max-age
2592000
ali-swift-global-savetime
1618465237
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964117208378e
x-reqid
Nx4AAJVvocKjXY8W
1625139158982.png
b3logfile.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1625139158982.png?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7d359986adc8addc4f42a1a0db91586da16d62d858178d54269bbb0481a44109

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:29;BOOTS-PROXY:30;BOOTS-PROXY:31;BOOTS-PIPE:31;BOOTS-PROXY:32;BOOTS-PROXY:33;X-Log;FUSIONGATE:41;DORA-PROXY:42
date
Mon, 26 Jul 2021 18:42:00 GMT
via
cache73.l2cn3036[0,0,206-0,H], cache5.l2cn3036[1,0], cache5.l2cn3036[1,0], kunlun5.cn190[0,0,200-0,H], kunlun9.cn190[3,0]
x-svr
IO
age
171491
x-cache
HIT TCP_HIT dirn:11:241015764
content-transfer-encoding
binary
x-swift-cachetime
144230
content-disposition
inline; filename="1625139158982.png"; filename*=utf-8''1625139158982.png
x-swift-savetime
Wed, 28 Jul 2021 02:38:10 GMT
content-length
1055
x-m-reqid
HBMAANomEchka5UW
x-m-log
QNM:xs470;QNM3/304
server
Tengine
etag
"AAetmniN0sDEqrcVeHqhAjXnkvnu"
access-control-max-age
2592000
ali-swift-global-savetime
1627324920
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964117208380e
x-reqid
62UAAPxrZ1c3NJEW
1609132319768_1609132388356.jpeg
b3logfile.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1609132319768_1609132388356.jpeg?imageView2/1/w/48/h/48/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
27848746be3c8ec0de9fe2f57cb362987fe97b93563410b50fd5b0fa4aa6a4a8

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:35;BOOTS-PROXY:35;BOOTS-PROXY:36;BOOTS-PIPE:37;BOOTS-PROXY:37;BOOTS-PROXY:38;X-Log;FUSIONGATE:50;DORA-PROXY:51
date
Mon, 26 Jul 2021 13:16:42 GMT
via
cache59.l2cn3036[0,0,304-0,H], cache36.l2cn3036[1,0], cache36.l2cn3036[1,0], kunlun5.cn190[0,0,200-0,H], kunlun9.cn190[2,0]
x-svr
IO
age
147313
x-cache
HIT TCP_HIT dirn:10:56141916
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1609132319768_1609132388356.jpeg"; filename*=utf-8''1609132319768_1609132388356.jpeg
x-swift-savetime
Tue, 27 Jul 2021 01:24:59 GMT
content-length
2180
x-m-reqid
okkAAL5z7TmkWZUW
x-m-log
QNM:xs449;QNM3/304
server
Tengine
etag
"AJ0YlQ57915huH7ftTzRawSD3RzJ"
access-control-max-age
2592000
ali-swift-global-savetime
1621774155
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964120158682e
x-reqid
7x8AAId7nVkwMI8W
1616980762755_1617196093202.jpeg
b3logfile.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b3logfile.com/avatar/1616980762755_1617196093202.jpeg?imageView2/1/w/64/h/64/interlace/0/q/100
Requested by
Host: ld246.com
URL: https://ld246.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:e9:9005:2:3::3fc , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1223694938224c8ae04a16f269744a33ff94cf5fd95efe0a0d30d2c07e15bb04

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log;IMAGE:42;BOOTS-PROXY:42;BOOTS-PROXY:43;BOOTS-PIPE:43;BOOTS-PROXY:44;BOOTS-PROXY:44;X-Log;FUSIONGATE:46;DORA-PROXY:47
date
Mon, 26 Jul 2021 07:25:13 GMT
via
cache4.l2cn3031[0,0,304-0,H], cache49.l2cn3031[1,0], cache49.l2cn3031[1,0], kunlun5.cn190[0,0,200-0,H], kunlun9.cn190[1,0]
x-svr
IO
age
27954
x-cache
HIT TCP_HIT dirn:11:472063748
content-transfer-encoding
binary
x-swift-cachetime
259200
content-disposition
inline; filename="1616980762755_1617196093202.jpeg"; filename*=utf-8''1616980762755_1617196093202.jpeg
x-swift-savetime
Wed, 28 Jul 2021 10:34:18 GMT
content-length
2147
x-m-reqid
WZoAABlzOCZ2RpUW
x-m-log
QNM:xs1163;QNM3/304
server
Tengine
etag
"AFZKvf2NFLeQZW3qEJFG2BeP4ozq"
access-control-max-age
2592000
ali-swift-global-savetime
1617457747
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
3ad7913b16274964120168683e
x-reqid
w1wAANF9KXx5Do8W, w1wAAHwRKXx5Do8W
3151613022832943089
tpc.googlesyndication.com/simgad/ Frame 608E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3151613022832943089
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43b6cd60a146e47d21452d59197271eb732e0e79cc54d36ad5ad98118cf579cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 17:02:14 GMT
x-content-type-options
nosniff
age
91077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17692
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 07:40:56 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 17:02:14 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame 608E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 18:16:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 608E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 18:12:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 608E 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:20:11 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627472092244076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38161
x-xss-protection
0
expires
Wed, 28 Jul 2021 18:20:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 608E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 18:17:32 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 608E 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f62a8ff7c0b7077bb1c9c33b29d6276bbde33e88b1833aecedc248526509a083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 18:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10769
x-xss-protection
0
server
cafe
etag
6617245152184291830
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Aug 2021 18:54:41 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 608E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtHVB2p8BYcqdJOuNzAaSt5n4C-OTx45hqZeCzeMN2dkeEAEg-pL0DGCVAqAByp_D3gLIAQOoAwHIA8kEqgS_AU_QyBlgNYEKmzyWXE2TSju4G7QteGCvLuw82tIZGYV9cl2F6CqYzyv_Z3faDoQGnHDbrIZ6WSSMpPo0sPRIWfqm2u7SZsPbSsY02qh-4GL9-ao39JtluLdt1cP9BI6j1oiXQ6tl90lQ5YLZJ5lfeo0QSnyPvX9zfiH9yqcd5Nx3dZCwXrn9t9UCGjEMxBfT4lfaIPTw-_2v8ZFgYjDeDtyzlEFXs2qupJbeUQAOloloI6ajBRGai4mcwc2TK1QXwASY9o7wswOSBQQIBBgBkgUECAUYBKAGA4AHnuC8oQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQgd8N0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBmBYBgBcBshcaChgIABIUcHViLTUzNTc0MDU3OTAxOTAzNDI&sigh=tO2LqB42UvY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 28 Jul 2021 18:20:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Jul 2021 18:20:11 GMT
css
fonts.googleapis.com/ Frame 52DA 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=zh-CN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 18:20:11 GMT
server
ESF
date
Wed, 28 Jul 2021 18:20:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Jul 2021 18:20:11 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 52DA 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 19:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12641
x-xss-protection
0
server
cafe
etag
13371490116692223486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Aug 2021 19:12:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 52DA 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:20:11 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627298817379074"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38160
x-xss-protection
0
expires
Wed, 28 Jul 2021 18:20:11 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame 52DA 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:16:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7612
x-xss-protection
0
server
cafe
etag
18375530890449129318
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 18:16:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 52DA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 18:12:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 52DA 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
18081889583213459188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 11 Aug 2021 18:17:32 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 52DA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=zh-CN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
172427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 18:26:24 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8D0A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmvyzjE7Rqc8jQ2aO_GVeMCP936D-fnWEWtKgk3P-8qCio5fZRv1mrYUqR9Z9Q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 28 Jul 2021 17:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 608E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
876b18ee1094610795e7ec0e7a839b06f4e91a5d1a0821bdc5c33dcaddd73f1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 52DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CW9ti2p8BYfHRJOeuzAa7-oCYDoWp0tVjo-mXnq8O0cGa3tgOEAEg-pL0DGCVAqAB9qHr4QHIAQaoAwHIA8sEqgS_AU_QOTBznHh7yVDR2rRiU0o-FQs_HSziEBuvYxP3ADXBzFfjFMsezVkN3aNkda3DrF5RgfhIwRuhRy1ZP_R7JYEe0qp514k1GDmGwpV86n2tp3J1vHkUu_knQi_VUOwY_HyQSst1Jg7OVdTG28tQb-aE9EZFXC2ikb9a5eb1n5OLNRroxluJPwy2ydwuJbDiq5HdKrY_7Zpiy1p0xYJQJ_HhbPnMuu1_Shaxzlkb-ayU56lf6NbY4I58itRbIGvnwAStt4vwyQOSBQQIBBgBkgUECAUYBKAGN4AHuKrBqQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQu1XSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNTM1NzQwNTc5MDE5MDM0Mg&sigh=wlcbih5rEUk&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 28 Jul 2021 18:20:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7FF5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmvyzjE7Rqc8jQ2aO_GVeMCP936D-fnWEWtKgk3P-8qCio5fZRv1mrYUqR9Z9Q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 28 Jul 2021 17:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 52DA 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79a76068ea6178e48daa1886ccd33f885ebfec40897a0c844f8b2f6b9296516

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8D0A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmvyzjE7Rqc8jQ2aO_GVeMCP936D-fnWEWtKgk3P-8qCio5fZRv1mrYUqR9Z9Q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Jul 2021 18:20:11 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 28-Jul-2021 19:20:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Jul 2021 18:20:11 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Jul 2021 18:20:11 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7FF5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmvyzjE7Rqc8jQ2aO_GVeMCP936D-fnWEWtKgk3P-8qCio5fZRv1mrYUqR9Z9Q; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Jul 2021 18:20:11 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 28-Jul-2021 19:20:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Jul 2021 18:20:11 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Jul 2021 18:20:11 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js
pagead2.googlesyndication.com/bg/ Frame B5C3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=600&slotname=5795157554&adk=2059542793&adf=3274670882&pi=t.ma~as.5795157554&w=236&fwrn=4&fwrnh=100&lmt=1627496410&rafmt=1&psa=0&format=236x600&url=https%3A%2F%2Fld246.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410247&bpp=36&bdt=432&idt=246&shv=r20210727&ptt=9&saldr=aa&abxe=1&correlator=7352480244085&frm=20&pv=2&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iDyah1UKus&p=https%3A//ld246.com&dtd=316
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 18:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
84304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13434
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 18:55:07 GMT
5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js
pagead2.googlesyndication.com/bg/ Frame A804 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5357405790190342&output=html&h=127&slotname=7356384727&adk=969544021&adf=2383591321&pi=t.ma~as.7356384727&w=919&lmt=1627496410&rafmt=11&psa=0&format=919x127&url=https%3A%2F%2Fld246.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627496410357&bpp=25&bdt=542&idt=222&shv=r20210727&ptt=9&saldr=aa&abxe=1&prev_fmts=236x600&correlator=7352480244085&frm=20&pv=1&ga_vid=1227794983.1627496411&ga_sid=1627496411&ga_hid=2123787084&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=393&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061971%2C20211866&oid=3&pvsid=3042734026359585&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k0JXM6RnDp&p=https%3A//ld246.com&dtd=227
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 18:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
84304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13434
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 18:55:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210727&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dd7a2058917195a32fd81cfd4b886fb45c03df864f6f0c1755417fdf7be1da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Jul 2021 18:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210727/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5357405790190342&plah=ld246.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 18:20:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 28 Jul 2021 18:20:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0A92 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 28 Jul 2021 17:22:45 GMT
expires
Thu, 28 Jul 2022 17:22:45 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1BFE 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eeba0ba8bd026da02c4e152099a8cbd19165155de99b474e209e2e277c006f02
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WXPlObrlDUlxK9J1fO+ILw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ld246.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ld246.com/

Response headers

expires
Wed, 28 Jul 2021 18:20:12 GMT
date
Wed, 28 Jul 2021 18:20:12 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-WXPlObrlDUlxK9J1fO+ILw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
M0jCHZXA-VHVbg7kXxoLcoNGwI9TlchJ4WJ8mqKlR4o.js
pagead2.googlesyndication.com/bg/ Frame 0A92 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M0jCHZXA-VHVbg7kXxoLcoNGwI9TlchJ4WJ8mqKlR4o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3348c21d95c0f951d56e0ee45f1a0b728346c08f5395c849e1627c9aa2a5478a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
101422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13250
x-xss-protection
0
last-modified
Mon, 19 Jul 2021 15:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 14:09:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 608E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnhbqf2zStgADOP2C2CRdmi_XQhHk1U--yWw9X-Up_uBDk763yB-QTOaozWBtouJymXFI6cIBgDKMMR_5vymTqgoCX8pAym7nt4jkw8-vTm78TP_o3KNJRCPagkQ&sai=AMfl-YRU8Xpw3ybV6xZbkaYCAysep9bSKLYOwDJmstEYzoLCpD7_z5oVH6bkrvc7PCVY7JQ7ce-5HSaaj8O1&sig=Cg0ArKJSzFi6Z1QLQb6tEAE&id=lidar2&mcvt=1000&p=127,1114,727,1274&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210728&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2059542793&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627496410564&dlt=511&rpt=712&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jul 2021 18:20:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210727&jk=3042734026359585&bg=!iomlic3NAAb7_-tu-_87ACkAdvg8Wnc7mz9hRzTE_DeFGN35UsGGX30CnsWbVsrVDZTcZkPh1FDDpgIAAABGUgAAAAdoAQcKAL6pjenAoKK8qB8uPxobFizACoKole50Zdp9OovNq2SEyJcwHNcaSeDcWF_lXE5M-W1rj5YrwbmQOp70koDoPLB13Ww0-7VtSIeKeL8__ThEmcKeZYnTMhWLEeOArtBX3_txwEudRDhucsH0hR6anvrkvA_IIRHOctFHZWYyOSSdQSu3aMmlLoTWIm3qxpEngD1uUqKUCtAyPt6_G5qjs_dm0gsC0-FhJqd8vF1Dm2Co6XQKKgUYFPzHQTIWvx6PmQJ2HdFhLo4-aoN0aAXyaFu-4pdQIpgzB0lCk2R-oqjNm6ScqcZvdommrZxJEnl9hVu4K7ru6s4P9E7zt8erpHXqVZjmnnOVHNQEb37yVYjMFBL8OzaK9JucSnoJ-9SjmSAp-_iR7jlGTBlsK3JzGZxbEp_Eik2dI1IzfaYGy7rEtVPWwCOVjs5qFRltbtyyHdwz364csMn8UlnCYPNStgD5gnzV6g5YkXVNmSPRjqW7Uq0gPBK2nOXPP9dBBsfOSwLK-I3YhDuPrr8juK0nhjIq01zMQR8WAsBTLKlVS8KUsalyBvhGgasbf2dSgKwzORYbDJH_xXkhuneUb3De6BOpBeQHzhKDGwCIIWDWrYdcetcqCCe7pW8t5Fc7gWbr64weOSZ8hVXNq_FdGZ8DHtql6segSJt6FXzt-QtiFdBc6BEcD3XK5vHEu4DElm2TKVsQhunSDeb5SXUb2V9pos5reA8mwH067YHpDOgzAMkDyStkj2TqXYGhQ_3ybEoxqKu37UWV7sFRgHeAf01u7fYcY8E1hFKeKaMI8CHffYN3vQfnZ1aFg7uMbs9USYNzzd7Bo2W63VIa75FGlIeiEXQiZzAdN3lKzsADcgeGatyEhR600YOIoosOdwMfWXBmO2bMqErnJRZRneKZ328jqi5Y-C0EQywlheuXQKbNlB89L71cug82czZBNhViJKLgwt5TZb7eKQeL0GWnJCFzaNmJVIRqjUAe_1_nyIfq5-qjXDWUGcrljkEiu12dMAfsabTMJILos7js4QewygZhhBY7KYFcoEwTdAvR4tZ7XTkiu1B48OGem9gMwp8UqW6oDTAC5ERruyx5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ld246.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jul 2021 18:20:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 52DA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhQxi_dnT51_n2HsXqxXKsLx_qtBLWilxLdaI1OY-irDxIRy6BXLXGIeU8ZzEUKG1CMsTsZjZuoE94YvpaYhC6nq1RL7r9QwcDHwGKSYKud1LZnW1D1_fkxX_8OQ&sai=AMfl-YQ61EUYO2Gi8fGptZkbnKexzi_EyIHmDaA7F4-3NQGWmvOwiSJUuQB_ku9WJAezGFO24Oa_bif7m1Lf&sig=Cg0ArKJSzNGYkuq2nMNjEAE&id=lidar2&mcvt=1001&p=1029,393,1145,1312&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210726&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=14&adk=969544021&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627496410585&dlt=503&rpt=91&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jul 2021 18:20:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| Label function| $ function| jQuery function| md5 object| NProgress function| ReconnectingWebSocket function| UAParser function| Vditor undefined| prevKey object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| CSSImageIntersectionObserver object| imageIntersectionObserver function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmvyzjE7Rqc8jQ2aO_GVeMCP936D-fnWEWtKgk3P-8qCio5fZRv1mrYUqR9Z9Q
.ld246.com/ Name: __gads
Value: ID=14e535ac1ff7ebb4-2283866e77c900e9:T=1627496410:RT=1627496410:S=ALNI_MbWGtvYYUiS6z4mWyPmqlqqsUhb8Q

2 Console Messages

Source Level URL
Text
console-api log URL: https://ld246.com/dist/skins/classic/index.86cab399ed9468f76416.js(Line 1)
Message:
%c链滴%c 记录生活,连接点滴 b3log.org Copyright © 2012-present font-size:96px;color:#3b3e43 font-size:12px;color:#4285f4
console-api warning URL: https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'indexType' of null TypeError: Cannot read property 'indexType' of null at HTMLDocument.<anonymous> (https://ld246.com/dist/skins/classic/index.86cab399ed9468f76416.js:1:59599) at e (https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js:2:30005) at t (https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js:2:30307) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31104000
X-Content-Type-Options nosniff
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b3logfile.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ld246.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.250.184.226
240e:e9:9005:2:3::3fc
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a04:4e42:3::485
47.246.43.175
055444425d46f9f9796434d397bb1b8e6ee6fdf4f2996cb113cd47da6109f99a
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
0dd7a2058917195a32fd81cfd4b886fb45c03df864f6f0c1755417fdf7be1da2
1223694938224c8ae04a16f269744a33ff94cf5fd95efe0a0d30d2c07e15bb04
179e795aac2ebe391c288a6fb8dd4b3bcfc40dfefd8a2a5f8a3250b67f8d5159
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e7e1d2756deb1d56179273ba4a9188a7c7970cde51d89d14d4aa2d65b6a6000
22125e4350932fb9dcdb9ac21dbc5d691c8af41ce2c3368700368648b5ebb573
27848746be3c8ec0de9fe2f57cb362987fe97b93563410b50fd5b0fa4aa6a4a8
2d32680f0ced514269392f03ff2d894aa2ac10ef7747d8dbb497587075c0a49e
3348c21d95c0f951d56e0ee45f1a0b728346c08f5395c849e1627c9aa2a5478a
3815f77c560a3b5999cd5a6c25e0c36711eecaa07abbe4a93312b7e01a37a777
43b6cd60a146e47d21452d59197271eb732e0e79cc54d36ad5ad98118cf579cb
441552b98b52701f227bea4b17f5c1f93f35fd6b720c0960aebf7a127c43bd50
481de68d07d6c503ce4a68bc2466f0570d4c88e241fccbfa4e9fcf89ae9527d1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54e3366aea0fb236c97a6348577c44f2940a57853cce9de10716b78570f5d2d1
56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
6074cf1763a8e736bf5210f32b605268e1e36ce51caa83e88c411eb9ed3e5f2c
656547c684d54f3dc11a43f54009f65afbf525200168025c7d8358b209204583
67cf345cf4c473ad8313631db870f9b2cc5c8464d25ee55bc9816458d3f45d8e
702f8f755dcbfc6aada2be0a7180d87ad52fdad264e114441a6edd5a1c444ee4
7060040df6bffac74508cb78f47ad843887fd1492c1a7d61410945c0ed26c4b7
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
7d359986adc8addc4f42a1a0db91586da16d62d858178d54269bbb0481a44109
7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3
7fe29d1aea6be110f3e6f4a774d327cbb8ebcf6db34ad8d20da3cfb840df5eaf
876787349b6e68a66feca6ab18e3cce5ad5b8c0170c2c2ff97cfd8acdf0867ff
876b18ee1094610795e7ec0e7a839b06f4e91a5d1a0821bdc5c33dcaddd73f1d
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9a8571d3e609a4e68151242c498820ad58eaaeab468d07ea826d7ceed49e5c0b
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a79a76068ea6178e48daa1886ccd33f885ebfec40897a0c844f8b2f6b9296516
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdcad3327c1862ddd8ed7080ec6503d1064d71afc57d15536b9f189110bd4926
d20701e6ea1e1e137c4b63042b698a95551218b6073e0569e852bba510b251e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860
eeba0ba8bd026da02c4e152099a8cbd19165155de99b474e209e2e277c006f02
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f62a8ff7c0b7077bb1c9c33b29d6276bbde33e88b1833aecedc248526509a083
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc3a2831c7ad0d52d5b5a8e3349d6673acf71458510ebe8566098ff818435d28