urlscan.io logo urlscan.io
SecurityTrails logo

gofans.cn Open in urlscan Pro
43.143.48.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://gofans.cn/
Submission Tags: analytics-framework
Submission: On April 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 43.143.48.244, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is gofans.cn.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on July 21st 2022. Valid for: a year.
This is the only time gofans.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 43.143.48.244 45090 (TENCENT-N...)
1 42.236.91.197 4837 (CHINA169-...)
3 103.235.46.191 55967 (BAIDU Bei...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
45 15
15    43.143.48.244 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
gofans.cn
1    42.236.91.197 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl
cdn.bootcdn.net
3    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
7    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:485::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is2-ssl.mzstatic.com
2    2a02:26f0:3500:48c::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is5-ssl.mzstatic.com
4    2a02:26f0:3500:487::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is1-ssl.mzstatic.com
is3-ssl.mzstatic.com
1    2a02:26f0:3500:486::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is4-ssl.mzstatic.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 gofans.cn
gofans.cn
865 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
203 KB
8 mzstatic.com
is2-ssl.mzstatic.com — Cisco Umbrella Rank: 1347
is5-ssl.mzstatic.com — Cisco Umbrella Rank: 1400
is1-ssl.mzstatic.com — Cisco Umbrella Rank: 1176
is4-ssl.mzstatic.com — Cisco Umbrella Rank: 1307
is3-ssl.mzstatic.com — Cisco Umbrella Rank: 1300
85 KB
3 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 6664
12 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
5 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
601 B
1 bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 99683
21 KB
45 10
Domain Requested by
15 gofans.cn gofans.cn
7 pagead2.googlesyndication.com gofans.cn
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 is1-ssl.mzstatic.com gofans.cn
3 hm.baidu.com gofans.cn
2 is5-ssl.mzstatic.com gofans.cn
2 www.google-analytics.com gofans.cn
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 is3-ssl.mzstatic.com gofans.cn
1 is4-ssl.mzstatic.com gofans.cn
1 is2-ssl.mzstatic.com gofans.cn
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.bootcdn.net gofans.cn
45 16

This site contains links to these domains. Also see Links.

Domain
mall.gofans.cn
www.parallels.cn
lemon.qq.com
wondershare.cn
beian.miit.gov.cn
Subject Issuer Validity Valid
gofans.cn
TrustAsia RSA DV TLS CA G2		 2022-07-21 -
2023-07-21		 a year crt.sh
cdn.bootcdn.net
TrustAsia RSA DV TLS CA G2		 2022-06-06 -
2023-06-06		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
itunes.apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-25 -
2023-05-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://gofans.cn/
Frame ID: CEC0489205705D2FE5FC541A579A50D4
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Frame ID: ED2827D62FA957C30E163D0F00940A2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1293127422149386&output=html&adk=1812271804&adf=3025194257&lmt=1682475578&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgofans.cn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682475578760&bpp=5&bdt=3007&idt=156&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6606425178437&frm=20&pv=2&ga_vid=1123966771.1682475579&ga_sid=1682475579&ga_hid=578121476&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44789762&oid=2&pvsid=3693569914257163&tmod=1146895404&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: AE9745C012E80BF058BF943D88A320F9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C09E05CB1A7576332278ED7D6341DC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B6B87F3BC548496405201F4D0F2860D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GoFans - Apple正版软件限免优惠

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

45
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

1214 kB
Transfer

3990 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gofans.cn/ 		125 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
24ead8cff708c9b5b550cf253a23c9b06c1a428024ebbc93ad5a90dd53aa89a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 26 Apr 2023 02:19:35 GMT
etag
"1f362-OpRuKoWbKoWDGBb3bmf1+5hnXpY"
server
Apache/2.4.39 @LIM.TECH
vary
Accept-Encoding
common.js
gofans.cn/assets/js/ 		900 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/assets/js/common.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
629e0bb3e08a67d6f5a2a78b1514bfd3c7707c168db1f30acca81b393acbb33a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 09:58:58 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"384-183552fc6d0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js
gofans.cn/assets/js/ 		22 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/assets/js/adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
8486fb72ef76a6dda8d0fbf6a55b871091a2ac77195802a80d5c9430dacc4b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 03:54:47 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"16-178af9e3f58"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
showdown.min.js
cdn.bootcdn.net/ajax/libs/showdown/1.9.1/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/showdown/1.9.1/showdown.min.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
42.236.91.197 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.ny.adsl
Software
nginx /
Resource Hash
8e5d7e0ceb12b3db800532a9a4e276185f245e87375d0cc1b451724b48bd5e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2882120
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20555
last-modified
Mon, 04 May 2020 16:16:14 GMT
server
nginx
cf-cdnjs-via
cfworker/kv
etag
"5eb03fce-1279a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Npa2x38N%2FCZcfdLL2DcjduYBvM%2BUbLc%2BC5ztkk%2FOfSAmCu%2Fvd7tuBFo37Q5Yk5OZ3AiHEqoiU2lHKNJ0lm0BZg%2F5CkK49XItVOQR5ZTSgoEm6oSxHG9edMzkxzNH7WEBuJlAAm6j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=6000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bd4fd2f8ae0cf4d-SJC
expires
Wed, 26 Apr 2023 12:01:27 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?15fb013c4d10ed6c7f40611ae729e460
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c764fd2a4f06d87938676196da0f2e752594f98200a285f269fca634b0c26e39
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:19:38 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
ca1eee9cd09391453f28cd454c718b3d
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11257
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1293127422149386
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c51240c1e6f770105751189d6577713e2d62d0874f85718d3c099dd5a564b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gofans.cn/
Origin
https://gofans.cn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47348
x-xss-protection
0
server
cafe
etag
782089616614205050
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:19:36 GMT
ee3322f.js
gofans.cn/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/ee3322f.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
4e9cdfeae380945e30ca220c27bb1b6ac6e39882cdd09f9bab1124f1d533e132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"9b7-18358b353f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
741af32.js
gofans.cn/vendor/ 		231 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/741af32.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
8be75c29e730eae75febe8ca19d6370cd7ed1a6fd3b6ab340855dfad08c6ed8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"39a52-18358b353f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
128fafc.css
gofans.cn/vendor/css/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/css/128fafc.css
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
14d62626e488a395665a192b552fb6a07ef7e961c7f2eced02e7c678eb0dc35f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"9b4d-18358b353f8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
00852eb.js
gofans.cn/vendor/ 		172 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/00852eb.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
0fd0c7e0e870053cad1efd3ca35af3a0cc25e9a167b722479a03ec61e50ee80b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"2b1b7-18358b353f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
9151318.css
gofans.cn/vendor/css/ 		649 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/css/9151318.css
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
1e3351e450f01f6746b5818971fe55d476adc0c733854e3388df07b1eb1e8412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"a2219-18358b353f8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
f7ee493.js
gofans.cn/vendor/ 		2 MB
474 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/f7ee493.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
2939a6553bfb1639361b4fe9df2d87d4d07423804acf7ea834de7ad748ebcb01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:35 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"1880b0-18358b353f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
logo.png
gofans.cn/assets/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofans.cn/assets/img/logo.png
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
62b7dd7c73640386f6ca0a2625bb5d9ae56cc1b52d7a4ab9d7e5722296576071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:36 GMT
last-modified
Mon, 19 Sep 2022 09:58:58 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"1ed4-183552fc6d0"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
7892
mp.png
gofans.cn/assets/img/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofans.cn/assets/img/mp.png
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
3acf785e1e8e73973c6d6522b0efac6ab66d7c47d585303bb294946ab30113da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:36 GMT
last-modified
Thu, 08 Apr 2021 03:54:47 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"11e86-178af9e3f58"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
73350
logo-white.png
gofans.cn/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofans.cn/assets/img/logo-white.png
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
ab8f2696426bb0a199bced5dbc8553398235f42615e9b9bec7cfa629198da2ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:36 GMT
last-modified
Mon, 19 Sep 2022 09:58:58 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"844-183552fc6d0"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2116
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1694214012&si=15fb013c4d10ed6c7f40611ae729e460&v=1.3.0&lv=1&sn=61059&r=0&ww=1600&u=https%3A%2F%2Fgofans.cn%2F&tt=GoFans%20-%20Apple%E6%AD%A3%E7%89%88%E8%BD%AF%E4%BB%B6%E9%99%90%E5%85%8D%E4%BC%98%E6%83%A0
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:19:38 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1293127422149386&plah=gofans.cn
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1293127422149386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
320e2dc838ff506c61770c5c26bfc126612486a5398433ff86b04b614c312a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
server
cafe
etag
2148078897285062378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 02:19:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame ED28 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1293127422149386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gofans.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28666
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:21:52 GMT
etag
2378337311435320485
expires
Tue, 09 May 2023 18:21:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Ho%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3Fclient%3Dca-pub-1293127422149386%3A191%3A328)%0Aat%20Go%20(adsbygoogle.js%3Fclient%3Dca-pub-1293127422149386%3A190%3A534)%0Aat%20No%20(adsbygoogle.js%3Fclient%3Dca-pub-1293127422149386%3A198%3A402)%0Aat%20Oo%20(adsbygoogle.js%3Fclient%3Dca-pub-1293127422149386%3A199%3A148)%0Aat%20Zo%20(adsbygoogle.js%3Fclient%3Dca-pub-1293127422149386%3A207%3A420)%0Aat%20Po%20(adsbygoogle.js%3Fclient%3Dca-pub-1293127422149386%3A205%3A89)%0Aat%20Lo.&shv=r20230420&mjsv=m202304190101&eid=44759876%2C44759927%2C44759837%2C44788441%2C44789762&client=ca-pub-1293127422149386&url=https%3A%2F%2Fgofans.cn%2F
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:19:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		385 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=gofans.cn&callback=_gfp_s_&client=ca-pub-1293127422149386
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1293127422149386&plah=gofans.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c733779e9c22ad61cc251b75831cc9eba87090ee95bcac3424eb7854c1377876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=gofans.cn
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1293127422149386&plah=gofans.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gofans.cn
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1293127422149386&plah=gofans.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AE97 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1293127422149386&output=html&adk=1812271804&adf=3025194257&lmt=1682475578&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgofans.cn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682475578760&bpp=5&bdt=3007&idt=156&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6606425178437&frm=20&pv=2&ga_vid=1123966771.1682475579&ga_sid=1682475579&ga_hid=578121476&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44788441%2C44789762&oid=2&pvsid=3693569914257163&tmod=1146895404&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1293127422149386&plah=gofans.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gofans.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:19:39 GMT
expires
Wed, 26 Apr 2023 02:19:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
0e63363.js
gofans.cn/vendor/ 		289 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/0e63363.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/vendor/ee3322f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
1b60d3078efeadce468c19ddf2c4fa7784b63c7b7fbbcc6aaa3f11649b95ee11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:39 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"484cb-18358b353f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
f925954.js
gofans.cn/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gofans.cn/vendor/f925954.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/vendor/ee3322f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
aba2d121dc9cbd6d62c1c8c429331c9d4ba193fdab6f4549f2f6eeef2dbec5c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:39 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 02:21:31 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"3feb-18358b353f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gofans.cn
URL: https://gofans.cn/vendor/f7ee493.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Apr 2023 00:27:45 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6714
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 26 Apr 2023 02:27:45 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1385028041&si=15fb013c4d10ed6c7f40611ae729e460&su=https%3A%2F%2Fgofans.cn%2F&v=1.3.0&lv=1&api=4_0&sn=61060&r=0&ww=1600&u=https%3A%2F%2Fgofans.cn%2F&tt=GoFans%20-%20Apple%E6%AD%A3%E7%89%88%E8%BD%AF%E4%BB%B6%E9%99%90%E5%85%8D%E4%BC%98%E6%83%A0
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 02:19:40 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
loading.png
gofans.cn/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gofans.cn/assets/img/loading.png
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.143.48.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.39 @LIM.TECH /
Resource Hash
17714010a1b570a1e276e02d7e94502b32b537495b361d0ffea5b4afca133010

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:40 GMT
last-modified
Thu, 08 Apr 2021 03:54:47 GMT
server
Apache/2.4.39 @LIM.TECH
etag
W/"d42-178af9e3f58"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3394
collect
www.google-analytics.com/j/ 		3 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=578121476&t=pageview&_s=1&dl=https%3A%2F%2Fgofans.cn%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GoFans%20-%20Apple%E6%AD%A3%E7%89%88%E8%BD%AF%E4%BB%B6%E9%99%90%E5%85%8D%E4%BC%98%E6%83%A0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABEAAAACAAI~&jid=1303125376&gjid=999351630&cid=1123966771.1682475579&tid=UA-137913203-2&_gid=1582401740.1682475580&_r=1&_slc=1&z=756962787
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gofans.cn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 02:19:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gofans.cn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
192x192bb.jpg
is2-ssl.mzstatic.com/image/thumb/Purple126/v4/42/ff/a0/42ffa0e5-ddac-0812-8277-da9d806287af/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is2-ssl.mzstatic.com/image/thumb/Purple126/v4/42/ff/a0/42ffa0e5-ddac-0812-8277-da9d806287af/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/192x192bb.jpg
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:485::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
cc5cfecd04f738911bb37da1b65047f86e52e1341308dd71ca7df92c788cab37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
4AHNJDWRNREKMOOJCGORZJHKUM
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
851b0c873c366eda
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE29:daiquiri-amp-processing-shared-int-001-st
cdnuuid
83fa1e6a-5f02-477d-ba50-bd65e5bfe23f-28513041
x-cache
TCP_MISS from a23-206-213-202.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-b3-parentspanid
9531e5e14b9e631b
b3
e00ed48ed16c48a639c9119d1ca4eaa3-11f137cb03b7f663
content-length
6560
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Sun, 02 Apr 2023 16:40:43 GMT
x-cache-remote
TCP_MISS from a2-20-143-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MDQ1MzY0MzI5Mixpc0J1aWxkVmVyc2lvbk5vdFNldCxhMDJiYzg5ZCxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
e00ed48e-d16c-48a6-39c9-119d1ca4eaa3
x-b3-spanid
11f137cb03b7f663
cache-control
no-transform, max-age=12460914
timing-allow-origin
*
192x192bb.jpg
is5-ssl.mzstatic.com/image/thumb/Purple123/v4/23/c4/9a/23c49ab0-b34a-5d79-f811-1c4371a83cb3/AppIcon-1x_U007emarketing-0-7-0-85-220.png/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is5-ssl.mzstatic.com/image/thumb/Purple123/v4/23/c4/9a/23c49ab0-b34a-5d79-f811-1c4371a83cb3/AppIcon-1x_U007emarketing-0-7-0-85-220.png/192x192bb.jpg
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:48c::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
da2b5089cf91d01199b46fbc6f539391339dfbac0b5654de5d251a1fd0396473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
SC77BKWNNPK2KMI5YNXW2KEYEA
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
606c94973ee1d354
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE29:daiquiri-amp-processing-shared-int-001-st
cdnuuid
d5bb70c1-4113-49b1-b594-66a0dc295109-116957966
x-cache
TCP_MISS from a23-206-213-205.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-b3-parentspanid
48cc8690d5499202
b3
90bff0aacd6bd5a5311dc36f6d289820-7a80b40f50ad20f4
content-length
3806
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Wed, 29 Mar 2023 13:05:49 GMT
x-cache-remote
TCP_HIT from a23-206-213-223.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MDA5NTE0OTY0Myxpc0J1aWxkVmVyc2lvbk5vdFNldCw1OGE4ZWUzMyxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
90bff0aa-cd6b-d5a5-311d-c36f6d289820
x-b3-spanid
7a80b40f50ad20f4
cache-control
no-transform, max-age=16783677
timing-allow-origin
*
192x192bb.jpg
is1-ssl.mzstatic.com/image/thumb/Purple123/v4/b7/79/77/b77977d7-fad2-33b3-25b4-1dea8f121c32/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is1-ssl.mzstatic.com/image/thumb/Purple123/v4/b7/79/77/b77977d7-fad2-33b3-25b4-1dea8f121c32/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/192x192bb.jpg
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:487::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
6ca4ba1b53ce807a6c7135fa6308876229932c3ee304f725ac1fc21743e303c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
Y4MUV3IXEQPSBBEKSPOTF2F4VU
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
c7194aed17241f20848a93dd32e8bcad
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE49:daiquiri-amp-processing-shared-int-001-st
cdnuuid
aa85edae-97c7-4523-974b-d6a18f3e2218-142275860
x-cache
TCP_MISS from a23-206-213-202.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3
c7194aed17241f20848a93dd32e8bcad-aa07a8abcb346c0f
content-length
19808
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Fri, 21 Apr 2023 15:23:28 GMT
x-cache-remote
TCP_MISS from a193-108-94-159.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MjA5MDYwODY5NCxpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDM5OCxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
c7194aed-1724-1f20-848a-93dd32e8bcad
x-b3-spanid
aa07a8abcb346c0f
cache-control
no-transform, max-age=13654649
timing-allow-origin
*
192x192bb.jpg
is4-ssl.mzstatic.com/image/thumb/Purple112/v4/5b/ca/04/5bca048e-7fe9-0e1a-8f6b-1b336c42ce2e/AppIcon-2-1x_U007emarketing-0-7-0-85-220.png/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is4-ssl.mzstatic.com/image/thumb/Purple112/v4/5b/ca/04/5bca048e-7fe9-0e1a-8f6b-1b336c42ce2e/AppIcon-2-1x_U007emarketing-0-7-0-85-220.png/192x192bb.jpg
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:486::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
afb9718b86ea4329dedf1d3e7f8474c40eb4fb4613ff6757cb603e9778107b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
EQVRWHQPQZMTZL7TEHTVYNGU44
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
242b1b1e0f86593caff321e75c34d4e7
x-daiquiri-instance
daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE39:daiquiri-amp-processing-shared-int-001-mr
cdnuuid
f1c8db03-d0cd-4a99-ba3c-5e3694fc5d17-29865550
x-cache
TCP_MISS from a23-206-213-208.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3
242b1b1e0f86593caff321e75c34d4e7-ace93eaafd2667ed
content-length
6439
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Sun, 16 Apr 2023 06:00:01 GMT
x-cache-remote
TCP_MISS from a2-20-143-158.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MTYyNDgwMTEwMCxpc0J1aWxkVmVyc2lvbk5vdFNldCw1MDE4MSxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
242b1b1e-0f86-593c-aff3-21e75c34d4e7
x-b3-spanid
ace93eaafd2667ed
cache-control
no-transform, max-age=15146096
timing-allow-origin
*
192x192bb.jpg
is5-ssl.mzstatic.com/image/thumb/Purple112/v4/f5/43/30/f5433010-27f5-457b-e563-a2bc619222b1/AppIcon-2-1x_U007emarketing-0-7-0-85-220.png/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is5-ssl.mzstatic.com/image/thumb/Purple112/v4/f5/43/30/f5433010-27f5-457b-e563-a2bc619222b1/AppIcon-2-1x_U007emarketing-0-7-0-85-220.png/192x192bb.jpg
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:48c::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
d53ad3f9ed51df3813b7369d1bf15acd0ea8947b4442d76b269e93b9be7d4def
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
AMZI2EDT4MRWCZOZBOOYZ44J2U
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
03328d1073e3236165d90b9d8cf389d5
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE39:daiquiri-amp-processing-shared-int-001-st
cdnuuid
ec1ce6cd-11ac-48f8-ba11-3d3c5e4a71d0-30415753
x-cache
TCP_MISS from a23-206-213-205.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3
03328d1073e3236165d90b9d8cf389d5-6df155072c9914ce
content-length
6802
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Wed, 12 Apr 2023 14:41:14 GMT
x-cache-remote
TCP_HIT from a193-108-94-131.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MTMxMDQ3NDQyNCxpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDUyNSxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
03328d10-73e3-2361-65d9-0b9d8cf389d5
x-b3-spanid
6df155072c9914ce
cache-control
no-transform, max-age=13050025
timing-allow-origin
*
192x192bb.jpg
is3-ssl.mzstatic.com/image/thumb/Purple126/v4/15/8e/f0/158ef068-6caa-8b79-91ed-59e8eeb329e6/AppIcon-0-0-1x_U007emarketing-0-0-0-10-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is3-ssl.mzstatic.com/image/thumb/Purple126/v4/15/8e/f0/158ef068-6caa-8b79-91ed-59e8eeb329e6/AppIcon-0-0-1x_U007emarketing-0-0-0-10-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/192x192bb.jpg
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:487::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
e7daf602809a3adb1c7e75891bec4cbc90449d8a720eb53b0f8e80134c64c57b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
EXKRQOBHNWX4CZQF4PFC4OBF2M
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
25d51838276dafc16605e3ca2e3825d3
x-daiquiri-instance
daiquiri:33624002:pv50p00it-hyhk12033901:7987:23RELEASE21:daiquiri-amp-processing-shared-int-001-pv
cdnuuid
d5f5c064-907d-4ffd-b20c-a4378c0228ce-142878498
x-cache
TCP_MISS from a23-206-213-202.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3
25d51838276dafc16605e3ca2e3825d3-106f0f08a76435e6
content-length
8309
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Mon, 20 Mar 2023 16:05:53 GMT
x-cache-remote
TCP_MISS from a2-20-143-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3OTMyODM1MzU3NSxpc0J1aWxkVmVyc2lvbk5vdFNldCw2MDA4MCxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
25d51838-276d-afc1-6605-e3ca2e3825d3
x-b3-spanid
106f0f08a76435e6
cache-control
no-transform, max-age=16170686
timing-allow-origin
*
192x192bb.png
is1-ssl.mzstatic.com/image/thumb/Purple114/v4/34/5e/fc/345efc37-1595-e9d2-722e-78da897e97d2/app_mac_store.png/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is1-ssl.mzstatic.com/image/thumb/Purple114/v4/34/5e/fc/345efc37-1595-e9d2-722e-78da897e97d2/app_mac_store.png/192x192bb.png
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:487::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
69ea4b5c10aab48f59634a598c61d41d416d7feeae7707bcb215b366115dceb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
3JNMHX2XIRVSU5ZN74MAFXFRAM
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
da5ac3df57446b2a772dff1802dcb103
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE10:daiquiri-amp-processing-shared-int-001-st
cdnuuid
3d228385-7336-4683-9dce-e511e73afcdf-75303207
x-cache
TCP_MISS from a23-206-213-202.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3
da5ac3df57446b2a772dff1802dcb103-955ea3ddf76e4cb9
content-length
23786
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Wed, 01 Mar 2023 04:35:42 GMT
x-cache-remote
TCP_HIT from a23-206-213-205.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjQuMC0yM0IsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY3NzY0NTM0MjIzNyxpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDI4Nixub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
da5ac3df-5744-6b2a-772d-ff1802dcb103
x-b3-spanid
955ea3ddf76e4cb9
cache-control
no-transform, max-age=14108807
timing-allow-origin
*
192x192bb.jpg
is1-ssl.mzstatic.com/image/thumb/Purple113/v4/59/53/ef/5953ef15-550e-f50d-8a46-4ade65ea439b/AppIcon-0-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-7.png/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/59/53/ef/5953ef15-550e-f50d-8a46-4ade65ea439b/AppIcon-0-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-7.png/192x192bb.jpg
Requested by
Host: gofans.cn
URL: https://gofans.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:487::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
d8c389b85c1e778da62bff67fd19654d598888120c8b16db81219532549cd71e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-apple-jingle-correlation-key
46RZ67D5ORJWY5HJJU6VYE5U54
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Apr 2023 02:19:40 GMT
x-b3-traceid
e7a39f7c7d74536c74e94d3d5c13b4ef
x-daiquiri-instance
daiquiri:13624002:mr85p00it-hyhk03094901:7987:23RELEASE29:daiquiri-amp-processing-shared-int-001-mr
cdnuuid
a00535af-e554-4a5e-b614-5f729795e1c3-29191714
x-cache
TCP_MISS from a23-206-213-202.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
b3
e7a39f7c7d74536c74e94d3d5c13b4ef-05748793ade65f10
content-length
4064
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Tue, 28 Mar 2023 14:35:56 GMT
x-cache-remote
TCP_MISS from a193-108-94-159.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
etag
"MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MDAxNDE1NjcxNCxpc0J1aWxkVmVyc2lvbk5vdFNldCw1MDI4NCxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
e7a39f7c-7d74-536c-74e9-4d3d5c13b4ef
x-b3-spanid
05748793ade65f10
cache-control
no-transform, max-age=15603022
timing-allow-origin
*
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230420&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1293127422149386&plah=gofans.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc14b9acc438c9fa0bfae4459752ce50190eccc28bdb8763801a0c7afdda1b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11376
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1293127422149386&plah=gofans.cn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:19:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C09 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gofans.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 20:41:50 GMT
expires
Wed, 24 Apr 2024 20:41:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B6B8 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
efa032da0d039e773c9944452da8c1f559646ce0a431519e787f6963ac98cbb7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bCjLU6HGSE7peRS9CcV1lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gofans.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-bCjLU6HGSE7peRS9CcV1lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 02:19:40 GMT
expires
Wed, 26 Apr 2023 02:19:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 5C09 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 09:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
59482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 09:48:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B6B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230420&jk=3693569914257163&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5C09 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?e-3K_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:19:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230420&jk=3693569914257163&bg=!7O-l77vNAAYfNdXmPzU7ADkAdvg8Wjz23h9qZMMFa3HA1sjwaXap6ijh7ZDXNNfujoccIdhJ0racH2f71pgWqiBU-_MiR82xHEUCAAAAVFIAAAACaAEHmQLhCceTdZjJfpKM62RkQqCIKJE6pRnJoMluU8f6t9F2mkyfu9lY-c-3cSDTst83sjepZKY3u5OrVzXziqhaUhl-i-_7pHU7iOaMpSYlT4QF2ZUQLNFR722nKw9tpv20Xf-MLb-6W9_SHgXQ0_c6R6XTkDKCqOfsnU-Sg5wDOpjxDTfyii6PauYAEP_878qOg2v9_W7xDpSV764aMNhnjIWan2lwPOqjnnZnZgd4Fbg6-5d5Qy-K6GAB5E1L8RhPgeNVBv6jmxfexTFZWgkFJMGPD4Zl9WWUolk_ioqCyrxXDVdF0v1GsNkQh6d941XOEFQHM4k-l5jnDZK1TBFb5xmABypQk_4vjUpjoTwWZ_a4EX0P9H5_gAl7fJlU7JtZwfXKTC_VhK8rKtT-0FeIr4K73gwE2IU7S1lejr3lmr-rUO4SUWGpfJlsmvftjmiVvN3L609dPKs8j9J8Hg5--vgLJPfr2IywsdMgZYd5HJBE66hC3h1kvmjQFcodSwsLY_eG_WAMIYaCi5vcZD9mlrUdqhupFyGp3D7dGvSkPmjuhdxQyB1bWU4ssSFdDY0fHHT-dcMlHlZMLOZG9UZXwa73tm5yTy_dEi6K9lqZMrurJIF4oFf8DOutZS8Kszzmv1M0MuNKLkgSzXt3LR9prRLQhY2TjSghBEnmhpLABz2oE_6R1Y6zhtis57IYxGqDSS3L-QiMM_DyOMGNVzIoGRX2ZEehO-EGJaWshnFdxl4cxDrdweCpE9qA_u0_MRvKBZN4IAiR9UQz_e1ckDtax8Mmim8_T1ryJv-sTfDfwcvOAgjsR5IZXWzWt7LtXtlkcxadI6-3nY1GB3_4t9UmZMjDBO-KM9KME68iMyVodwkrUPMLBk7Z19IxMUwi2pjxf-nCbQR7eJtFQ-0JYQRRJLRb5qOCe2EBlhxBEBHXKfAQiIXlv2A6-lbbP7QLI_26NYafvb0KxuWcLB--6PoZ1fG6JHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gofans.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| theme boolean| killads object| showdown object| adsbygoogle boolean| __abg_called object| __NUXT__ boolean| _bdhm_loaded_15fb013c4d10ed6c7f40611ae729e460 object| _hmt object| mini_tangram_log_mlevvo object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map object| google_image_requests number| google_rum_task_id_counter object| webpackJsonp string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| mini_tangram_log_esu6t7 object| $nuxt function| ga object| gaplugins boolean| ga-disable-UA-137913203-2 object| gaData object| GoogleGcLKhOms

9 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: EDB8796C719DFB1D
.gofans.cn/ Name: Hm_lvt_15fb013c4d10ed6c7f40611ae729e460
Value: 1682475579
.gofans.cn/ Name: Hm_lpvt_15fb013c4d10ed6c7f40611ae729e460
Value: 1682475579
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.gofans.cn/ Name: __gads
Value: ID=c8960a210d6e6737-22bd7ae1acdd0003:T=1682475579:RT=1682475579:S=ALNI_MZAuL5KHLvj99Ft88yfwLcEJBgEig
.gofans.cn/ Name: __gpi
Value: UID=00000befbb975f8f:T=1682475579:RT=1682475579:S=ALNI_MaFNcvQOz8DjOUz8CzUd468GvziRg
.gofans.cn/ Name: _ga
Value: GA1.2.1123966771.1682475579
.gofans.cn/ Name: _gid
Value: GA1.2.1582401740.1682475580
.gofans.cn/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.bootcdn.net
gofans.cn
googleads.g.doubleclick.net
hm.baidu.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
is5-ssl.mzstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
103.235.46.191
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::200e
2a02:26f0:3500:485::2a1
2a02:26f0:3500:486::2a1
2a02:26f0:3500:487::2a1
2a02:26f0:3500:48c::2a1
42.236.91.197
43.143.48.244
0fd0c7e0e870053cad1efd3ca35af3a0cc25e9a167b722479a03ec61e50ee80b
14d62626e488a395665a192b552fb6a07ef7e961c7f2eced02e7c678eb0dc35f
17714010a1b570a1e276e02d7e94502b32b537495b361d0ffea5b4afca133010
1b60d3078efeadce468c19ddf2c4fa7784b63c7b7fbbcc6aaa3f11649b95ee11
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e3351e450f01f6746b5818971fe55d476adc0c733854e3388df07b1eb1e8412
24ead8cff708c9b5b550cf253a23c9b06c1a428024ebbc93ad5a90dd53aa89a2
2939a6553bfb1639361b4fe9df2d87d4d07423804acf7ea834de7ad748ebcb01
320e2dc838ff506c61770c5c26bfc126612486a5398433ff86b04b614c312a1d
3acf785e1e8e73973c6d6522b0efac6ab66d7c47d585303bb294946ab30113da
4e9cdfeae380945e30ca220c27bb1b6ac6e39882cdd09f9bab1124f1d533e132
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629e0bb3e08a67d6f5a2a78b1514bfd3c7707c168db1f30acca81b393acbb33a
62b7dd7c73640386f6ca0a2625bb5d9ae56cc1b52d7a4ab9d7e5722296576071
69ea4b5c10aab48f59634a598c61d41d416d7feeae7707bcb215b366115dceb6
6ca4ba1b53ce807a6c7135fa6308876229932c3ee304f725ac1fc21743e303c4
7c51240c1e6f770105751189d6577713e2d62d0874f85718d3c099dd5a564b82
8486fb72ef76a6dda8d0fbf6a55b871091a2ac77195802a80d5c9430dacc4b84
8be75c29e730eae75febe8ca19d6370cd7ed1a6fd3b6ab340855dfad08c6ed8b
8e5d7e0ceb12b3db800532a9a4e276185f245e87375d0cc1b451724b48bd5e8a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab8f2696426bb0a199bced5dbc8553398235f42615e9b9bec7cfa629198da2ad
aba2d121dc9cbd6d62c1c8c429331c9d4ba193fdab6f4549f2f6eeef2dbec5c4
afb9718b86ea4329dedf1d3e7f8474c40eb4fb4613ff6757cb603e9778107b1a
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c733779e9c22ad61cc251b75831cc9eba87090ee95bcac3424eb7854c1377876
c764fd2a4f06d87938676196da0f2e752594f98200a285f269fca634b0c26e39
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc5cfecd04f738911bb37da1b65047f86e52e1341308dd71ca7df92c788cab37
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d53ad3f9ed51df3813b7369d1bf15acd0ea8947b4442d76b269e93b9be7d4def
d8c389b85c1e778da62bff67fd19654d598888120c8b16db81219532549cd71e
da2b5089cf91d01199b46fbc6f539391339dfbac0b5654de5d251a1fd0396473
dc14b9acc438c9fa0bfae4459752ce50190eccc28bdb8763801a0c7afdda1b5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7daf602809a3adb1c7e75891bec4cbc90449d8a720eb53b0f8e80134c64c57b
efa032da0d039e773c9944452da8c1f559646ce0a431519e787f6963ac98cbb7