www.zww.cn Open in urlscan Pro
61.183.11.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.zww.cn/zuowen/html/51/350029.htm
Effective URL:
https://www.zww.cn/zuowen/html/51/350029.htm
Submission Tags: falconsandbox
Submission: On May 21 via api (May 21st 2022, 8:07:25 pm UTC) from US — Scanned from DE

Summary HTTP 129 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 23 domains to perform 129 HTTP transactions. The main IP is 61.183.11.168, located in Huangpu, China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is www.zww.cn.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on April 25th 2022. Valid for: a year.

This is the only time www.zww.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	61.183.11.168 61.183.11.168	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	113.105.172.35 113.105.172.35	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
12	2a00:1450:401... 2a00:1450:4014:80f::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	203.205.136.80 203.205.136.80	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
22	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	182.61.200.109 182.61.200.109	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	3.68.169.133 3.68.169.133	16509 (AMAZON-02) (AMAZON-02)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	2.20.157.55 2.20.157.55	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468	16509 (AMAZON-02) (AMAZON-02)
2	115.231.186.129 115.231.186.129	() ()
129	25

23 61.183.11.168 (Huangpu, China) 1 redirects

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

www.zww.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 113.105.172.35 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

cpro.baidustatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4014:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.136.80 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

pub.idqqimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.61.200.109 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.169.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-169-133.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.20.157.55 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 115.231.186.129 (None, )

ASN- ()

bdad.zww.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	828 KB
26	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	155 KB
25	zww.cn 1 redirects www.zww.cn bdad.zww.cn	89 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	349 KB
8	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	166 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7678	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	921 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524	415 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1755	1 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 568	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1128	795 B
2	baidu.com pos.baidu.com — Cisco Umbrella Rank: 23962 wn.pos.baidu.com Failed	13 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1439	296 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	idqqimg.com pub.idqqimg.com — Cisco Umbrella Rank: 24265	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	642 B
1	baidustatic.com cpro.baidustatic.com — Cisco Umbrella Rank: 23984	35 KB
0	bcebos.com Failed lupic.cdn.bcebos.com Failed
0	google-analytics.com Failed www.google-analytics.com Failed
129	23

	Domain	Requested by
23	www.zww.cn	1 redirects www.zww.cn
22	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com www.zww.cn
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.zww.cn
12	pagead2.googlesyndication.com	www.zww.cn pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	cm.g.doubleclick.net	googleads.g.doubleclick.net www.zww.cn
5	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	bdad.zww.cn	pos.baidu.com
2	image6.pubmatic.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	d.agkn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	pos.baidu.com	cpro.baidustatic.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	pub.idqqimg.com	www.zww.cn
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cpro.baidustatic.com	www.zww.cn
0	lupic.cdn.bcebos.com Failed	pos.baidu.com
0	wn.pos.baidu.com Failed	pos.baidu.com
0	www.google-analytics.com Failed	www.zww.cn
129	32

This site contains links to these domains. Also see Links.

Domain
qts.zww.cn
www.baidu.com
wpa.qq.com

Subject Issuer	Validity	Valid
www.zww.cn Encryption Everywhere DV TLS CA - G1	`2022-04-25` - `2023-04-26`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
at.idqqimg.com DigiCert Secure Site CN CA G3	`2022-01-24` - `2023-02-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
bdad.zww.cn TrustAsia TLS RSA CA	`2022-01-21` - `2023-01-21`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.zww.cn/zuowen/html/51/350029.htm
Frame ID: C8B6EE48946D4298E12AA1CA1E71B436
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: 79B8BFA8723F70C8AFE6EB997F7190C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=250&slotname=8943165052&adk=2741730798&adf=4191552336&pi=t.ma~as.8943165052&w=300&lmt=1564710248&psa=0&format=300x250&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638837&bpp=2&bdt=999&idt=122&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=3635864583323&frm=20&pv=2&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=547&ady=925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TqMOgvADI1&p=https%3A//www.zww.cn&dtd=134
Frame ID: 7254B941357A644C86B8B12C430B7A15
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=600&slotname=9466933241&adk=2858083242&adf=3772394238&pi=t.ma~as.9466933241&w=160&lmt=1564710248&psa=0&format=160x600&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638839&bpp=1&bdt=1001&idt=155&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3635864583323&frm=20&pv=1&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=984&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cfFMj3KUwN&p=https%3A//www.zww.cn&dtd=157
Frame ID: A3992D4BC8071A88A31066DF01CD5573
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&adk=1812271804&adf=3025194257&lmt=1564710248&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163639704&bpp=1&bdt=1866&idt=1&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D71d2ce5e1eea0b5c-224492389bcd0084%3AT%3D1653163639%3ART%3D1653163639%3AS%3DALNI_MY2UmLRwqXwM4i3cSkMUqe7_CUwXg&prev_fmts=300x250%2C160x600&nras=1&correlator=3635864583323&frm=20&pv=1&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=9
Frame ID: ADA2D3BAE14776815760FCF53093ED8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F0BB30A8589460F792535E994656EFF5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js
Frame ID: ED6BC95410971730F9324AF927F59F9B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html
Frame ID: 7C5CB6360237E8846EEB0B56CFFCF9A2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7D4407E2D59352FA68553B72D7DE39D3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 24357C95B6E733810899F4B7E0D3E953
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 78C9591F67E3F737F1457319D54FE779
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4EF8BF42F609C17342AE5F53DDB4C41
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C6F64952D0DACCA69C56788264692FEC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A03703CD40FA907E6001B825C7F4891A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 04DCDE89BE4C59F11F8E04A9C37B8A7C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js
Frame ID: A900C9EFB5088A87E7016184465DE5DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js
Frame ID: C0A66B23541F6BA2A9A407DDC260D977
Requests: 1 HTTP requests in this frame

Frame: https://pos.baidu.com/vctm?conwid=728&conhei=90&rdid=3582900&dc=3&di=u3582900&s1=1769742689&s2=3135894798&dri=0&dis=0&dai=1&ps=1566x8&enu=encoding&exps=110261,110252,110011&ant=0&psi=c6a4d0ec6e0b4685&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1653163640296&ti=%E8%B5%B0%E5%87%BA%E8%BF%B7%E8%8C%AB-%E5%88%9D%E4%B8%AD%E4%BD%9C%E6%96%87-%E5%B0%8F%E8%8D%B7%E4%BD%9C%E6%96%87%E7%BD%91&ari=2&ver=0517&dbv=2&drs=3&pcs=1600x1200&pss=1600x1851&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1564710248&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1653163640&qn=ad2acd411a2fa50c&ft=pc
Frame ID: 73BD0A5BF96221CC282D91A18E775898
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

走出迷茫-初中作文-小荷作文网

Page URL History Show full URLs

http://www.zww.cn/zuowen/html/51/350029.htm HTTP 301
https://www.zww.cn/zuowen/html/51/350029.htm Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

129
Requests

90 %
HTTPS

52 %
IPv6

23
Domains

32
Subdomains

25
IPs

7
Countries

1644 kB
Transfer

3244 kB
Size

25
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://qts.zww.cn/
Title: 唐诗宋词还有语音朗读

Search URL Search Domain Scan URL

URL: http://www.baidu.com/baidu?tn=xhzww&word=%D7%DF%B3%F6%C3%D4%C3%A3
Title: 到百度搜索“走出迷茫”

Search URL Search Domain Scan URL

URL: https://wpa.qq.com/msgrd?v=3&uin=782880378&site=qq&menu=yes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.zww.cn/zuowen/html/51/350029.htm HTTP 301
https://www.zww.cn/zuowen/html/51/350029.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://d.agkn.com/pixel/2175/?google_gid=CAESEPv0VrvS_1ZWd2BV8TajMsE&google_cver=1&google_push=AYg5qPIlZvaGvpmq4NTfZ7KTYr-HMEGbYzlpoE20F4zR3l9D4yTv4basTqxycos3lz0aZz-t5pbiIcnqKDegNmQ4Ik26YA01oZw_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlZvaGvpmq4NTfZ7KTYr-HMEGbYzlpoE20F4zR3l9D4yTv4basTqxycos3lz0aZz-t5pbiIcnqKDegNmQ4Ik26YA01oZw_&google_hm=Q0FFU0VQdjBWcnZTXzFaV2QyQlY4VGFqTXNF

Request Chain 105

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIp5tDGg8r2oRHu6wL18OTykTtLc4yuOUUpz56LR9lj1iLam2GKVZD_t8TjAmmhj-2VXYbfCRj--NFgl4MuQuVkkc8SLp9P&google_gid=CAESEE-n7XKgx0XL8HxRqNALYG4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIp5tDGg8r2oRHu6wL18OTykTtLc4yuOUUpz56LR9lj1iLam2GKVZD_t8TjAmmhj-2VXYbfCRj--NFgl4MuQuVkkc8SLp9P&google_gid=CAESEE-n7XKgx0XL8HxRqNALYG4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjEyMDA3MjEwMDAxMDgxNzEwOTc0NQ%3D%3D&google_push=AYg5qPIp5tDGg8r2oRHu6wL18OTykTtLc4yuOUUpz56LR9lj1iLam2GKVZD_t8TjAmmhj-2VXYbfCRj--NFgl4MuQuVkkc8SLp9P

Request Chain 108

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAF-7jLzQLlIKhThwZvatqo&google_cver=1&google_push=AYg5qPIaRHeVt5l1HkoVW-bf4aUbOgMyvPF_mSKoKQY46mz9v3s4GOFGyt_x_meddrvv57jlAyp-jY_KiuFnsc6QNJE1AyDtKqdU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1SVEtMUstMUFOVw==&google_push=AYg5qPIaRHeVt5l1HkoVW-bf4aUbOgMyvPF_mSKoKQY46mz9v3s4GOFGyt_x_meddrvv57jlAyp-jY_KiuFnsc6QNJE1AyDtKqdU

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1&google_push=AYg5qPI8lUEX849RrZ1JZ_zP6n5zSwpz8JUFLDSj9EEMlN_oqZopExMoI4EW5a4VFauoRSamkEYnQgcTBz6QdstN-1uScya214l5 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_push=AYg5qPI8lUEX849RrZ1JZ_zP6n5zSwpz8JUFLDSj9EEMlN_oqZopExMoI4EW5a4VFauoRSamkEYnQgcTBz6QdstN-1uScya214l5&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPI8lUEX849RrZ1JZ_zP6n5zSwpz8JUFLDSj9EEMlN_oqZopExMoI4EW5a4VFauoRSamkEYnQgcTBz6QdstN-1uScya214l5&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1

Request Chain 114

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDYtGt40WTg2Ek2DV99QDWc&google_cver=1&google_push=AYg5qPISos6qMQqbb7qXviWKpvCxBhWVJQh6UjhamiMjMQLwQBKbhU30ESMteKTzO-tJHaC8rHJRdH6MOy22Ert_XXuHHFO7cZU HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPISos6qMQqbb7qXviWKpvCxBhWVJQh6UjhamiMjMQLwQBKbhU30ESMteKTzO-tJHaC8rHJRdH6MOy22Ert_XXuHHFO7cZU&google_hm=UkdoX4LzE9wCkw59Ch8bVw

Request Chain 115

https://d.agkn.com/pixel/2175/?google_gid=CAESEPv0VrvS_1ZWd2BV8TajMsE&google_cver=1&google_push=AYg5qPKWjF-FOvVLN13zPaZS4Ku6AL9LozHIsVpsI6j1SOS7NLCZcV74WmwjKfn6XvRetghX7VLPCrthsZ1QrhvSdLzmHKXYG2o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKWjF-FOvVLN13zPaZS4Ku6AL9LozHIsVpsI6j1SOS7NLCZcV74WmwjKfn6XvRetghX7VLPCrthsZ1QrhvSdLzmHKXYG2o&google_hm=Q0FFU0VQdjBWcnZTXzFaV2QyQlY4VGFqTXNF

Request Chain 117

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFQZuMNGK4QlnDGEahUBaiI&google_cver=1&google_push=AYg5qPJo0UbShWjAz2x36CTKzIvT0vcfI1GOAO4Es3uquf5D3ZoFZtkjs1eVCM4X-HYEIVcyhZKUGU2gBFw5X2rYRsEdvgd77Uw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFQZuMNGK4QlnDGEahUBaiI&google_cver=1&google_push=AYg5qPJo0UbShWjAz2x36CTKzIvT0vcfI1GOAO4Es3uquf5D3ZoFZtkjs1eVCM4X-HYEIVcyhZKUGU2gBFw5X2rYRsEdvgd77Uw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ScG6XVSLTXi2rAU2iGpi_Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJo0UbShWjAz2x36CTKzIvT0vcfI1GOAO4Es3uquf5D3ZoFZtkjs1eVCM4X-HYEIVcyhZKUGU2gBFw5X2rYRsEdvgd77Uw

Request Chain 118

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAF-7jLzQLlIKhThwZvatqo&google_cver=1&google_push=AYg5qPIddkItycvVvYINh7xmw-_j-9qlAtc-MvCrrc8ZpvuQi-fCOdM-0A6YbmHMc5izKfAaczXVtG5vL4cRc7WKSVOZm07r0rk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1TTItMjgtMVA1UQ==&google_push=AYg5qPIddkItycvVvYINh7xmw-_j-9qlAtc-MvCrrc8ZpvuQi-fCOdM-0A6YbmHMc5izKfAaczXVtG5vL4cRc7WKSVOZm07r0rk

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1&google_push=AYg5qPJ66FUKV1gRJFeDUtXc3wxsp_CI7wEr-gdyFNwzz5wludJME-v1qvVuq-r_txt-mD5GLzTL_RampAvQkjENVKCp7oQroqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPJ66FUKV1gRJFeDUtXc3wxsp_CI7wEr-gdyFNwzz5wludJME-v1qvVuq-r_txt-mD5GLzTL_RampAvQkjENVKCp7oQroqA&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

129 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 350029.htm Show response
www.zww.cn/zuowen/html/51/
Redirect Chain

http://www.zww.cn/zuowen/html/51/350029.htm
https://www.zww.cn/zuowen/html/51/350029.htm

8 KB
4 KB

940ms
247ms

Document
text/html

61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8012a6e1c3659a378bb358d318f7e0608a92d46f579ef92bb108517fb70049f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3346
Content-Type: text/html
Date: Sat, 21 May 2022 20:07:17 GMT
ETag: "02454c6d348d51:0"
Last-Modified: Fri, 02 Aug 2019 01:44:08 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding

Redirect headers

Content-Length: 167
Content-Type: text/html; charset=UTF-8
Date: Sat, 21 May 2022 20:07:15 GMT
Location: https://www.zww.cn/zuowen/html/51/350029.htm
Server

GET
H/1.1 200
OK text.css
www.zww.cn/zuowen/inc/ 1 KB
1 KB 287ms
286ms Stylesheet
text/css 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/inc/text.css
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7d071925b1094b86208f1d72650ba64529b4e1ca6a7d9add236ff6e239d51a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:17 GMT
Last-Modified: Sat, 12 Jun 2021 00:19:49 GMT
Server: nginx/1.16.0
ETag: "71ee20a8205fd71:0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1249

GET
H/1.1 200
OK texthead.js Show response
www.zww.cn/zuowen/inc/ 2 KB
2 KB 522ms
234ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/inc/texthead.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 22ac35acc9a4a58391ccd0e01ead43c205d1072bbe0c7c671d232608cdd792b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:17 GMT
Last-Modified: Fri, 02 Aug 2019 01:25:11 GMT
Server: nginx/1.16.0
ETag: "22201d21d148d51:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2281

GET
H/1.1 200
OK gg_336_1.js Show response
www.zww.cn/js/ 0
254 B 788ms
356ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/js/gg_336_1.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Tue, 15 Oct 2019 09:20:00 GMT
Server: nginx/1.16.0
ETag: "844bb83983d51:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK gg_300_1.js Show response
www.zww.cn/js/ 567 B
825 B 788ms
341ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/js/gg_300_1.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b576964277ce578bae36e6b1d7e22f9289f5fdf5bd1ae09a1d9fa104f96bc185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Tue, 22 Dec 2015 14:58:27 GMT
Server: nginx/1.16.0
ETag: "cc92c736c93cd11:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 567

GET
H/1.1 200
OK gg_160_1.js Show response
www.zww.cn/js/ 610 B
868 B 786ms
268ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/js/gg_160_1.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a8a7ed5d8b734a4d08df201cdbf2daaa024ca470902558e8c148bdad6df4d8f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Fri, 07 Dec 2018 13:11:43 GMT
Server: nginx/1.16.0
ETag: "904514662e8ed41:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 610

GET
H/1.1 200
OK spec1.js Show response
www.zww.cn/zw/img/spec1/ 14 KB
15 KB 1274ms
755ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zw/img/spec1/spec1.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fddd4d4739629d8196881741b9e1a9f816d765620aa5aeed996324c1ca502d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Sun, 15 May 2022 20:19:39 GMT
Server: nginx/1.16.0
ETag: "eafe911a9968d81:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14821

GET
H/1.1 200
OK spec2.js Show response
www.zww.cn/zw/img/spec2/ 324 B
582 B 789ms
267ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zw/img/spec2/spec2.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9b168db3be7eb17913188c4fce4fc01f9cef851b69d9045e430672b494922191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Wed, 18 Jan 2012 13:57:17 GMT
Server: nginx/1.16.0
ETag: "9e402217e9d5cc1:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 324

GET
H/1.1 200
OK ok.gif
www.zww.cn/zw/images/ 901 B
1 KB 222ms
222ms Image
image/gif 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zww.cn/zw/images/ok.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 73138b4082a0c6fe17c1266fc2c4a490b5d5f8129a0b75721393964aa9e908de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Tue, 17 Jun 2003 16:03:24 GMT
Server: nginx/1.16.0
ETag: "54d830fbe934c31:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 901

GET
H/1.1 200
OK stusco3.gif
www.zww.cn/zw/images/ 65 B
306 B 327ms
326ms Image
image/gif 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zww.cn/zw/images/stusco3.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2e20052002454bf7ee24605463b5c179e023239678af0fce45f8f803d3e43689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Thu, 02 Sep 2004 15:21:03 GMT
Server: nginx/1.16.0
ETag: "cecbca75091c41:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65

GET
H/1.1 200
OK stusco2.gif
www.zww.cn/zw/images/ 65 B
306 B 324ms
323ms Image
image/gif 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zww.cn/zw/images/stusco2.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5caeac41b8fe12bd94e25834728eb5372c2538ac5f44278bd609194a677be921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Thu, 02 Sep 2004 15:21:05 GMT
Server: nginx/1.16.0
ETag: "4c583c77091c41:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65

GET
H/1.1 200
OK stusco1.gif
www.zww.cn/zw/images/ 64 B
305 B 254ms
254ms Image
image/gif 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zww.cn/zw/images/stusco1.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c553deafa383d0ebd46772fd0723e8d1ebbfa4c0dc9b4376fe69719394c38085

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Thu, 02 Sep 2004 15:21:07 GMT
Server: nginx/1.16.0
ETag: "90113978091c41:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64

GET
H/1.1 200
OK go.gif
www.zww.cn/zw/images/ 878 B
1 KB 295ms
294ms Image
image/gif 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zww.cn/zw/images/go.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: cd1eb71b76c8c77d07747ffc12d5058877a952b8224ae421e375ed9089e3d51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Tue, 17 Jun 2003 16:03:20 GMT
Server: nginx/1.16.0
ETag: "b458a8f8e934c31:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 878

GET
H/1.1 200
OK zwreadstatus.asp Show response
www.zww.cn/zw/ 475 B
566 B 287ms
285ms Script
text/html 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zw/zwreadstatus.asp?id=350029
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ecc3b69a51527e3486dad62b6cb56ce5fc8a2dae1d631e5a0a25c411838b4e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Cache-Control: private
Server: nginx/1.16.0
Connection: keep-alive
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 c.js Show response
cpro.baidustatic.com/cpro/ui/ 104 KB
35 KB 2392ms
254ms Script
text/javascript 113.105.172.35
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpro.baidustatic.com/cpro/ui/c.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 113.105.172.35 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 0ad9e09a546cdbaf54d023cd61a9bda7f9e09be7adc4fe68faa8eea805c35a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 35492
timing-allow-origin: *
date: Sat, 21 May 2022 20:07:20 GMT
ohc-cache-hit: dg3ct68 [2], tjctcache57 [1], qdix211 [1]
last-modified: Wed, 18 May 2022 01:48:47 GMT
server: JSP3/2.0.14
age: 3049
x-cache-status: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
content-encoding: br
expires: Sat, 21 May 2022 20:16:31 GMT

GET
H/1.1 200
OK textcr1.js Show response
www.zww.cn/zuowen/inc/ 0
256 B 230ms
229ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/inc/textcr1.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Thu, 07 Mar 2013 03:34:21 GMT
Server: nginx/1.16.0
ETag: "ce3552a8e41ace1:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK textfloor.js Show response
www.zww.cn/zuowen/inc/ 21 KB
22 KB 448ms
448ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/inc/textfloor.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d9861953313c961411238616dd2e049039f4cd22d5e23691294b591982ebf01d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Mon, 15 Nov 2021 10:37:04 GMT
Server: nginx/1.16.0
ETag: "82de5bbcdad71:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21856

GET
H/1.1 200
OK textfunc.js Show response
www.zww.cn/zuowen/inc/ 17 KB
17 KB 780ms
779ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/inc/textfunc.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: dfbe967ed2d57c16ea498c27153f1e286cf6e3a5d6bba3ac304be0061c2a2d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Fri, 09 Apr 2021 03:13:31 GMT
Server: nginx/1.16.0
ETag: "a635cf51ee2cd71:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17448

GET
H/1.1 200
OK textstatus.js Show response
www.zww.cn/zuowen/inc/ 4 KB
4 KB 228ms
227ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/inc/textstatus.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9b5bc7f79e069b2d31bc0a7a4f6f3477c21d55a7a516e7327b8c15225868149f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Mon, 30 Oct 2017 11:30:57 GMT
Server: nginx/1.16.0
ETag: "41c2e88d7251d31:0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3630

GET
H/1.1 200
OK zwlogo.gif
www.zww.cn/zw/images/1/ 5 KB
5 KB 748ms
493ms Image
image/gif 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zww.cn/zw/images/1/zwlogo.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8bf98cd47787b11c6d50b40e7330ab849f736dca8c589cc71ee58677de4992f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Wed, 24 Sep 2014 06:55:35 GMT
Server: nginx/1.16.0
ETag: "e16a568ac4d7cf1:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5321

GET
H/1.1 200
OK bgbox.gif
www.zww.cn/zw/images/ 78 B
320 B 479ms
230ms Image
image/gif 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zww.cn/zw/images/bgbox.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/inc/text.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b41442f6481d3f56912511207f4948c3f1d492e0325be872558f46766482011b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/inc/text.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:18 GMT
Last-Modified: Tue, 17 Jun 2003 16:03:15 GMT
Server: nginx/1.16.0
ETag: "3468adf5e934c31:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
56 KB 141ms
79ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/js/gg_300_1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8888853025254136ad84e3c8d5405ce52f6a512d19fad43b4475de09fc141a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56793
x-xss-protection: 0
server: cafe
etag: 7619073256672134565
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 20:07:18 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 316 KB
113 KB 56ms
56ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2836932945080965&plah=www.zww.cn&bust=31067699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c9b6ef3bbc00b562f81ddb4655fde9d99046ddb04e019e093123cebfe926734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115458
x-xss-protection: 0
server: cafe
etag: 4304893491121836089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 May 2022 20:07:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 79B8 10 KB
5 KB 122ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zww.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Fri, 03 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
642 B 117ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zww.cn&callback=_gfp_s_&client=ca-pub-2836932945080965

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2836932945080965&plah=www.zww.cn&bust=31067699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b484fcaef2330c5c4b89c043527821ff302fad56fad0a87b6ec9a9477a81778d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 148ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zww.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 20:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zww.cn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 20:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7254 108 KB
40 KB 1261ms
1180ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=250&slotname=8943165052&adk=2741730798&adf=4191552336&pi=t.ma~as.8943165052&w=300&lmt=1564710248&psa=0&format=300x250&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638837&bpp=2&bdt=999&idt=122&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=3635864583323&frm=20&pv=2&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=547&ady=925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TqMOgvADI1&p=https%3A//www.zww.cn&dtd=134

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b48f24d1a4deacc32bec0cb41e167afcc88a983de7e93fa25aa48439fa744c8f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN2y2ruy8fcCFQKzcQodyv4PWg&gqi=d0aJYqndBPyFwuIPlcAn&layout=/sadbundle/%24csp%253Der3%24/6123985980558224649/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zww.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 40739
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN2y2ruy8fcCFQKzcQodyv4PWg&gqi=d0aJYqndBPyFwuIPlcAn&layout=/sadbundle/%24csp%253Der3%24/6123985980558224649/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 20:07:20 GMT
expires: Sat, 21 May 2022 20:07:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A399 71 KB
29 KB 608ms
551ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=600&slotname=9466933241&adk=2858083242&adf=3772394238&pi=t.ma~as.9466933241&w=160&lmt=1564710248&psa=0&format=160x600&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638839&bpp=1&bdt=1001&idt=155&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3635864583323&frm=20&pv=1&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=984&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cfFMj3KUwN&p=https%3A//www.zww.cn&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f685e6ee2aec16f280fd9465fae3f46eae8afc94489bed693c50b7eea2bedcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zww.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29516
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 20:07:19 GMT
expires: Sat, 21 May 2022 20:07:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 button_21.gif
pub.idqqimg.com/qconn/wpa/button/ 1 KB
2 KB 2411ms
191ms Image
image/gif 203.205.136.80
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub.idqqimg.com/qconn/wpa/button/button_21.gif
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.205.136.80 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWS_SSD_MID /
Resource Hash: 7088e740c5ab8fd86ccd5c2e28ca9f897819280827648e670851830116b531c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:56 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Sat, 08 Apr 2017 19:13:11 GMT
server: NWS_SSD_MID
age: 22125
vary: Origin
content-type: image/gif
cache-control: max-age=86400
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 2589141500470396301
accept-ranges: bytes
x-verify-code: 47d2cb3635327ae6963f050c03c01a11
content-length: 1217
expires: Mon, 23 May 2022 13:57:56 GMT

GET count.js
www.zww.cn/count/ 0
0

GET urchin.js
www.google-analytics.com/ 0
0

GET
H/1.1 200
OK badsite.js Show response
www.zww.cn/zuowen/inc/ 1 KB
835 B 251ms
251ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/zuowen/inc/badsite.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/inc/textfunc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 795c6d2dcc1bce1b0c512a1acc7f081c98d3084a16f578debe8e9ccb59dd61f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Aug 2014 01:57:10 GMT
Server: nginx/1.16.0
ETag: "05fecd1c0cf1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 533

GET
H/1.1 200
OK popwin.js Show response
www.zww.cn/js/ 6 KB
2 KB 242ms
242ms Script
application/x-javascript 61.183.11.168
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zww.cn/js/popwin.js
Requested by: Host: www.zww.cn
URL: https://www.zww.cn/zuowen/inc/textfunc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.183.11.168 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 040e7618b687b30741f335c13cf495b5e5f830879e1b33c89c2e10bb26adf1fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/zuowen/html/51/350029.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Sat, 21 May 2022 20:07:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2019 04:22:41 GMT
Server: nginx/1.16.0
ETag: "803e64825989d51:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2154

GET
H2 200 13030925753464481909
tpc.googlesyndication.com/daca_images/simgad/ Frame A399 35 KB
35 KB 147ms
52ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13030925753464481909

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=600&slotname=9466933241&adk=2858083242&adf=3772394238&pi=t.ma~as.9466933241&w=160&lmt=1564710248&psa=0&format=160x600&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638839&bpp=1&bdt=1001&idt=155&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3635864583323&frm=20&pv=1&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=984&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cfFMj3KUwN&p=https%3A//www.zww.cn&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0307d512c32494f005a1b05f0a5a11b1ac5d33cd05aa6b174277f4c6dcdc0027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 20:16:37 GMT
x-content-type-options: nosniff
age: 431442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35757
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 16:14:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 20:16:37 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame A399 21 KB
9 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:02:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A399 3 KB
1 KB 140ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:01:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A399 135 KB
42 KB 141ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 20:07:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A399 17 KB
7 KB 135ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:00:43 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A399 31 KB
13 KB 188ms
98ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06460c5ac2ac6f0dcecb946cb8160e58c2c1b81977086c1ac9d2a181fc73d92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 21:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12929
x-xss-protection: 0
server: cafe
etag: 1407223271217901296
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jun 2022 21:40:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A399 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLKNBd0aJYpHcCdqH_tMP8LeauAn8yJecatiQ6-T0D8CNtwEQASCroPACYJXikIKgB6ABhM6noALIAQKoAwHIA8kEqgTlAU_QCs2cUq1L5XzOmdDlJanKM7bdHkmtFxzd-avW-yHq_uC2pudNCyoGfyX0fD0Qeh1YXGyiOdTsB0juqio4aMcFmOg0oIWhXXOu1lRF71Q28LOU5Kv2LQf-QDruFsHA4TJOO29T8IdRXmAEVhvxyP7mFhR2lecCis2hEYuEQ6V19dsz-lcM41VpB-y1wYcJhCimrbOBN4cjL1LjT30l3SR6hqSZBaYrj2v-EWaiyApBRiIEPMFTBiw3QccLpR5GqUUCRcGzWRPwPK84XAAJ7EWTKb9yqkfXTzaAjMf7CnlfA6t3SP7ABN7O8c_xA5IFBAgEGAGSBQQIBRgEoAYCgAfksdjfAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMW_DNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yODM2OTMyOTQ1MDgwOTY1GAA&sigh=AWSLBlAsrbs&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=600&slotname=9466933241&adk=2858083242&adf=3772394238&pi=t.ma~as.9466933241&w=160&lmt=1564710248&psa=0&format=160x600&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638839&bpp=1&bdt=1001&idt=155&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3635864583323&frm=20&pv=1&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=984&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cfFMj3KUwN&p=https%3A//www.zww.cn&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 May 2022 20:07:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 21 May 2022 20:07:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 121ms
45ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zww.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 20:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 128ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zww.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 20:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADA2 298 KB
70 KB 1320ms
1319ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&adk=1812271804&adf=3025194257&lmt=1564710248&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163639704&bpp=1&bdt=1866&idt=1&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D71d2ce5e1eea0b5c-224492389bcd0084%3AT%3D1653163639%3ART%3D1653163639%3AS%3DALNI_MY2UmLRwqXwM4i3cSkMUqe7_CUwXg&prev_fmts=300x250%2C160x600&nras=1&correlator=3635864583323&frm=20&pv=1&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b576dd6ba243c4af7e5622a6a085bbc60c695730f0520c22bffeecebfefe4503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zww.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 71856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 20:07:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0BB 143 B
163 B 39ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=600&slotname=9466933241&adk=2858083242&adf=3772394238&pi=t.ma~as.9466933241&w=160&lmt=1564710248&psa=0&format=160x600&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638839&bpp=1&bdt=1001&idt=155&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=3635864583323&frm=20&pv=1&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=984&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cfFMj3KUwN&p=https%3A//www.zww.cn&dtd=157
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 19:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0BB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

88ms
87ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 20:07:20 GMT
expires: Sat, 21 May 2022 20:07:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 20:07:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A399 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac15963dfdafb820b23943f1ef2fa705cf42a308cc24fc170881274c98d702d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame ED6B 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:52:48 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/ Frame 7C5C 110 KB
25 KB 342ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=250&slotname=8943165052&adk=2741730798&adf=4191552336&pi=t.ma~as.8943165052&w=300&lmt=1564710248&psa=0&format=300x250&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638837&bpp=2&bdt=999&idt=122&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=3635864583323&frm=20&pv=2&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=547&ady=925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TqMOgvADI1&p=https%3A//www.zww.cn&dtd=134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e48718ece679fac0c55554192463a4239031c94cd77456d062652b30e5a110

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 53436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24523
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 05:16:44 GMT
expires: Sun, 21 May 2023 05:16:44 GMT
last-modified: Fri, 29 Apr 2022 14:41:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7254 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWtXWd0aJYp2bBYLmxgPK_b_QBdGOguNpgZOakPIPoOm7wfQKEAEgq6DwAmCV4pCCoAegAeyh9fICyAEJqQI6JBRlhd9wPqgDAcgDSKoE4gFP0MugR1zVG1hj1Ofz__c157FVK_D-329fStoJjqHnLH-20i_IoQmrJe2gunNwWf7B-3BALZqsZ3jGB5VTAXJ74KYpXbyee-gMSZxmwlPWto8QiZxBHVPbk45FpVGStOSiwVUbDDSqdSw5vlR4tzdDI0qgM3XTp5H730GXC0bzyB7MAWGGI8iKjnigDfHbCVO406w_-wHEb5HtG1VTZfE6e9bwwKsnEjQuurM02hsn8yIT0a7ydYMWa4nL5e1JLei7fi9fMldP7Fx4YnUfZLHA5sjiyjH9ndfGl4fKJ2bxHnKAwATy_5mo5QOSBQQIBBgBkgUECAUYBKAGLoAH_N2KjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD07QvSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjgzNjkzMjk0NTA4MDk2NRgA&sigh=17GFYY9wBiI&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=250&slotname=8943165052&adk=2741730798&adf=4191552336&pi=t.ma~as.8943165052&w=300&lmt=1564710248&psa=0&format=300x250&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638837&bpp=2&bdt=999&idt=122&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=3635864583323&frm=20&pv=2&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=547&ady=925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TqMOgvADI1&p=https%3A//www.zww.cn&dtd=134
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 May 2022 20:07:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 7254 21 KB
8 KB 350ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91daca9ccd622b2be13b23a5c2ec4a57c149b23b2c8d27b3f4400558b57cc389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8578
x-xss-protection: 0
server: cafe
etag: 80073637329448240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 19:04:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 7254 3 KB
1 KB 353ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 19:37:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7254 135 KB
41 KB 129ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 20:07:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 7254 17 KB
7 KB 353ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2637ded6ce007b316a9c5e971a20daab4be2b60d85cde6181ead7d406bfe68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7175
x-xss-protection: 0
server: cafe
etag: 14106299915199171216
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 19:57:21 GMT

GET
H2 200 vctm Show response
pos.baidu.com/ 1 KB
1 KB 1627ms
242ms Script
application/javascript 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/vctm?di=u3582900&uuid=697c2161bae9f50e&dri=0&dis=0&dai=1&ps=1566x8&enu=encoding&exps=110011&ant=0&psi=c6a4d0ec6e0b4685&dcb=___adblockplus_&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1653163640296&ti=%E8%B5%B0%E5%87%BA%E8%BF%B7%E8%8C%AB-%E5%88%9D%E4%B8%AD%E4%BD%9C%E6%96%87-%E5%B0%8F%E8%8D%B7%E4%BD%9C%E6%96%87%E7%BD%91&ari=2&ver=0517&dbv=2&drs=3&pcs=1600x1200&pss=1600x1851&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1564710248&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1653163640

Requested by

Host: cpro.baidustatic.com
URL: https://cpro.baidustatic.com/cpro/ui/c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

766c76265d4fb6b8ebe8e8718ab83869d131ba7892d8cfbb227a5d0f7d978547

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
content-encoding: gzip
last-modified: Sun May 22 04:07:21 2022
server: nginx
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
cache-control: post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
content-length: 762
x-xss-protection: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7D44 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2836932945080965&output=html&h=250&slotname=8943165052&adk=2741730798&adf=4191552336&pi=t.ma~as.8943165052&w=300&lmt=1564710248&psa=0&format=300x250&url=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653163638837&bpp=2&bdt=999&idt=122&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=3635864583323&frm=20&pv=2&ga_vid=429538773.1653163639&ga_sid=1653163639&ga_hid=227501405&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=547&ady=925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44763827%2C31067416%2C31067544%2C31067699&oid=2&pvsid=1793677296031630&pem=243&tmod=660363507&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TqMOgvADI1&p=https%3A//www.zww.cn&dtd=134
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 19:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7254 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da21dd34c91b5f4f4f708d6907629c2a511d7b5e5a3df1782ad247735ab41041

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A399 42 B
64 B 97ms
55ms Fetch
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJh2eaFFipO7lU5pJw001uBC0qQwa1GofI-SnqcHcyYj5sVCMBo1vxaXR69juQMAgtjjyq9KExSYtaW6-tpGmGuwVli-n_r16iU5ua76DuRn60pywj_kx_UCzB&sai=AMfl-YQO-7u0rXK9ZXz9Dsmkzrd8swrv5l-2WkcqqfLEw09AXI0ysNsg79Drw9t7aXefJu3yl3D6XV3p7Ima&sig=Cg0ArKJSzJnzs7mKdeXqEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2858083242&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653163638997&rpt=839&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7C5C 3 KB
970 B 143ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Space+Grotesk:regular,700,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f16bdc62099181e77bcc095631860bca583ec5a19309c1e61711be4d889b612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 May 2022 20:07:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 20:07:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 May 2022 20:07:20 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C5C 16 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C5C 26 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 14:22:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7D44
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

109ms
109ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 20:07:21 GMT
expires: Sat, 21 May 2022 20:07:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 20:07:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
fonts.gstatic.com/s/spacegrotesk/v12/ Frame 7C5C 21 KB
21 KB 158ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spacegrotesk/v12/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Space+Grotesk:regular,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc69ed7b78fd98d1ddf0e80836cf906438e09e50f5f708340e1fa1cdec07e222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:38:55 GMT
x-content-type-options: nosniff
age: 246506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21080
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:57:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 23:38:55 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 148 KB
53 KB 45ms
45ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/reactive_library_fy2019.js?bust=31067699

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49098f5052cdacf0c5608dd41945179f97a729b721cc9440e3fb056ebeb8b48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53765
x-xss-protection: 0
server: cafe
etag: 6411570006564633396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 20:07:21 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zww.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 20:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zww.cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zww.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 May 2022 20:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 2435 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zww.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Fri, 03 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 78C9 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zww.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Fri, 03 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 2435 4 KB
633 B 139ms
55ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 May 2022 19:32:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 20:07:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 May 2022 20:07:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2435 205 B
743 B 143ms
40ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:47:34 GMT
x-content-type-options: nosniff
age: 1187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 May 2023 19:47:34 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2435 604 B
693 B 144ms
41ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:03:45 GMT
x-content-type-options: nosniff
age: 216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 21 May 2023 20:03:45 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 2435 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 19:51:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 78C9 2 KB
532 B 125ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e88adda18aa09bcb1b6747436882f40a0074574df0ca4bc130779bb440e19d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 May 2022 19:36:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 20:07:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 May 2022 20:07:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 78C9 2 KB
904 B 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 19:58:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 78C9 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_lX0d0aJYrfRLcfM1fAP55KsgALv4L2baoSdpcy2EK_NzP-NMBABIKug8AJgleKQgqAHoAGMoYnxAsgBCakCOiQUZYXfcD6oAwHIA8sEqgTNAU_QxVPEOql4Vm8YKgqN-yXNsWlhBLykWQxRYRO1U1Ai_COu5RCFjHStwrKkfRBw0x6H06_YhuiqaE3-wBKcK8c4iCNCrQ3nJa7NnarkTgKm1xqGDoL0hlIySMymvle0o24yvWB_sqG7RE5AEJoXq6ufwl-5VTV-51fZ2TAnBfVYof7jaYZfitIInZdF61lZQDa3wIvoUEsPoi1xGZ6rHA12Vdj-xdcZPXxumcCbaEfhyvQCCR9FO6NGhkGTz-IrAq890TvOxxVvKVLZgrDABLfXvJz1A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAerlOGlAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC0uxDSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjgzNjkzMjk0NTA4MDk2NRgA&sigh=xE2HbF-1JRM&uach_m=[UACH]&template_id=494

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 21 May 2022 20:07:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 78C9 21 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:02:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 78C9 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:04:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78C9 135 KB
41 KB 82ms
80ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 20:07:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 78C9 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:00:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 78C9 0
0 51ms
50ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5DxOvhLMbRifDrArxRSyCDq1KjFFmwDzAZRqAlnPdiUYz5sbQSueEYmsdTGA4mBDtAzW3VCT4fqELYuuiRD-vqclX5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 78C9 30 KB
12 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 78C9 20 KB
20 KB 255ms
127ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSVPodLyA2AY3wX0GKHX0EJL8y_9Wa_z3Oa0x5MfTU0UBDpDp5_S5taVPs9O5k&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4592e655c1aebb81d980d99e6106a6d0d60e183794f34b6473c7216c9e552e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 16:40:03 GMT
x-content-type-options: nosniff
age: 444438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20746
x-xss-protection: 0
last-modified: Fri, 15 Apr 2022 16:17:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 May 2023 16:40:03 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 78C9 21 KB
21 KB 273ms
145ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT7EDJyWPW7tcXdenC2yluuQmiXRSueEYC-CssmU9T9LMrffFQEHBYs5CWKcfM&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82c887a3ba47f44b9dc73ea9c508c886d8622ea667499e2182f58b59176ca4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 06:33:46 GMT
x-content-type-options: nosniff
age: 48815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21541
x-xss-protection: 0
last-modified: Mon, 02 May 2022 01:57:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 21 May 2023 06:33:46 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 78C9 27 KB
27 KB 162ms
39ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQWsg4br5OA4LCllJ0kVz49Ym2KFJ4rteORF1oPq7ZNkLDnazjAtUMElThRVQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2242a6cbedbd60dc5351d52fadcbcf41e5496c5fb16ed4cbbe1b2ed8886ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:10:22 GMT
x-content-type-options: nosniff
age: 421019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27477
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 01:50:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 May 2023 23:10:22 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 78C9 15 KB
15 KB 204ms
81ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTorEwdYKgj4mRQpv3inwfsOYq700IBIDxjYNWH34giWUIa3yIF&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

576bfec8ae2ceb378e3062021e503889798b8c75747b1ddbfaf605938e55457e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 15:33:23 GMT
x-content-type-options: nosniff
age: 448438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15240
x-xss-protection: 0
last-modified: Tue, 10 May 2022 02:57:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 May 2023 15:33:23 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 78C9 20 KB
20 KB 263ms
135ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJtIyOcWzuDGO--KiNaJyUEeO7GU3UxXpRloCPr2rsWtJMtsnWiKVKEA3y5w&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70cab650c20027c14ec6b2eec069d3732e6fdb0ad8942c8c4f45afa90f5b8c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 13:21:08 GMT
x-content-type-options: nosniff
age: 456373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20774
x-xss-protection: 0
last-modified: Tue, 10 May 2022 01:49:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 May 2023 13:21:08 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 78C9 29 KB
30 KB 161ms
35ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRzUwadJVnmXzwFr5adzD_7dGG8fDAZIl8BEMAe_2nX2FrNxfJyvKqfoxsRl0Y&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91085523d10f6fa7c220e6a2ec63e8de6f105a5e6e96f114f7170dd4c08b36b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 15:05:43 GMT
x-content-type-options: nosniff
age: 536498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30047
x-xss-protection: 0
last-modified: Sun, 08 May 2022 03:27:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 15 May 2023 15:05:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 78C9 23 KB
23 KB 282ms
156ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSKM9eZMDJccooISsiwUH0e-dH_f6IEHMvb_1H3bHuDVEulif9IMNSBInnNqg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e8eb1567fe09c6dc93a33af5833e637cf2b349d501470f9d7a85ab8fb97c1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 05:47:30 GMT
x-content-type-options: nosniff
age: 137991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23668
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 02:28:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 20 May 2023 05:47:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 78C9 26 KB
26 KB 203ms
77ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS9OBI_IrsD6pnFrU2rcQFyoCi1Ysxwxhb8pc8nZELgs7vrTu5S&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7edede14c02e4e4e86eba574b49a619b34773ba40edd6e7a6b5b7ea44a0c3fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 17:54:35 GMT
x-content-type-options: nosniff
age: 94366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26613
x-xss-protection: 0
last-modified: Mon, 02 May 2022 01:43:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 20 May 2023 17:54:35 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 78C9 16 KB
16 KB 214ms
93ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR6YFdkvvX7dXWKC3dKxNbFxn-Z2jZAOgQuVn-DIG70ZIFPXZcNwgqXkEkwYOU&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9916151d053a5d8891830126bb48a5eaa1329af47d995864e054ea450658ac54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 05:49:23 GMT
x-content-type-options: nosniff
age: 569878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16470
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 04:06:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 15 May 2023 05:49:23 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 78C9 102 KB
102 KB 159ms
35ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQe4sCtCpO08XMWQs1OliMp3HXeq9tq0YW_cR6nBs3tUMxHHarG&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

074ef23eae8e7f045da9a62922af86ec9f381d0b6227a4ee4e8c6bc23c843795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 17:41:28 GMT
x-content-type-options: nosniff
age: 181553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104104
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 14:44:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 May 2023 17:41:28 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C5C 35 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:52:48 GMT

GET
H3 200 c_erc_eve.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/ Frame 7C5C 4 KB
4 KB 42ms
41ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/c_erc_eve.png

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe7646247485829801136a887182b1b1108a970a63d5ca28715f6335d2eec7d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 53436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3824
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 14:41:43 GMT
server: sffe
date: Sat, 21 May 2022 05:16:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 May 2023 05:16:45 GMT

GET
H3 200 BE_ISTABUL_300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/ Frame 7C5C 379 KB
379 KB 45ms
45ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6123985980558224649/BE_ISTABUL_300x250.jpg

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9560c18f9eefba4a890f1244cd1f57def40cf541ea96692daa660cdfbbd47379

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 53436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 388491
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 14:41:43 GMT
server: sffe
date: Sat, 21 May 2022 05:16:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 May 2023 05:16:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C4EF 1 KB
749 B 34ms
34ms Document
text/html 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 13:23:56 GMT
etag: 48472445140208031
expires: Sun, 22 May 2022 13:23:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 78C9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9a48600403ae3d1c4009155175f14aec505b1bfcac9acbe0a497fc1fb5b4bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame C6F6 8 KB
892 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 21 May 2022 19:28:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 21 May 2022 20:07:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 May 2022 20:07:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C6F6 2 KB
904 B 53ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 19:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 19:58:07 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame C6F6 21 KB
8 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:02:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C6F6 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:04:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6F6 135 KB
41 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 May 2022 20:07:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame C6F6 17 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:00:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6F6 0
0 52ms
51ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR48Gv_8kicvw4fq82VK_oS3sbIUmqXDIeBjTtbKTVrHzdAgQ-HXqUvv3wNTyPpNzTOZ9Jf8cI_W5IrRmiu2EAWheXETw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame C6F6 30 KB
12 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:13 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C4EF 35 B
463 B 48ms
11ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDYtGt40WTg2Ek2DV99QDWc&google_cver=1&google_push=AYg5qPL0jpbzuX4JfmWBY4j6EpORcjsNWtqHu8Y1lw5m_8DS7CHIx91rJCDmnI-tNDEbWoxUTZIoeMtp8P2F3C1bUSl9AjOydGAK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C4EF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEPv0VrvS_1ZWd2BV8TajMsE&google_cver=1&google_push=AYg5qPIlZvaGvpmq4NTfZ7KTYr-HMEGbYzlpoE20F4zR3l9D4yTv4basTqxycos3lz0aZz-t5pbiIcnqKDegNmQ4Ik26YA01oZw_
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlZvaGvpmq4NTfZ7KTYr-HMEGbYzlpoE20F4zR3l9D4yTv4basTqxycos3lz0aZz-t5pbiIcnqKDegNmQ4Ik26YA01oZw_&google_hm=Q0FFU0VQdjBWcnZTXzFaV...

170 B
232 B

77ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlZvaGvpmq4NTfZ7KTYr-HMEGbYzlpoE20F4zR3l9D4yTv4basTqxycos3lz0aZz-t5pbiIcnqKDegNmQ4Ik26YA01oZw_&google_hm=Q0FFU0VQdjBWcnZTXzFaV2QyQlY4VGFqTXNF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 May 2022 20:07:20 GMT
Server: Apache-Coyote/1.1
transfer-encoding: chunked
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIlZvaGvpmq4NTfZ7KTYr-HMEGbYzlpoE20F4zR3l9D4yTv4basTqxycos3lz0aZz-t5pbiIcnqKDegNmQ4Ik26YA01oZw_&google_hm=Q0FFU0VQdjBWcnZTXzFaV2QyQlY4VGFqTXNF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4EF
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIp5tDG...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIp5tDG...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjEyMDA3MjEwMDAxMDgxNzEwOTc0NQ%3D%3D&google_push=AYg5qPIp5tDGg8r2oRHu6wL18OTykTtLc4yuOUUpz56LR9lj1iLam2GKVZD_t8TjAmmhj-...

170 B
188 B

43ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjEyMDA3MjEwMDAxMDgxNzEwOTc0NQ%3D%3D&google_push=AYg5qPIp5tDGg8r2oRHu6wL18OTykTtLc4yuOUUpz56LR9lj1iLam2GKVZD_t8TjAmmhj-2VXYbfCRj--NFgl4MuQuVkkc8SLp9P

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjEyMDA3MjEwMDAxMDgxNzEwOTc0NQ%3D%3D&google_push=AYg5qPIp5tDGg8r2oRHu6wL18OTykTtLc4yuOUUpz56LR9lj1iLam2GKVZD_t8TjAmmhj-2VXYbfCRj--NFgl4MuQuVkkc8SLp9P
pragma: no-cache
date: Sat, 21 May 2022 20:07:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 21 May 2022 20:07:22 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C4EF 43 B
356 B 63ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJzDbgh8y-W-drFQZf-BVbw&google_push=AYg5qPLW4z1v68RfmCpi6K33kBE305Aen5k_ZteIxvN10wIfCQ4mBlxFQaLGrCPcj2dIXesq_uxRnt1mCjgAdaku_6I-8sOao_5v&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C4EF 43 B
351 B 70ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIMR5RFr0NW_ee1okgCLRcc&google_cver=1&google_push=AYg5qPKr9ySZHeaMl9SE6P_f5MXRu672ZCRq_OL_1n1LkF_bW0vJ6GU2AXZEMHd_z_mrtVd3gxnIpB5nW2_wAIa5BfaThB0R6Q-0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n3jtm0ors9ed11vcoqred1dk7kf66pkj

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C4EF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAF-7jLzQLlIKhThwZvatqo&google_cver=1&google_push=AYg5qPIaRHeVt5l1HkoVW-bf4aUbOgMyvPF_mSKoKQY46mz9v3s4GOFGyt_x_meddrvv57jlAyp...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1SVEtMUstMUFOVw==&google_push=AYg5qPIaRHeVt5l1HkoVW-bf4aUbOgMyvPF_mSKoKQY46mz9v3s4GOFGyt_x_meddrvv57jlAyp-jY_KiuFnsc6QNJE1AyDtKqdU

170 B
329 B

77ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1SVEtMUstMUFOVw==&google_push=AYg5qPIaRHeVt5l1HkoVW-bf4aUbOgMyvPF_mSKoKQY46mz9v3s4GOFGyt_x_meddrvv57jlAyp-jY_KiuFnsc6QNJE1AyDtKqdU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1SVEtMUstMUFOVw==&google_push=AYg5qPIaRHeVt5l1HkoVW-bf4aUbOgMyvPF_mSKoKQY46mz9v3s4GOFGyt_x_meddrvv57jlAyp-jY_KiuFnsc6QNJE1AyDtKqdU
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C4EF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPI8lUEX849RrZ1JZ_zP6n5zSwpz8JUFLDSj9EEMlN_oqZopExMoI4EW5a4VFauoRSamkEYnQgcTBz6QdstN-1...

170 B
188 B

43ms
43ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPI8lUEX849RrZ1JZ_zP6n5zSwpz8JUFLDSj9EEMlN_oqZopExMoI4EW5a4VFauoRSamkEYnQgcTBz6QdstN-1uScya214l5&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 May 2022 20:07:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPI8lUEX849RrZ1JZ_zP6n5zSwpz8JUFLDSj9EEMlN_oqZopExMoI4EW5a4VFauoRSamkEYnQgcTBz6QdstN-1uScya214l5&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Sat, 21 May 2022 20:07:21 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C4EF 0
223 B 150ms
41ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdIRS5U77o_owWnGNg86sAac4zfNOgHRVIUUZIuvzvu9KWCj4QOBx8EDGmWF4H1DmsQMN8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A037 143 B
163 B 43ms
41ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 19:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 04DC 1 KB
749 B 26ms
26ms Document
text/html 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 13:23:56 GMT
etag: 48472445140208031
expires: Sun, 22 May 2022 13:23:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame A900 35 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:52:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04DC
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDYtGt40WTg2Ek2DV99QDWc&google_cver=1&google_push=AYg5qPISos6qMQqbb7qXviWKpvCxBhWVJQh6UjhamiMjMQLwQBKbhU30ES...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPISos6qMQqbb7qXviWKpvCxBhWVJQh6UjhamiMjMQLwQBKbhU30ESMteKTzO-tJHaC8rHJRdH6MOy22Ert_XXuHHFO7cZU&google_hm=UkdoX4LzE9wCk...

170 B
188 B

101ms
44ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPISos6qMQqbb7qXviWKpvCxBhWVJQh6UjhamiMjMQLwQBKbhU30ESMteKTzO-tJHaC8rHJRdH6MOy22Ert_XXuHHFO7cZU&google_hm=UkdoX4LzE9wCkw59Ch8bVw

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPISos6qMQqbb7qXviWKpvCxBhWVJQh6UjhamiMjMQLwQBKbhU30ESMteKTzO-tJHaC8rHJRdH6MOy22Ert_XXuHHFO7cZU&google_hm=UkdoX4LzE9wCkw59Ch8bVw
pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04DC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEPv0VrvS_1ZWd2BV8TajMsE&google_cver=1&google_push=AYg5qPKWjF-FOvVLN13zPaZS4Ku6AL9LozHIsVpsI6j1SOS7NLCZcV74WmwjKfn6XvRetghX7VLPCrthsZ1QrhvSdLzmHKXYG2o
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKWjF-FOvVLN13zPaZS4Ku6AL9LozHIsVpsI6j1SOS7NLCZcV74WmwjKfn6XvRetghX7VLPCrthsZ1QrhvSdLzmHKXYG2o&google_hm=Q0FFU0VQdjBWcnZTXzFaV2...

170 B
188 B

100ms
43ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKWjF-FOvVLN13zPaZS4Ku6AL9LozHIsVpsI6j1SOS7NLCZcV74WmwjKfn6XvRetghX7VLPCrthsZ1QrhvSdLzmHKXYG2o&google_hm=Q0FFU0VQdjBWcnZTXzFaV2QyQlY4VGFqTXNF

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 May 2022 20:07:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKWjF-FOvVLN13zPaZS4Ku6AL9LozHIsVpsI6j1SOS7NLCZcV74WmwjKfn6XvRetghX7VLPCrthsZ1QrhvSdLzmHKXYG2o&google_hm=Q0FFU0VQdjBWcnZTXzFaV2QyQlY4VGFqTXNF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 04DC 43 B
64 B 47ms
28ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIMR5RFr0NW_ee1okgCLRcc&google_cver=1&google_push=AYg5qPIJ8D6shK2xEqRyW478V_5MQTvHSHJv-ituqCWLU9hZKlROAcEs6hJt1So0eKxv_zbbr2OI4ysEKECyl9pDPq8-WpIHkKc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: a0e38a218k8ac8cf6mjfmr8ubmdkhng2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04DC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ScG6XVSLTXi2rAU2iGpi_Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
43ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ScG6XVSLTXi2rAU2iGpi_Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJo0UbShWjAz2x36CTKzIvT0vcfI1GOAO4Es3uquf5D3ZoFZtkjs1eVCM4X-HYEIVcyhZKUGU2gBFw5X2rYRsEdvgd77Uw

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ScG6XVSLTXi2rAU2iGpi_Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJo0UbShWjAz2x36CTKzIvT0vcfI1GOAO4Es3uquf5D3ZoFZtkjs1eVCM4X-HYEIVcyhZKUGU2gBFw5X2rYRsEdvgd77Uw
date: Sat, 21 May 2022 20:07:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04DC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAF-7jLzQLlIKhThwZvatqo&google_cver=1&google_push=AYg5qPIddkItycvVvYINh7xmw-_j-9qlAtc-MvCrrc8ZpvuQi-fCOdM-0A6YbmHMc5izKfAaczX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1TTItMjgtMVA1UQ==&google_push=AYg5qPIddkItycvVvYINh7xmw-_j-9qlAtc-MvCrrc8ZpvuQi-fCOdM-0A6YbmHMc5izKfAaczXVtG5vL4cRc7WKSVOZm07r0rk

170 B
188 B

100ms
43ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1TTItMjgtMVA1UQ==&google_push=AYg5qPIddkItycvVvYINh7xmw-_j-9qlAtc-MvCrrc8ZpvuQi-fCOdM-0A6YbmHMc5izKfAaczXVtG5vL4cRc7WKSVOZm07r0rk

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNHQVk1TTItMjgtMVA1UQ==&google_push=AYg5qPIddkItycvVvYINh7xmw-_j-9qlAtc-MvCrrc8ZpvuQi-fCOdM-0A6YbmHMc5izKfAaczXVtG5vL4cRc7WKSVOZm07r0rk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04DC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPJ66FUKV1gRJFeDUtXc3wxsp_CI7wEr-gdyFNwzz5wludJME-v1qvVuq-r_txt-mD5GLzTL_RampAvQkjENVK...

170 B
188 B

43ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPJ66FUKV1gRJFeDUtXc3wxsp_CI7wEr-gdyFNwzz5wludJME-v1qvVuq-r_txt-mD5GLzTL_RampAvQkjENVKCp7oQroqA&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 May 2022 20:07:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YolGeddY0cMp2qzAJXrybQAABLYAAAAB&google_push=AYg5qPJ66FUKV1gRJFeDUtXc3wxsp_CI7wEr-gdyFNwzz5wludJME-v1qvVuq-r_txt-mD5GLzTL_RampAvQkjENVKCp7oQroqA&google_gid=CAESEOFTQaxKwNqaZjGt-ECBeec&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 21 May 2022 20:07:21 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 04DC 43 B
296 B 171ms
19ms Image
image/gif 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEAog0yVnXalZgEuqm1ivhR8&google_cver=1&google_push=AYg5qPJcnd5J8RUGjuevkisLZRC3Bzt5hzcJEnyMYpBnvoLO9G8iO34NyFktQiSD9WRSc46VkZhsZxnaBB_AyYShbBfUNKSJDm0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 04DC 0
12 B 106ms
40ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IO8zUra-NO-F7lSt-b9k0RPAz3ESJPCbpPtLX6unP8bIOEfHP9hJfXKjyxFE4RmVFWGYh9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A037
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

115ms
115ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 20:07:21 GMT
expires: Sat, 21 May 2022 20:07:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 21 May 2022 20:07:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame C0A6 35 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: www.zww.cn
URL: https://www.zww.cn/zuowen/html/51/350029.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 06:52:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7254 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgXtzpf-WybmIHul615t57VHI4E4c2wsdTm4S0dJgUDcQ_PlOJsIdY8HxuMXxdjB4uwbVYhstdNCyVI61R2GdWhm4Q4ckr9ptcSPNPiRAOAsz7D1cMKCgINElu&sai=AMfl-YTJ5KdDoh5MHxxkiacxsJVRN50hRqIAvWX7cvvfc-03CbxDR1SXcnK4XAN00NBSC5RlDsmpkRb3EMOb&sig=Cg0ArKJSzN7XICEr44FxEAE&id=lidar2&mcvt=1013&p=0,0,250,300&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2741730798&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653163638973&rpt=1660&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vctm Show response
pos.baidu.com/ Frame 73BD 37 KB
12 KB 322ms
322ms Document
text/html 182.61.200.109
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://pos.baidu.com/vctm?conwid=728&conhei=90&rdid=3582900&dc=3&di=u3582900&s1=1769742689&s2=3135894798&dri=0&dis=0&dai=1&ps=1566x8&enu=encoding&exps=110261,110252,110011&ant=0&psi=c6a4d0ec6e0b4685&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1653163640296&ti=%E8%B5%B0%E5%87%BA%E8%BF%B7%E8%8C%AB-%E5%88%9D%E4%B8%AD%E4%BD%9C%E6%96%87-%E5%B0%8F%E8%8D%B7%E4%BD%9C%E6%96%87%E7%BD%91&ari=2&ver=0517&dbv=2&drs=3&pcs=1600x1200&pss=1600x1851&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1564710248&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1653163640&qn=ad2acd411a2fa50c&ft=pc

Requested by

Host: cpro.baidustatic.com
URL: https://cpro.baidustatic.com/cpro/ui/c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

182.61.200.109 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

9f8f3b34538f276de4b80a7cd9c68e64dafc349e67a0df7a59081eae6d52ad9d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zww.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-length: 12363
content-type: text/html;charset=UTF-8
date: Sat, 21 May 2022 20:07:22 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun May 22 04:07:22 2022
p3p: CP=" OTI DSP COR IVA OUR IND COM " CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
x-xss-protection: 0

GET
H2 200 logo-sm.css
bdad.zww.cn/js/logo/css/ Frame 73BD 2 KB
885 B 2171ms
487ms Stylesheet
text/css 115.231.186.129

General

Check archive.org

Show headers Download Go to

Full URL: https://bdad.zww.cn/js/logo/css/logo-sm.css
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vctm?conwid=728&conhei=90&rdid=3582900&dc=3&di=u3582900&s1=1769742689&s2=3135894798&dri=0&dis=0&dai=1&ps=1566x8&enu=encoding&exps=110261,110252,110011&ant=0&psi=c6a4d0ec6e0b4685&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1653163640296&ti=%E8%B5%B0%E5%87%BA%E8%BF%B7%E8%8C%AB-%E5%88%9D%E4%B8%AD%E4%BD%9C%E6%96%87-%E5%B0%8F%E8%8D%B7%E4%BD%9C%E6%96%87%E7%BD%91&ari=2&ver=0517&dbv=2&drs=3&pcs=1600x1200&pss=1600x1851&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1564710248&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1653163640&qn=ad2acd411a2fa50c&ft=pc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.231.186.129 -, , ASN (),
Reverse DNS
Software: yunjiasu /
Resource Hash: 503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:24 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 13:45:12 GMT
server: yunjiasu
etag: W/"61eead68-850"
yjs-id: b4b319d871252b64-111
p3p: CP=" OTI DSP COR IVA OUR IND COM "
cache-control: public, max-age=3600
yjs-cachestatus: HIT
content-type: text/css
content-length: 789
expires: Sat, 21 May 2022 21:07:24 GMT

GET
H2 200 logo.js Show response
bdad.zww.cn/js/logo/js/ Frame 73BD 14 KB
8 KB 1937ms
253ms Script
application/x-javascript 115.231.186.129

General

Check archive.org

Show headers Download Go to

Full URL: https://bdad.zww.cn/js/logo/js/logo.js
Requested by: Host: pos.baidu.com
URL: https://pos.baidu.com/vctm?conwid=728&conhei=90&rdid=3582900&dc=3&di=u3582900&s1=1769742689&s2=3135894798&dri=0&dis=0&dai=1&ps=1566x8&enu=encoding&exps=110261,110252,110011&ant=0&psi=c6a4d0ec6e0b4685&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1653163640296&ti=%E8%B5%B0%E5%87%BA%E8%BF%B7%E8%8C%AB-%E5%88%9D%E4%B8%AD%E4%BD%9C%E6%96%87-%E5%B0%8F%E8%8D%B7%E4%BD%9C%E6%96%87%E7%BD%91&ari=2&ver=0517&dbv=2&drs=3&pcs=1600x1200&pss=1600x1851&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1564710248&prot=2&rw=1200&ltu=https%3A%2F%2Fwww.zww.cn%2Fzuowen%2Fhtml%2F51%2F350029.htm&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1653163640&qn=ad2acd411a2fa50c&ft=pc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.231.186.129 -, , ASN (),
Reverse DNS
Software: yunjiasu /
Resource Hash: 65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pos.baidu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:07:24 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 09:53:32 GMT
server: yunjiasu
etag: W/"6261299c-371a"
yjs-id: b4b319d8db4e2b64-111
p3p: CP=" OTI DSP COR IVA OUR IND COM "
cache-control: public, max-age=3600
yjs-cachestatus: HIT
content-type: application/x-javascript
expires: Sat, 21 May 2022 21:07:24 GMT

GET adx.php
wn.pos.baidu.com/ Frame 73BD 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78C9 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4014:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD01w4IKazppDpeu2V-tIdedzX1YcyKB-JFA35hp22rb4lkTgniYcXvMHxlVlMEcO-Sr3Xj7XkjF12OL6tztMQpYYVTrnjsTv3e5Nki53mFADanLUyJz-uWjqG&sai=AMfl-YQ6lwR_qmgJc98z4lt-0hdWgpemv0f-Uwg0lUjuT_QgY-SpxMnNyhAsfFr8gmTkgbeUHzjrHr8Ifz8JkJDYTIlOL6fExurPAnY6o-p3YRzsA7b7YsAEvdk0ly4&sig=Cg0ArKJSzN_oNSxao5k_EAE&cid=CAASF-RoTz_ESSLrnbJHrdRgGPtT5DXwz65U&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=112,795,1000,1000,1000&tos=112,683,205,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653163641153&rpt=401&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 May 2022 20:07:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 2001408472_14.jpg
lupic.cdn.bcebos.com/20210629/ Frame 73BD 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.zww.cn
URL: http://www.zww.cn/count/count.js

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/urchin.js

Domain: wn.pos.baidu.com
URL: https://wn.pos.baidu.com/adx.php?c=d25pZD1hOGVhMGQ2ZDkxMTY2OGQ5AHM9YThlYTBkNmQ5MTE2NjhkOQB0PTE2NTMxNjM2NDIAc2U9MQBidT00AHByaWNlPVlvbEdlZ0FCR1lSN2pFcGdXNUlBOGxrS2taYXdVajdvMGhVbDdBAGNoYXJnZV9wcmljZT03MgBzaGFyaW5nX3ByaWNlPTcyMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0yMTY2NDI4MTYAdHU9dTM1ODI5MDAAYWRjbGFzcz0xMwBzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAYmNobWQ9MAB0bT0xMDg2OTgxAHY9MQBpPTE3ZDkxNGE2

Domain: lupic.cdn.bcebos.com
URL: https://lupic.cdn.bcebos.com/20210629/2001408472_14.jpg

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zww.cn/	1969-12-31 23:59:59	Name: z Value: i5574Di
www.zww.cn/	1969-12-31 23:59:59	Name: ASPSESSIONIDSQDQTBST Value: DBNJIMJAJJPHLLLFBGMACHNM
.zww.cn/	1970-01-20 12:34:19	Name: __gads Value: ID=71d2ce5e1eea0b5c-224492389bcd0084:T=1653163639:RT=1653163639:S=ALNI_MY2UmLRwqXwM4i3cSkMUqe7_CUwXg
.doubleclick.net/	1970-01-20 12:34:19	Name: IDE Value: AHWqTUl49rxTiB2gp_VJH5-kVsolXIqpC3mRLS7gblS3wbzNKOTmbkacTCfqMwds-SE
.doubleclick.net/	1970-01-20 03:12:47	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 05:22:19	Name: d Value: ECYBCQGYJoEA
.quantserve.com/	1970-01-20 12:42:58	Name: mc Value: 62894679-69cef-e416f-cf245
.agkn.com/	1970-01-20 11:58:19	Name: ab Value: 0001%3AeFiEQqMEebHj0NUaKTmR9lIjRZNxah7k
.casalemedia.com/	1970-01-20 11:58:19	Name: CMID Value: YolGeddY0cMp2qzAJXrybQAA
.casalemedia.com/	1970-01-20 05:22:19	Name: CMPS Value: 3271
.agkn.com/	1970-01-20 11:58:19	Name: u Value: C\|0CEAqHAL5KhwC-QAAAAABAQ13AQEAAQpAAAAAAA
.casalemedia.com/	1970-01-20 05:22:19	Name: CMPRO Value: 1206
.casalemedia.com/	1970-01-20 03:14:10	Name: CMST Value: YolGeWKJRnkA
.innovid.com/	1970-01-20 05:22:19	Name: uuid Value: c434dd4d-3520-4b62-afd5-1c488a89b82a-20220521 16:07:21
.e.dlx.addthis.com/	1970-01-20 12:42:58	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:42:58	Name: na_id Value: 2022052120072100010817109745
.addthis.com/	1970-01-20 12:42:58	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:42:58	Name: uid Value: 62894679b09ee824
.addthis.com/	1970-01-20 12:42:58	Name: ouid Value: 628946790001a1c5f73dfbde2b0d5d0b61950bd8699eeb3ed2de
.dlx.addthis.com/	1970-01-20 03:55:55	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:55:55	Name: na_sr Value: 20220521
.dlx.addthis.com/	1970-01-20 03:12:43	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:55:55	Name: na_sc_e Value: 0
.pubmatic.com/	1970-01-20 03:14:10	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:22:19	Name: KADUSERCOOKIE Value: 49C1BA5D-548B-4D78-B6AC-0536886A62FD

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.zww.cn/zuowen/html/51/350029.htm Message: Mixed Content: The page at 'https://www.zww.cn/zuowen/html/51/350029.htm' was loaded over HTTPS, but requested an insecure script 'http://www.zww.cn/count/count.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.zww.cn/zuowen/html/51/350029.htm Message: Mixed Content: The page at 'https://www.zww.cn/zuowen/html/51/350029.htm' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/urchin.js'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2836932945080965&fa=1&ifi=5&uci=a!5&btvi=1&xpc=7J1oK0WzY3&p=https%3A//www.zww.cn Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
bdad.zww.cn
cm.g.doubleclick.net
cms.quantserve.com
cpro.baidustatic.com
d.agkn.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
lupic.cdn.bcebos.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pos.baidu.com
pub.idqqimg.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
wn.pos.baidu.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.zww.cn
lupic.cdn.bcebos.com
wn.pos.baidu.com
www.google-analytics.com
www.zww.cn
104.111.215.191
113.105.172.35
115.231.186.129
142.250.181.226
142.250.184.226
182.61.200.109
198.47.127.19
2.20.157.55
203.205.136.80
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:803::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:4014:80f::2002
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
3.68.169.133
34.98.67.61
35.186.253.211
61.183.11.168
69.173.144.139
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
0307d512c32494f005a1b05f0a5a11b1ac5d33cd05aa6b174277f4c6dcdc0027
040e7618b687b30741f335c13cf495b5e5f830879e1b33c89c2e10bb26adf1fe
06460c5ac2ac6f0dcecb946cb8160e58c2c1b81977086c1ac9d2a181fc73d92a
074ef23eae8e7f045da9a62922af86ec9f381d0b6227a4ee4e8c6bc23c843795
0ad9e09a546cdbaf54d023cd61a9bda7f9e09be7adc4fe68faa8eea805c35a7b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a2242a6cbedbd60dc5351d52fadcbcf41e5496c5fb16ed4cbbe1b2ed8886ffa
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
22ac35acc9a4a58391ccd0e01ead43c205d1072bbe0c7c671d232608cdd792b3
2c9b6ef3bbc00b562f81ddb4655fde9d99046ddb04e019e093123cebfe926734
2e20052002454bf7ee24605463b5c179e023239678af0fce45f8f803d3e43689
2f685e6ee2aec16f280fd9465fae3f46eae8afc94489bed693c50b7eea2bedcc
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
49098f5052cdacf0c5608dd41945179f97a729b721cc9440e3fb056ebeb8b48d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503aeafa6ff32a486168dec325ef89dc41f381745150e807a911009b5ea422b7
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
576bfec8ae2ceb378e3062021e503889798b8c75747b1ddbfaf605938e55457e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5caeac41b8fe12bd94e25834728eb5372c2538ac5f44278bd609194a677be921
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
65913f31dd2fa488a4060686e7f52d2114941952bffebf9cae2656d2276910bd
7088e740c5ab8fd86ccd5c2e28ca9f897819280827648e670851830116b531c2
70cab650c20027c14ec6b2eec069d3732e6fdb0ad8942c8c4f45afa90f5b8c82
73138b4082a0c6fe17c1266fc2c4a490b5d5f8129a0b75721393964aa9e908de
766c76265d4fb6b8ebe8e8718ab83869d131ba7892d8cfbb227a5d0f7d978547
795c6d2dcc1bce1b0c512a1acc7f081c98d3084a16f578debe8e9ccb59dd61f2
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d071925b1094b86208f1d72650ba64529b4e1ca6a7d9add236ff6e239d51a83
7e8eb1567fe09c6dc93a33af5833e637cf2b349d501470f9d7a85ab8fb97c1d6
7edede14c02e4e4e86eba574b49a619b34773ba40edd6e7a6b5b7ea44a0c3fd2
7f16bdc62099181e77bcc095631860bca583ec5a19309c1e61711be4d889b612
8012a6e1c3659a378bb358d318f7e0608a92d46f579ef92bb108517fb70049f2
82c887a3ba47f44b9dc73ea9c508c886d8622ea667499e2182f58b59176ca4b3
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8888853025254136ad84e3c8d5405ce52f6a512d19fad43b4475de09fc141a16
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bf98cd47787b11c6d50b40e7330ab849f736dca8c589cc71ee58677de4992f0
91085523d10f6fa7c220e6a2ec63e8de6f105a5e6e96f114f7170dd4c08b36b3
91daca9ccd622b2be13b23a5c2ec4a57c149b23b2c8d27b3f4400558b57cc389
9560c18f9eefba4a890f1244cd1f57def40cf541ea96692daa660cdfbbd47379
9916151d053a5d8891830126bb48a5eaa1329af47d995864e054ea450658ac54
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b168db3be7eb17913188c4fce4fc01f9cef851b69d9045e430672b494922191
9b5bc7f79e069b2d31bc0a7a4f6f3477c21d55a7a516e7327b8c15225868149f
9f8f3b34538f276de4b80a7cd9c68e64dafc349e67a0df7a59081eae6d52ad9d
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8a7ed5d8b734a4d08df201cdbf2daaa024ca470902558e8c148bdad6df4d8f5
abe7646247485829801136a887182b1b1108a970a63d5ca28715f6335d2eec7d
ac15963dfdafb820b23943f1ef2fa705cf42a308cc24fc170881274c98d702d0
b41442f6481d3f56912511207f4948c3f1d492e0325be872558f46766482011b
b484fcaef2330c5c4b89c043527821ff302fad56fad0a87b6ec9a9477a81778d
b48f24d1a4deacc32bec0cb41e167afcc88a983de7e93fa25aa48439fa744c8f
b576964277ce578bae36e6b1d7e22f9289f5fdf5bd1ae09a1d9fa104f96bc185
b576dd6ba243c4af7e5622a6a085bbc60c695730f0520c22bffeecebfefe4503
c553deafa383d0ebd46772fd0723e8d1ebbfa4c0dc9b4376fe69719394c38085
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cc69ed7b78fd98d1ddf0e80836cf906438e09e50f5f708340e1fa1cdec07e222
cd1eb71b76c8c77d07747ffc12d5058877a952b8224ae421e375ed9089e3d51c
d2637ded6ce007b316a9c5e971a20daab4be2b60d85cde6181ead7d406bfe68d
d9861953313c961411238616dd2e049039f4cd22d5e23691294b591982ebf01d
d9a48600403ae3d1c4009155175f14aec505b1bfcac9acbe0a497fc1fb5b4bf0
da21dd34c91b5f4f4f708d6907629c2a511d7b5e5a3df1782ad247735ab41041
dfbe967ed2d57c16ea498c27153f1e286cf6e3a5d6bba3ac304be0061c2a2d89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4592e655c1aebb81d980d99e6106a6d0d60e183794f34b6473c7216c9e552e7
e88adda18aa09bcb1b6747436882f40a0074574df0ca4bc130779bb440e19d9d
e8e48718ece679fac0c55554192463a4239031c94cd77456d062652b30e5a110
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
ecc3b69a51527e3486dad62b6cb56ce5fc8a2dae1d631e5a0a25c411838b4e3b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
fddd4d4739629d8196881741b9e1a9f816d765620aa5aeed996324c1ca502d2d

www.zww.cn Open in urlscan Pro 61.183.11.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

90 %HTTPS

52 %IPv6

23 Domains

32 Subdomains

25 IPs

7 Countries

1644 kBTransfer

3244 kBSize

25 Cookies

3 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zww.cn Open in urlscan Pro
61.183.11.168 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

90 %
HTTPS

52 %
IPv6

23
Domains

32
Subdomains

25
IPs

7
Countries

1644 kB
Transfer

3244 kB
Size

25
Cookies

129 HTTP transactions
3 data transactions