urlscan.io logo urlscan.io
SecurityTrails logo

www.xuehua.us Open in urlscan Pro
2606:4700:e6::ac40:c116  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xuehua.us/
Submission: On March 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 69 HTTP transactions. The main IP is 2606:4700:e6::ac40:c116, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xuehua.us.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 28th 2020. Valid for: a year.
This is the only time www.xuehua.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2606:4700:e6::ac40:c116 (United States)

ASN13335 (CLOUDFLARENET, US)
www.xuehua.us
15    2606:4700:3030::ac43:c25f (United States)

ASN13335 (CLOUDFLARENET, US)
pic1.xuehuaimg.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    184.30.24.107 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-107.deploy.static.akamaitechnologies.com
s7.addthis.com
5    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    220.194.223.87 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
dfzximg01.dftoutiao.com
4    163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)
www.tiyuxiu.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com
z.moatads.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
15 pic1.xuehuaimg.com www.xuehua.us
pic1.xuehuaimg.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 dfzximg01.dftoutiao.com www.xuehua.us
7 pagead2.googlesyndication.com www.xuehua.us
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 www.google.com 1 redirects cse.google.com
www.xuehua.us
5 www.xuehua.us www.xuehua.us
4 www.tiyuxiu.com www.xuehua.us
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s7.addthis.com www.xuehua.us
s7.addthis.com
1 www.google.de www.xuehua.us
1 stats.g.doubleclick.net www.google-analytics.com
1 z.moatads.com s7.addthis.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cse.google.com www.xuehua.us
1 www.googletagmanager.com www.xuehua.us
69 19

This site contains links to these domains. Also see Links.

Domain
www.xuehua.tw
www.miitbeian.gov.cn
www.addthis.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-28 -
2021-08-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2021-04-07		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.dftoutiao.com
WoTrus DV SSL CA		 2020-03-09 -
2021-04-09		 a year crt.sh
www.tiyuxiu.com
Encryption Everywhere DV TLS CA - G1		 2021-03-17 -
2022-03-17		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.xuehua.us/
Frame ID: 7A0CD28E29BFE68BE448C80AF3D537DB
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 4DB8EEDD4A94C16B237B8EE83CBB4E89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&adk=1812271804&adf=3025194257&lmt=1616102180&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xuehua.us%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616102180149&bpp=20&bdt=194&idt=199&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1722780151451&frm=20&pv=2&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: B7FBA7D20472A22A46403847E2521F81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Frame ID: 8574EDC2137E744B4AA67ED2070046AC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5B483741A3B6551A11FAD60C61F92147
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Frame ID: FF153D098FB224FDC89AE4C3636FCA57
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 719C8F25572356DCBFB6BE557B2DA2C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /addthis\.com\/js\//i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

69
Requests

100 %
HTTPS

72 %
IPv6

14
Domains

19
Subdomains

19
IPs

4
Countries

1616 kB
Transfer

3112 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xuehua.us/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e322a2aafcaa15a73b9e8c658eb3e288f6e9e861a6520e16e06c7cbd9f9b1fe

Request headers

:method
GET
:authority
www.xuehua.us
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:19 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d36535e55f6f9cad85d977baa9b50a88f1616102179; expires=Sat, 17-Apr-21 21:16:19 GMT; path=/; domain=.xuehua.us; HttpOnly; SameSite=Lax; Secure
x-cache-status
HIT
cf-cache-status
DYNAMIC
cf-request-id
08e8cb5c2e00005363712ad000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rXJ1jeDjoyytGNXiRj8DeajbakwH8O6AI2gIUuHc%2F5Ntdg3WkMtySPcOvyPsrhb07BbZyhvcCYwuX%2Fqa2bFXta954A%2Bka%2FzcCwSCbiYufH9gvODED12Vljeb"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
63217b404dba5363-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
-6QfBS5p6sQej_nEkdX0VXQ52lc.js
www.xuehua.us/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xuehua.us/cdn-cgi/apps/head/-6QfBS5p6sQej_nEkdX0VXQ52lc.js
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d8f6d6ab27461b0f7c6826e055ec710d0f0196e3d5135efd0e9d7cd9ff1506

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2637624
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9T3R8HCTAVBW7R2Y
x-amz-id-2
LfORrtrOQtPwg7xwIuf8vM20wWWh4bUWhxZjhTIwNX22D1mOLUwluI8KDjpY22xO6ODbh3uoCd8=
last-modified
Sat, 25 Apr 2020 08:08:37 GMT
server
cloudflare
etag
W/"54f1adb5654795910d96e06b16e6c4ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7nuJnVeIZLiHs4EMoH5hMdhzG1IyBSQH%2F3017SAz%2Bo1nIYq8w3uXqlHAzaQrZH4HSkMH0g8cbk9OQg%2B4LQmA2ZB8TUhYMlMXkNAUqrIvs95X5eQE1nCcbx2D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
WCf5U5Pe8D.6yfjuDtuqfxD6eh0eCaQX
cache-control
public, max-age=31536000
cf-request-id
08e8cb5c780000536328a66000000001
cf-ray
63217b40be8b5363-FRA
fontello.css
pic1.xuehuaimg.com/static/theme2/font/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/theme2/font/fontello.css?v=a1284121e94d07c9adeb205a32e2164e
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ff6d4b304544c70c318ec062f46f21afdb9b864db8b596c7cb6db4936071db1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7257234
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5c9100004a6204864000000001
last-modified
Sat, 25 Apr 2020 15:05:12 GMT
server
cloudflare
etag
W/"a1284121e94d07c9adeb205a32e2164e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W9Q%2FP%2FKMpWnNUvizbH742k8m3g9xP5u%2B5YSqsvuF4StpaWErdLW74NZ9cV9RaXghal%2FR7w6ZtBiqmwX838dxhnebZiYjMSo3fMKTpI0X8kqLliGM1xjPb0q%2BxbU%2F8HM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b40ef3a4a62-FRA
expires
Sun, 22 Dec 2030 21:22:25 GMT
style.css
pic1.xuehuaimg.com/static/theme2/ 		83 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/theme2/style.css?v=179918b8e8c9b624ba22a31cdb5d339d
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa849933b72485ace2fb1b946180301d9a00131051bed053fa72f666f5016cf1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2630403
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5c9100004a62ce001000000001
last-modified
Sun, 28 Jun 2020 18:55:46 GMT
server
cloudflare
etag
W/"179918b8e8c9b624ba22a31cdb5d339d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BvgBkjPYWgXhIK%2Fn6UlN%2FfQbPmfOBWG6Z84GBZQt6qBL6Kod8NoGZFzRrvEzVZhdmfPSR3ZZ0QIs89FMZQTJ9kGc4wmpH3Jy7787om4RgGh1rmJVO4hvW9xsgqwDI%2FA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/css
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b40ef3e4a62-FRA
expires
Fri, 14 Feb 2031 10:36:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49785
x-xss-protection
0
server
cafe
etag
5737719656913929434
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 21:16:20 GMT
api.js
www.xuehua.us/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xuehua.us/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ffxwnXbJROVcFMcfygZ6goqB7eAsNM3UBA98Wd%2F%2FaLl88VQcJQQGvdJnV6S7p4ub3hBRrHNc55%2FfzG0TfG3Yyi1yGax8qIK5iQUuBO%2Fqw%2BmUerh5lA%2FGj0PH"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
63217b411f1c5363-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cac000053634c2d1000000001
logo.jpg
pic1.xuehuaimg.com/static/theme2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic1.xuehuaimg.com/static/theme2/logo.jpg?v=b4828e21c9db9eda410f1d91e1e5f6ec
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c343a18c0b5cfccc29318f269a9fc61ad985d886e8b0adbc3fdd762eef7c8681

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2629421
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cad00004a62ebaf1000000001
last-modified
Sat, 25 Apr 2020 15:38:46 GMT
server
cloudflare
etag
W/"b4828e21c9db9eda410f1d91e1e5f6ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1MpzYcucOA4UsJ579cDodSgDPqJp7aEsWH4ZO001%2BzqK1klyzpk5xCwHPG1DXI5UhvmUatc14Km9CKCKfztPd7un%2BwlU%2FlvkfZi3kGiX1qNMNYPR%2FMh8TimD2jbx9XY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411fa44a62-FRA
expires
Fri, 14 Feb 2031 10:52:39 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113511599-1
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3ea892f3b93cd326407dfa68eee238973ea8348f4d5b899fd631addc54ceacc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39099
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Mar 2021 21:16:20 GMT
jquery-3.3.1.min.js
pic1.xuehuaimg.com/static/js/lib/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/js/lib/jquery-3.3.1.min.js?v=378087a64e1394fc51f300bb9c11878c
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7257235
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5ca800004a6215ba8000000001
last-modified
Wed, 01 Apr 2020 15:11:20 GMT
server
cloudflare
etag
W/"378087a64e1394fc51f300bb9c11878c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zoG6xQIC8rVBv2JuMeSUWVH6aoFZ3Dd3dnnO8Vn%2BuAaXK3HEttaoE0JqSlO%2FofPWgcVwgYQVvoehg8R7gLZI4M1YYJIKbFmogC8m%2BcHWl2H5sjbOC9cfEdCwg%2FmGlts%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b410f904a62-FRA
expires
Sun, 22 Dec 2030 21:22:25 GMT
custom_fix.js
pic1.xuehuaimg.com/static/theme2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/theme2/custom_fix.js?v=67176d8c043da99ebd9192b1cadb88ff
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd553ac7c7846c116bbb96afd9968b6eb640968ccaae6b76735febd3133c911

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7257235
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cad00004a62ea2d7000000001
last-modified
Tue, 14 Jul 2020 16:01:44 GMT
server
cloudflare
etag
W/"67176d8c043da99ebd9192b1cadb88ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=19epC7CZKsvi4qM2rvzpMxM8L7mmrAwVVd2h%2FofIgme16S01AkakHgW3cfCOiNpGN8E8xJlPlCSsNLq4hUddUQFDzNxkhICXVc8EXwaKUjWvN9DMtoCQATYBg9VebTY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411fa54a62-FRA
expires
Sun, 22 Dec 2030 21:22:25 GMT
bootstrap.min.js
pic1.xuehuaimg.com/static/lib/bootstrap-4.3.1-dist/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/lib/bootstrap-4.3.1-dist/js/bootstrap.min.js?v=0a958254db529f99f475080fe2a6dcdb
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7257235
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5ca800004a62a59cd000000001
last-modified
Wed, 01 Apr 2020 15:11:22 GMT
server
cloudflare
etag
W/"0a958254db529f99f475080fe2a6dcdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6Y7kMtKU%2FxiLCRSjTiCSxcrC4sNU2l8rJE47Mk91HRKvdfRvo4LD8SMTqSfodhUKKCiVInKO1vrQpiObDpcAZDa7tlP%2BhDKyfc9QRr4Llpi793sH1hUTjhf40m%2F1Rs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b410f914a62-FRA
expires
Sun, 22 Dec 2030 21:22:25 GMT
traveler.js
pic1.xuehuaimg.com/static/theme2/ 		2 KB
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/theme2/traveler.js?v=beb31303100bc51b23ce63b9c5b18510
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf5c3939eda1cb2c886478cc73ac361c99e96b720d8c16a8f7c2f7dd4601cbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7262921
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cab00004a62d12de000000001
last-modified
Wed, 13 May 2020 21:20:10 GMT
server
cloudflare
etag
W/"beb31303100bc51b23ce63b9c5b18510"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yqtHaULaovKlb24vw%2F4XyAy%2BdrYA7WssolrU2FkceamjMGRNTZhg6e7O9%2FvBjb3obs7X4NpWHFKbEK8lWVNKsEML6yxyftHXpObMHWa8ad%2FGRIuiNkT91QfN3MCHf%2FU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411f9b4a62-FRA
expires
Sun, 22 Dec 2030 19:47:39 GMT
common.js
pic1.xuehuaimg.com/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/js/common.js?v=7a644645723d14905b50ac6142ebbfdc
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8558d03dc94c1eb4b77309f0e15f458a5e9f3a2fdf0f6a58e288b8401926669b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2631834
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cac00004a62e5262000000001
last-modified
Wed, 01 Apr 2020 15:11:20 GMT
server
cloudflare
etag
W/"7a644645723d14905b50ac6142ebbfdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fB9DhFm8WY3vtGFcoT8Rh%2FWiWAtRb8ayyr8S9UFB3PgjATbOwWUXLRxlye5EKGJQc3sjrD9QClqnJruwO7EerK4mXvam1ELapVp62%2B5XkA4rZX40rXDSitIgzhZxE2k%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411f9d4a62-FRA
expires
Fri, 14 Feb 2031 10:12:26 GMT
lozad.min.js
pic1.xuehuaimg.com/static/lib/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/lib/lozad.min.js?v=ee29695416efebf4fddc99090fa1b30d
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545bd37d6f9aafabf5712510acf4b7a806168f8a1c1f8e2a55690a232c5cc759

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7257235
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cac00004a62d9b4e000000001
last-modified
Fri, 15 May 2020 07:30:42 GMT
server
cloudflare
etag
W/"ee29695416efebf4fddc99090fa1b30d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zQoynqMO3SwNBY%2B8yq7cMPjh0uqlGgORg8kQnKdHDjMiPFQqKYCTloKQDeep2jqLI%2BRoPlpi7gXnHafwMVY4vzk6SbF8N7sENFMnx%2BQ5xS8tJMw1KJs30%2Bf%2FTAePnZ4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411f9e4a62-FRA
expires
Sun, 22 Dec 2030 21:22:25 GMT
vue.min.js
pic1.xuehuaimg.com/static/lib/vue/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/lib/vue/vue.min.js?v=b1731c619c5cfe8f99fadd639a3fcc30
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7257235
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cac00004a62b893d000000001
last-modified
Sat, 30 May 2020 07:23:48 GMT
server
cloudflare
etag
W/"b1731c619c5cfe8f99fadd639a3fcc30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eRBNHPDK6XKkRf2zxKF2%2FOSpZxvpaZSFh3LkCokY82GhHSxVKTEu4Iv2g09S9e%2BYR0fDM8ZOmZm384owjokzYWZO465k%2F750E08Y45we%2BVXBDpfAmhQH0VK8dhsf7z4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411fa04a62-FRA
expires
Sun, 22 Dec 2030 21:22:25 GMT
axios.min.js
pic1.xuehuaimg.com/static/lib/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/lib/axios.min.js?v=caae0dc45aaba09fc2b523a8df42a8c2
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cbfa12582f0e561f22a7ef740f0d6a91d8046ab2f56372241a43c5a1efe6d74

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
7257235
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cac00004a62efbb0000000001
last-modified
Sat, 30 May 2020 07:27:06 GMT
server
cloudflare
etag
W/"caae0dc45aaba09fc2b523a8df42a8c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qdiRFLU8AavxjYn%2FFMeP1sZkkJ%2BFWmRtTD0z0ep0Cn0hSecqx24CP197LFDrphEj1ttFy1lvqn%2Fah%2BcRJNIJhsiRmvy4FZ8TjTz6i%2Bl6hFvAoT04mTRC0w1JmeoQ2Go%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411fa14a62-FRA
expires
Sun, 22 Dec 2030 21:22:25 GMT
readmore.js
pic1.xuehuaimg.com/static/theme2/ 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/theme2/readmore.js?v=0891aa82392c659595f27c45169ffa30
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ed0921b2c0e6a411a38fc1e8ecf61c059469c203a7bae9d530c667be7d86326

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cac00004a620304a000000001
last-modified
Sun, 24 May 2020 15:28:54 GMT
server
cloudflare
etag
W/"0891aa82392c659595f27c45169ffa30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v%2BdFGNwI6MKb%2BiTuOrZTcP%2Blq%2Bb5ySIqK2rZwcmHfkOeiTjkFyMjr49uZk8mYLBsO4GY1QCsJ6%2FOuo4rFyQN33KbLoJEA%2BGu%2B62xHYx6xjgFlFbJh8bFRUdxRrS04og%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
cf-ray
63217b411fa24a62-FRA
expires
Sun, 16 Mar 2031 21:16:20 GMT
NJsxxhD1VtdbCtHXccJPiojcngs.js
www.xuehua.us/cdn-cgi/apps/body/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xuehua.us/cdn-cgi/apps/body/NJsxxhD1VtdbCtHXccJPiojcngs.js
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/cdn-cgi/apps/head/-6QfBS5p6sQej_nEkdX0VXQ52lc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c5b74b490c1cc528621c8409564e6ab52feaf46377898f6a8f7b38134033efc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2637625
content-type
application/javascript; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
722D32281F2B6F3D
x-amz-id-2
/TAChfjPz0WPfkB9f5x+zJpjI2OB50ufcA0HZ4KrEb1YvKO9Np4tW9BR+o7t3VTK3yroLMbXnQY=
last-modified
Sat, 25 Apr 2020 08:08:37 GMT
server
cloudflare
etag
W/"6bb98f6c8069529c57c47c667a91b6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bzBpk1XUI%2BhnYS8WS3ZUKaDx3QFM0vAQsVDMVMqQ%2FPkxePzDHhM4x%2FsSFIV9j7f4ewZTJi3ZFdgCJFL4e4lEqTY12LV5gM5VjI0HmFlqVEdFp4hSTTR3%2FqHx"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
6XDvXQjz9rC7zWKW6_D9xta_MXHR_IUV
cache-control
public, max-age=31536000
cf-request-id
08e8cb5cae000053635e201000000001
cf-ray
63217b411f1d5363-FRA
cse.js
cse.google.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=012659607576223787520:m9-uh9i1g6w
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
b18237415a51fa6e296e5dd5198937ffd543aadc5f2b73b4d82d7b912c7836fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2908
x-xss-protection
0
expires
Thu, 18 Mar 2021 21:16:20 GMT
vficons.png
pic1.xuehuaimg.com/static/theme2/img/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic1.xuehuaimg.com/static/theme2/img/vficons.png
Requested by
Host: pic1.xuehuaimg.com
URL: https://pic1.xuehuaimg.com/static/theme2/style.css?v=179918b8e8c9b624ba22a31cdb5d339d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f4a31725563dcc41612756c2347b939e99e81c1c5c1bcef2caaa16c40127d8

Request headers

Referer
https://pic1.xuehuaimg.com/static/theme2/style.css?v=179918b8e8c9b624ba22a31cdb5d339d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
cf-cache-status
HIT
last-modified
Sat, 25 Apr 2020 15:13:22 GMT
server
cloudflare
age
1236060
etag
W/"e9fe9b39478bcdb70e24370475c52c4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rTOVvY9YTZRJ6pSjtZ0FmW6Y%2FPZ2QBSVR8e2bT%2BURXczEFBJn1TCw%2FlB9SefUY1L2ePZTWAn63yJed%2FLO6eeguAWPjDn2VPfA5AWaR50NwXw%2Fg9hdTnKNOImzdEQzI0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
63217b411fb54a62-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5cb300004a621b19e000000001
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/cdn-cgi/apps/body/NJsxxhD1VtdbCtHXccJPiojcngs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Thu, 18 Mar 2021 21:16:20 GMT
x-host
s7.addthis.com
content-length
116325
cse_element__de.js
www.google.com/cse/static/element/323d4b81541ddb5b/ 		275 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012659607576223787520:m9-uh9i1g6w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 12:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jan 2021 19:23:46 GMT
server
sffe
age
32846
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92401
x-xss-protection
0
expires
Fri, 18 Mar 2022 12:08:54 GMT
default+de.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012659607576223787520:m9-uh9i1g6w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 12:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jan 2021 19:23:46 GMT
server
sffe
age
32846
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9032
x-xss-protection
0
expires
Fri, 18 Mar 2022 12:08:54 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012659607576223787520:m9-uh9i1g6w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 20:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
age
2841
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
expires
Thu, 18 Mar 2021 21:18:59 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86501
x-xss-protection
0
server
cafe
etag
16342648926818324530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 21:16:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 4DB8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210316/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 18 Mar 2021 18:01:35 GMT
expires
Thu, 01 Apr 2021 18:01:35 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
11685
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fontello.woff
pic1.xuehuaimg.com/static/theme2/font/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pic1.xuehuaimg.com/static/theme2/font/fontello.woff
Requested by
Host: pic1.xuehuaimg.com
URL: https://pic1.xuehuaimg.com/static/theme2/font/fontello.css?v=a1284121e94d07c9adeb205a32e2164e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca4a40fc9f8da19a6cc1edb3466d3cdb027818593c60b0bcba368f3eb8254ab

Request headers

Origin
https://www.xuehua.us
Referer
https://pic1.xuehuaimg.com/static/theme2/font/fontello.css?v=a1284121e94d07c9adeb205a32e2164e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2626132
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30112
cf-request-id
08e8cb5d6400004e2cd5324000000001
last-modified
Sat, 25 Apr 2020 15:07:34 GMT
server
cloudflare
etag
"3a0a356fad0466a14801135308aad8b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=59HxXTVUrY0Bdw%2F3u4LrPOVEiKhtk3tm4ZlJzC6pvyoBerVC14gOJJhnN3iDcYUbUi9Y6JULj18RmvtnXfdXE%2FN3Pl7KYEcrFmTQR3BRZiJaL36ZvSfraGD1MIWN63I%3D"}],"max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400000, stale-while-revalidate=120, stale-if-error=3600, s-maxage=86400000
accept-ranges
bytes
cf-ray
63217b423e9a4e2c-FRA
20210228100817_625ad4c7d00dd0c6668384f88bca074f_0.jpeg
dfzximg01.dftoutiao.com/news/20210228/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfzximg01.dftoutiao.com/news/20210228/20210228100817_625ad4c7d00dd0c6668384f88bca074f_0.jpeg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.194.223.87 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_static_msoc2 /
Resource Hash
9a015a1d3471128cb3ddb47b30c4b73ffc842fd6bc7356a37e57225cf5aecbe3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:23 GMT
X-Cache-Lookup
Hit From Upstream, Hit From Disktank3, Hit From Inner Cluster, Hit From Upstream, Hit From Inner Cluster
X-NWS-UUID-VERIFY
3c07d1a41aa8b5833340e7b0548f29bc
x-cos-request-id
NjA1MzIxZWJfNjFhYTBiMDlfZTFiXzZkMjg0NDA=
Connection
keep-alive
Content-Length
19259
x-cos-hash-crc64ecma
6124935280015408865
Last-Modified
Sun, 28 Feb 2021 02:08:17 GMT
Server
NWS_TCloud_static_msoc2
ETag
"2b3db1040b78f7cc7eacf3bfbc4e7480"
Content-Type
image/jpeg
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=5
X-NWS-LOG-UUID
3f35db50-c563-422f-92eb-f46931c5b310
Accept-Ranges
bytes
Expires
Thu, 18 Mar 2021 21:26:23 GMT
t012dfe11a0f8eadd38.jpg
www.tiyuxiu.com/uploads/ext/a/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tiyuxiu.com/uploads/ext/a/t012dfe11a0f8eadd38.jpg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
Tengine /
Resource Hash
9a6f73cceabe229a9aa66369ab3be0648ae59004f329040f5636884d77757900

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:20 GMT
KCS-Via
MISS from w-fc08.jstzot;MISS from w-sc07.shbt
Age
1
X-Via
1.1 ianxin96:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:11 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
64240
XCS
HIT
xzp
zhvsmrmxorevxacorvsoaaborkeiolhidzmml
Last-Modified
Sat, 13 Mar 2021 00:56:09 GMT
Server
Tengine
X-Ws-Request-Id
6053c324_PSdgflkfFRA2gb7_31224-51380
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Accept-Ranges
bytes
Expires
Tue, 16 Mar 2021 23:08:57 GMT
t01d52400b615795b06.jpg
www.tiyuxiu.com/uploads/ext/a/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tiyuxiu.com/uploads/ext/a/t01d52400b615795b06.jpg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
Tengine /
Resource Hash
b938b0f3772a96c856fd9a84a8cd08c4aeb01a3569bee7f2621ee23465f51bde

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:20 GMT
KCS-Via
MISS from w-fc01.jstzot;MISS from w-sc10.shbt
Age
1
X-Via
1.1 PS-FOC-01KG494:12 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:15 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
32413
XCS
HIT
xzp
zhvsmrmxormvmlml
Last-Modified
Sun, 14 Mar 2021 04:53:15 GMT
Server
Tengine
X-Ws-Request-Id
6053c324_PSdgflkfFRA2po7_29217-37873
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Accept-Ranges
bytes
Expires
Tue, 16 Mar 2021 14:58:31 GMT
t010c825a1da69ceb7f.jpg
www.tiyuxiu.com/uploads/ext/a/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tiyuxiu.com/uploads/ext/a/t010c825a1da69ceb7f.jpg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
Tengine /
Resource Hash
b9f7581d6a26c28b876bc00b29048f2aa218d65fe54581cf4cef3d141986a6f7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:20 GMT
KCS-Via
MISS from w-fc04.jsyzot;MISS from w-sc03.bjyt
Age
1
X-Via
1.1 PS-FOC-01tmR97:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:13 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
30423
XCS
HIT
xzp
zhvsmrmxorevxacorvsoaaborkeiolhidzmml
Last-Modified
Tue, 16 Mar 2021 12:28:50 GMT
Server
Tengine
X-Ws-Request-Id
6053c324_PSdgflkfFRA2gb7_31081-51053
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Accept-Ranges
bytes
Expires
Tue, 16 Mar 2021 13:17:01 GMT
9922720e0cf3d7cab4fceb8785c3a4016a63a91a.jpeg
pic1.xuehuaimg.com/proxy/baijia/https://pics4.baidu.com/feed/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic1.xuehuaimg.com/proxy/baijia/https://pics4.baidu.com/feed/9922720e0cf3d7cab4fceb8785c3a4016a63a91a.jpeg?token=b847ddbbc1355bd02edb1fffeb6837d3&s=12A141A45C1338D454BCD898030060C9
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c25f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ead8396c7f82e20e801add12e7d2615afae26b26924041690e0dbf7fdb69976

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ohc-file-size
50406
date
Thu, 18 Mar 2021 21:16:20 GMT
x-http-reason
OK
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5d6100004a620e1fd000000001
timing-allow-origin
*
ohc-cache-hit
fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache53 [1], qdix53 [1]
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=baJ9RGsQlVX0bZT80LC3lRj2f4LqofaBHmV%2BxUiSJMmzdx8Lr7PdT33RDrqJG12H9etstvF6G%2BSD%2FTCVdMvJFPMYtaHZjNpdypV1SqyXXVzbeht66s9HqFMrDgcXuFs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000000
cf-ray
63217b4239ce4a62-FRA
expires
Thu, 15 Apr 2021 14:12:54 GMT
20210302165755_d41d8cd98f00b204e9800998ecf8427e_1.jpeg
dfzximg01.dftoutiao.com/news/20210302/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfzximg01.dftoutiao.com/news/20210302/20210302165755_d41d8cd98f00b204e9800998ecf8427e_1.jpeg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.194.223.87 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
fe282bc4b1d35193af11a7c79fd5cb6bbedf7d50a9f546d497dd5e6106e7949e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:23 GMT
X-Cache-Lookup
Hit From Upstream, Hit From Disktank3, Hit From Inner Cluster
X-NWS-UUID-VERIFY
0496f99869b9ef510350f425ebbba721
x-cos-request-id
NjA1MzNhZDlfNjFhYTBiMDlfZTEwXzZhODdlMzU=
Connection
keep-alive
Content-Length
36663
x-cos-hash-crc64ecma
6651819207900159786
Last-Modified
Tue, 02 Mar 2021 08:57:57 GMT
Server
NWS_TCloud_S1
ETag
"a6ae49e81f4d7e15b4a611d0032595cd"
Content-Type
image/jpeg
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=4
X-NWS-LOG-UUID
3482e462-c137-4b6e-ba53-4fabfe16aec4
Accept-Ranges
bytes
Expires
Thu, 18 Mar 2021 21:26:22 GMT
20210302160144_13f7b5fe7a27910c18b22b57659ad4b1_0.jpeg
dfzximg01.dftoutiao.com/news/20210302/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfzximg01.dftoutiao.com/news/20210302/20210302160144_13f7b5fe7a27910c18b22b57659ad4b1_0.jpeg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.194.223.87 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
287d11a716cc9cead1bd025fa41528203e39fd7c631e0e19c6671d68cd6e9189

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:24 GMT
X-Cache-Lookup
Hit From Upstream, Hit From Disktank3
X-NWS-UUID-VERIFY
302a30584f60b57b0720339e3019f128
x-cos-request-id
NjA1MmY3YjJfZTI4NWQ2NF8yMTRfOWI3NWM3NQ==
Connection
keep-alive
Content-Length
61456
x-cos-hash-crc64ecma
6896519921220241712
Last-Modified
Tue, 02 Mar 2021 08:01:44 GMT
Server
NWS_TCloud_S1
ETag
"83f771118e60b21791aac9582cca58f1"
Content-Type
image/jpeg
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=4
X-NWS-LOG-UUID
0279656e-0ef7-41b2-88bc-991724066277
Accept-Ranges
bytes
Expires
Thu, 18 Mar 2021 21:26:23 GMT
20210302085959_cf2b6f714bbac7e61a1f1ab589652791_1.jpeg
dfzximg01.dftoutiao.com/news/20210302/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfzximg01.dftoutiao.com/news/20210302/20210302085959_cf2b6f714bbac7e61a1f1ab589652791_1.jpeg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.194.223.87 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
4d464d2849d49a290ffaa9614226fa4fb7d1ef235280f2c707cb140fa872cf8c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:23 GMT
X-Cache-Lookup
Hit From Upstream, Hit From Disktank3, Hit From Inner Cluster
X-NWS-UUID-VERIFY
643b06e76d783ea8fc87e44dff71e8af
x-cos-request-id
NjA1MzE0YWVfNmJhOTBiMDlfMTc1NTRfNmJlYzAyOA==
Connection
keep-alive
Content-Length
28089
x-cos-hash-crc64ecma
2432620716314044934
Last-Modified
Tue, 02 Mar 2021 00:59:59 GMT
Server
NWS_TCloud_S1
ETag
"7b1d76ad1d258b48dc935fabfe24a2b2"
Content-Type
image/jpeg
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=3
X-NWS-LOG-UUID
7695496d-b53c-4bc6-80bb-9b0e2e3207bd
Accept-Ranges
bytes
Expires
Thu, 18 Mar 2021 21:26:22 GMT
20210302153621_557a32e91ede1eed847b34a84341ed50_0.jpeg
dfzximg01.dftoutiao.com/news/20210302/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfzximg01.dftoutiao.com/news/20210302/20210302153621_557a32e91ede1eed847b34a84341ed50_0.jpeg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.194.223.87 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
1f45ce08685288f79be90421098e8a7ecbbe9775e0597f2539872437184a8b43

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:23 GMT
X-Cache-Lookup
Hit From Upstream, Hit From Disktank3, Hit From Inner Cluster
X-NWS-UUID-VERIFY
d7f638e59ec4f817b47cb5dfd97bebff
x-cos-request-id
NjA1Mzc4NWZfNzhjODJhMDlfZWMzOF84NmQwODQ5
Connection
keep-alive
Content-Length
26079
x-cos-hash-crc64ecma
6679590947815044555
Last-Modified
Tue, 02 Mar 2021 07:36:21 GMT
Server
NWS_TCloud_S1
ETag
"2d4af08df832acf6a84ad6c6a0ee7c37"
Content-Type
image/jpeg
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=3
X-NWS-LOG-UUID
54104719-21a9-4b44-8d08-6b9f0c8605d7
Accept-Ranges
bytes
Expires
Thu, 18 Mar 2021 21:26:22 GMT
20210302121833_1d2a2b3c52c4136332163981edccd05e_0.jpeg
dfzximg01.dftoutiao.com/news/20210302/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfzximg01.dftoutiao.com/news/20210302/20210302121833_1d2a2b3c52c4136332163981edccd05e_0.jpeg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.194.223.87 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
73cc8da0053d75e25c271bf357bda5b06413a3958ab9fe80dce34090fdceede8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:23 GMT
X-Cache-Lookup
Hit From Upstream, Hit From Disktank3
X-NWS-UUID-VERIFY
3b31405c42e016e43e3f98f20dbe4ca6
x-cos-request-id
NjA1MmMzNmRfN2JiMTJhMDlfOGE0ZF84Yzg1YTgz
Connection
keep-alive
Content-Length
62760
x-cos-hash-crc64ecma
17861957060311005726
Last-Modified
Tue, 02 Mar 2021 04:18:33 GMT
Server
NWS_TCloud_S1
ETag
"4a3ba1a949d0e57dc62b0c0fa41f82f0"
Content-Type
image/jpeg
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=4
X-NWS-LOG-UUID
a10dc020-f0a4-497b-b96e-4205a7385373
Accept-Ranges
bytes
Expires
Thu, 18 Mar 2021 21:26:22 GMT
2029562B6-0.png
www.tiyuxiu.com/uploads/allimg/210301/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tiyuxiu.com/uploads/allimg/210301/2029562B6-0.png
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
Tengine /
Resource Hash
7d38f82a518e003e166b34008f48916007c8483934990d528087790a84131e41

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:20 GMT
Last-Modified
Mon, 01 Mar 2021 12:29:56 GMT
Server
Tengine
Age
1
ETag
"603cde44-42c4e"
X-Ws-Request-Id
6053c324_PSdgflkfFRA2gb7_31144-31174
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273486
X-Via
1.1 PS-FOC-01KG494:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:13 (Cdn Cache Server V2.0)
Expires
Mon, 14 Mar 2022 19:33:24 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113511599-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4425
date
Thu, 18 Mar 2021 20:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 18 Mar 2021 22:02:35 GMT
20210302172556_62588058628b1636b909cff18c1cd65a_1.jpeg
dfzximg01.dftoutiao.com/news/20210302/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfzximg01.dftoutiao.com/news/20210302/20210302172556_62588058628b1636b909cff18c1cd65a_1.jpeg
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.194.223.87 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
132ac63ef8f8e12d42a89d58978c9b1fc424a70dd1f0792ec79147bdc10363f0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 21:16:22 GMT
X-Cache-Lookup
Hit From Upstream, Hit From Disktank3, Hit From Inner Cluster
X-NWS-UUID-VERIFY
fe61b09bd5f35f0ccc3f6df11d17c348
x-cos-request-id
NjA1MzI4MmJfNjFhYTBiMDlfZTJjXzZiZjIzMWU=
Connection
keep-alive
Content-Length
10148
x-cos-hash-crc64ecma
9022127785870235714
Last-Modified
Tue, 02 Mar 2021 09:25:56 GMT
Server
NWS_TCloud_S1
ETag
"327ad293fa4ed08e2421a111f26aca8b"
Content-Type
image/jpeg
Cache-Control
max-age=600
X-Daa-Tunnel
hop_count=5
X-NWS-LOG-UUID
a62be7f4-cc4a-4db3-97fe-fbc2d8fb9416
Accept-Ranges
bytes
Expires
Thu, 18 Mar 2021 21:26:21 GMT
result
www.xuehua.us/cdn-cgi/bm/cv/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.xuehua.us/cdn-cgi/bm/cv/result?req_id=63217b404dba5363
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W7aWFPWAkla2pW%2FBVGZDjy1KnUOG4XAIDB6MrOGCt6Ehql3QaJhM%2BaPsyJXhtq9kRlPvfwTI3TtK4iqbr0FuITPtNjRZRx3AOHvB4RFA7LcMFQ%2FAsRWBwxQw"}],"group":"cf-nel","max_age":604800}
cf-ray
63217b432a9b5363-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e8cb5df6000053635216f000000001
cookie.js
partner.googleadservices.com/gampad/ 		199 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.xuehua.us&callback=_gfp_s_&client=ca-pub-7536255340317474
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
736f62996ec4423d3af0e6c992b06b01cd3657f976522a6521e932156798b48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.xuehua.us
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.xuehua.us
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B7FB 		13 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&adk=1812271804&adf=3025194257&lmt=1616102180&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xuehua.us%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616102180149&bpp=20&bdt=194&idt=199&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1722780151451&frm=20&pv=2&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4318a53aa5cf7a73f0a4fbff4a9fd482ee28d45a62d3ec4072e5b0efca8a7f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7536255340317474&output=html&adk=1812271804&adf=3025194257&lmt=1616102180&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xuehua.us%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616102180149&bpp=20&bdt=194&idt=199&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1722780151451&frm=20&pv=2&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 18 Mar 2021 21:16:20 GMT
server
cafe
content-length
843
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 21:31:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 18 Mar 2021 21:16:20 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Thu, 18 Mar 2021 21:16:20 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:20 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
191C384BD08D2989
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=34723
accept-ranges
bytes
content-length
948
x-amz-id-2
/Y8Yj/DqLNS2pI1SPlp4cWcg3IlspJAynuwPI5L3vSGxaNJQvodByoZJc97qcmeVSMm8xcdrWW0=
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=518920705&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xuehua.us%2F&ul=en-us&de=UTF-8&dt=%E9%9B%AA%E8%8A%B1%E6%96%B0%E9%97%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=2073888652&gjid=605802102&cid=757608832.1616102180&tid=UA-113511599-1&_gid=1767178719.1616102180&_r=1&gtm=2ou3a0&z=276501594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 21:16:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xuehua.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-107.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 18 Mar 2021 21:16:20 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
ads
googleads.g.doubleclick.net/pagead/ Frame 8574 		55 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
177afc33bf473ba49d10cd128773bc0477398b50ccb4fedc0380fbb5d6abeb07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 18 Mar 2021 21:16:20 GMT
server
cafe
content-length
21279
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 21:31:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 18 Mar 2021 21:16:20 GMT
cache-control
private
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-113511599-1&cid=757608832.1616102180&jid=2073888652&gjid=605802102&_gid=1767178719.1616102180&_u=IAhAAUAAAAAAAC~&z=131394481
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Mar 2021 21:16:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.xuehua.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-113511599-1&cid=757608832.1616102180&jid=2073888652&_u=IAhAAUAAAAAAAC~&z=1590867961
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 21:16:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-113511599-1&cid=757608832.1616102180&jid=2073888652&_u=IAhAAUAAAAAAAC~&z=1590867961
Requested by
Host: www.xuehua.us
URL: https://www.xuehua.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 21:16:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8385704451391106842
tpc.googlesyndication.com/simgad/ Frame 8574 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8385704451391106842
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d23bd1b6bca4eabbeabeb299ccde16050bf6ddd376bccf2ae7055109e2486482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:16:12 GMT
x-content-type-options
nosniff
age
90008
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124606
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 09:13:25 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 20:16:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8574 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
15132876316592709121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 21:11:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8574 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 21:12:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8574 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Thu, 18 Mar 2021 21:16:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8574 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 21:09:52 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8574 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 18:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10816
x-xss-protection
0
server
cafe
etag
5325187549321947876
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 18:17:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8574 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9xBrJMNTYNO_HsHgY6iEu7APzumU2GGAidWZgQ2Wgs2FiBYQASCbxNljYJWKuILIB6ABnK_7qALIAQOoAwHIA8kEqgTDAU_Q3_Har2Sp_aboH-XhpNFXafdlfCFnoi8aN-K0-I_3u6GdarCEjanzUY7Tsws4WNGmCRRMPuPeI1zCk5WcnRyHF2t49m8TjCrXWi38i4PIlRsj9tdV9goITFmwU7mbi28UmhE740RkKzoWTqvLgGkDyp4JGuRPd904ljMjhSDtYlL0blBAMOBgBEoDRj20u7N5xacet-zGoTe10eG6ZI3CAvUGV5SjUYbR3c_XS6FtF_4ea98-iY1GvW0v_-G_39n_ucAEpqz1tq8DkgUECAQYAZIFBAgFGASgBgOAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELWWLNIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi03NTM2MjU1MzQwMzE3NDc0&sigh=5Mhe7sPECrw&tpd=AGWhJmtoqlLOEdVrR0aa5Me12cvI2yyxA9-i4O-YP_aWg_-Xrg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 18 Mar 2021 21:16:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 18 Mar 2021 21:16:20 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5B48 		143 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 18 Mar 2021 20:41:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2096
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8574 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3274eceb132e0e47e4e27ef7de5853ba3f5a13b917d04d82a277ca89251aefff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5B48
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnc5hMIM1SQ59Ca4G5n03klBOidfY3YXAtO6k3xY-xfZkY00o6bJxXjtOP0Ccg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 18 Mar 2021 21:16:21 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 18-Mar-2021 22:16:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 18 Mar 2021 21:16:21 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 18 Mar 2021 21:16:21 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
pagead2.googlesyndication.com/bg/ Frame FF15 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7536255340317474&output=html&h=600&slotname=2970901942&adk=4207714071&adf=3514700466&pi=t.ma~as.2970901942&w=300&fwrn=4&fwrnh=100&lmt=1616102180&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.xuehua.us%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1616102180169&bpp=6&bdt=215&idt=293&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1722780151451&frm=20&pv=1&ga_vid=757608832.1616102180&ga_sid=1616102180&ga_hid=518920705&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1129&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068083%2C44737458%2C44739387&oid=3&pvsid=1740968752990115&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TRNWZ669WX&p=https%3A//www.xuehua.us&dtd=299
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 09:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
42152
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5697
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:33:49 GMT
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 8574 		42 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuceYF1kwPXSOFs3vgzWQeLKQOYtDmj9SIEnywFew2a7KlpPXwrdKeoO32qoRACCljkn4cl1HkXarXxQ3Wk05AXwRyHgw4plkBrNEry1mqu_tRsn65ZVCwKNIH9g&sai=AMfl-YReCBAQC9dWBlEerkCZyi-mYrE8Vb_LEoLEhOhZQKNBQw2f8Xa6qznhlWYkIGiv8FT4-t57UnYzA62A&sig=Cg0ArKJSzKp6EtQ6iFCDEAE&id=osdim&mcvt=1001&p=148,1129,748,1429&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4207714071&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616102180471&dlt=487&rpt=31&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 21:16:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a94a9de5b38de8492a477b9e0e91549f902994961f6ac11fc2bc1373bb6b981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 21:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6583
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7536255340317474&plah=www.xuehua.us&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 21:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 18 Mar 2021 21:16:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 719C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Thu, 18 Mar 2021 16:12:34 GMT
expires
Fri, 18 Mar 2022 16:12:34 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18233
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
pagead2.googlesyndication.com/bg/ Frame 719C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 09:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
42158
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5697
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:33:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=1740968752990115&bg=!-_il-LzNAAbUo7L91KM7ACkAdvg8WjPhlp3NtVkuvSLZ_BwN4H5dmVoPsLrUoXugfO_21SRMdDhauQIAAABXUgAAAA1oAQcKAHXH1_i9e6nN61HpOyt2fIU7VJzZrwShpR8EIuzgTjQkL_3us2FGKhY2-yHGicUsylWNezyBBOyS7ShNtiQIPlSv2PiviZjhrnD5mNs63QcczN6Djb9ed1C0gHUIE8cdPg_x0LVqadL25XEmhnek5yR1B326gIaZAduoHJydru_TvIgqJMdNNnrbAQlS-6fBje2MG4EwAjHAqQzBmn6EM_QlFfMwurza1pelZM6GIWUcAFdNgD1ABc5_zo7kkP0WJwiGo4E37nHSBkXjzDZnquISPr0108mY6ocvFSeBR43W2MFhvwxBygCSgsx-Zr25lWZ5e3yh_bwn_dv-ewjseaRZzLE256pXMhSj4__bNh-Xubz_RIEQKEdFsYO6Fbo3pvWD7U7E23ibhDEkpLNDzkIIodRmRIY03JRYvDbl7rRFcahD19KpZEjYXcALYUCT-lDUmg1ZJa8YvCdaPqWP7O9XSO-XsQ60MsjMmnlCSoZ6TYIUroniA2kqlEUGpLJNxGW4vjPhKWxdbkpmSCZBAjfvfxBvl7rPwXXB4HW0A51cnZSi1A7k9Ez4Sp3YTDK3uIo9nDcptSBSaVHRfTKfu24yXUUhAUrc0l6Tjb52NqjOIUIyRIn_iP8zKxNzAam757HynWjC3p7EpuYNB0OXrSkRdgGo_KN577iQiw_21sdWV1v7u0SPRLju0aZv9Dh_3czO99fopKgAHG4y0IMRxonQ7NiUNXXM7ye8mEDxnCEO3uXfSYKhYwhS-C6yjkIov64yHDiXsvUkZhFZ83BYA0MGwRlU
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 21:16:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| CloudflareApps object| adsbygoogle function| gtag object| dataLayer object| a0_0x433e function| a0_0x3d7e function| $ function| jQuery object| bootstrap function| getCookie function| getUrlParam function| validateEmail function| passUrlParamsToObj function| load_js_before_close_body function| is_login function| checkNested boolean| is_scroll number| articles_per_page function| lozad function| Vue function| axios object| __CF$cv$params object| addthis_config object| addthis_plugin_info object| __gcse function| load_custom_ads object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| bodyh number| bodyw object| google_tag_data string| GoogleAnalyticsObject function| ga object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| closure_lm_617359 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _atw boolean| __@@##MUH string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len object| addthis_share object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
www.xuehua.us/ Name: __atuvs
Value: 6053c324c462dbc1000
www.xuehua.us/ Name: __atuvc
Value: 1%7C11

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cse.google.com
dfzximg01.dftoutiao.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pic1.xuehuaimg.com
s7.addthis.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.tiyuxiu.com
www.xuehua.us
z.moatads.com
104.108.145.172
142.250.185.162
163.171.132.119
184.30.24.107
220.194.223.87
2606:4700:3030::ac43:c25f
2606:4700:e6::ac40:c116
2a00:1450:4001:801::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:400c:c0c::9c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
132ac63ef8f8e12d42a89d58978c9b1fc424a70dd1f0792ec79147bdc10363f0
177afc33bf473ba49d10cd128773bc0477398b50ccb4fedc0380fbb5d6abeb07
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f45ce08685288f79be90421098e8a7ecbbe9775e0597f2539872437184a8b43
1ff6d4b304544c70c318ec062f46f21afdb9b864db8b596c7cb6db4936071db1
287d11a716cc9cead1bd025fa41528203e39fd7c631e0e19c6671d68cd6e9189
2c5b74b490c1cc528621c8409564e6ab52feaf46377898f6a8f7b38134033efc
3274eceb132e0e47e4e27ef7de5853ba3f5a13b917d04d82a277ca89251aefff
329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a94a9de5b38de8492a477b9e0e91549f902994961f6ac11fc2bc1373bb6b981
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4cbfa12582f0e561f22a7ef740f0d6a91d8046ab2f56372241a43c5a1efe6d74
4d464d2849d49a290ffaa9614226fa4fb7d1ef235280f2c707cb140fa872cf8c
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
545bd37d6f9aafabf5712510acf4b7a806168f8a1c1f8e2a55690a232c5cc759
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5fd553ac7c7846c116bbb96afd9968b6eb640968ccaae6b76735febd3133c911
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6bf5c3939eda1cb2c886478cc73ac361c99e96b720d8c16a8f7c2f7dd4601cbe
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
736f62996ec4423d3af0e6c992b06b01cd3657f976522a6521e932156798b48e
73cc8da0053d75e25c271bf357bda5b06413a3958ab9fe80dce34090fdceede8
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7ca4a40fc9f8da19a6cc1edb3466d3cdb027818593c60b0bcba368f3eb8254ab
7d38f82a518e003e166b34008f48916007c8483934990d528087790a84131e41
7ead8396c7f82e20e801add12e7d2615afae26b26924041690e0dbf7fdb69976
7ed0921b2c0e6a411a38fc1e8ecf61c059469c203a7bae9d530c667be7d86326
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8558d03dc94c1eb4b77309f0e15f458a5e9f3a2fdf0f6a58e288b8401926669b
88f4a31725563dcc41612756c2347b939e99e81c1c5c1bcef2caaa16c40127d8
8e322a2aafcaa15a73b9e8c658eb3e288f6e9e861a6520e16e06c7cbd9f9b1fe
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
9a015a1d3471128cb3ddb47b30c4b73ffc842fd6bc7356a37e57225cf5aecbe3
9a6f73cceabe229a9aa66369ab3be0648ae59004f329040f5636884d77757900
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa849933b72485ace2fb1b946180301d9a00131051bed053fa72f666f5016cf1
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b18237415a51fa6e296e5dd5198937ffd543aadc5f2b73b4d82d7b912c7836fa
b4318a53aa5cf7a73f0a4fbff4a9fd482ee28d45a62d3ec4072e5b0efca8a7f8
b938b0f3772a96c856fd9a84a8cd08c4aeb01a3569bee7f2621ee23465f51bde
b9f7581d6a26c28b876bc00b29048f2aa218d65fe54581cf4cef3d141986a6f7
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
c343a18c0b5cfccc29318f269a9fc61ad985d886e8b0adbc3fdd762eef7c8681
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c7d8f6d6ab27461b0f7c6826e055ec710d0f0196e3d5135efd0e9d7cd9ff1506
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534
d23bd1b6bca4eabbeabeb299ccde16050bf6ddd376bccf2ae7055109e2486482
d3ea892f3b93cd326407dfa68eee238973ea8348f4d5b899fd631addc54ceacc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe282bc4b1d35193af11a7c79fd5cb6bbedf7d50a9f546d497dd5e6106e7949e