urlscan.io logo urlscan.io
SecurityTrails logo

www.xsqishu.com Open in urlscan Pro
104.26.6.219  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.xsqishu.com/txt/62093.html
Submission: On January 18 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 41 HTTP transactions. The main IP is 104.26.6.219, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xsqishu.com.
This is the only time www.xsqishu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 104.26.6.219 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
4 175.6.29.252 63835 (CT-HUNAN-...)
2 103.235.46.191 55967 (BAIDU Bei...)
2 2401:b180:200... 37963 (CNNIC-ALI...)
1 47.88.68.21 45102 (CNNIC-ALI...)
1 182.61.201.93 38365 (BAIDU Bei...)
1 39.156.68.163 9808 (CMNET-GD ...)
2 2a00:1450:400... 15169 (GOOGLE)
41 14
11    104.26.6.219 (United States)

ASN13335 (CLOUDFLARENET, US)
www.xsqishu.com
1    2606:4700:3030::ac43:8633 (United States)

ASN13335 (CLOUDFLARENET, US)
img.xqishu.com
4    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.com
4    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
4    175.6.29.252 (China)

ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN)
s6.cnzz.com
s95.cnzz.com
c.cnzz.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    2401:b180:2000:20::23 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
hzs9.cnzz.com
z4.cnzz.com
1    47.88.68.21 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
cnzz.mmstat.com
1    182.61.201.93 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
push.zhanzhang.baidu.com
1    39.156.68.163 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)
api.share.baidu.com
2    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
11 www.xsqishu.com www.xsqishu.com
7 pagead2.googlesyndication.com www.xsqishu.com
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 c.cnzz.com s6.cnzz.com
s95.cnzz.com
2 hm.baidu.com www.xsqishu.com
1 api.share.baidu.com www.xsqishu.com
1 push.zhanzhang.baidu.com www.xsqishu.com
1 z4.cnzz.com www.xsqishu.com
1 cnzz.mmstat.com www.xsqishu.com
1 hzs9.cnzz.com www.xsqishu.com
1 s95.cnzz.com www.xsqishu.com
1 s6.cnzz.com www.xsqishu.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 img.xqishu.com www.xsqishu.com
0 libs.baidu.com Failed www.xsqishu.com
41 19

This site contains links to these domains. Also see Links.

Domain
xiazai.xqishu.com
m.xsqishu.com
www.cnzz.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-08 -
2021-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-01-05 -
2022-02-06		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-07-16 -
2021-07-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://www.xsqishu.com/txt/62093.html
Frame ID: 776D999559F83D2BB628D953E421076B
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Frame ID: 73E51CB11A43B2606B6F6100E437E0A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&h=90&slotname=1186683267&adk=2779433200&adf=1839787983&pi=t.ma~as.1186683267&w=960&lmt=1600999554&psa=0&format=960x90&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&flash=0&wgl=1&dt=1610939065043&bpp=14&bdt=426&idt=75&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2198326585074&frm=20&pv=2&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=303109332866972&pem=635&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QXq5w1rsR4&p=http%3A//www.xsqishu.com&dtd=94
Frame ID: D6C71A4E9774C34A132E7ED42E7B6FEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&h=90&slotname=4213846446&adk=1295335213&adf=736307295&pi=t.ma~as.4213846446&w=713&fwrn=4&lmt=1600999554&rafmt=10&psa=0&format=713x90_0ads_al&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1610939065057&bpp=3&bdt=441&idt=89&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90&correlator=2198326585074&frm=20&pv=1&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=303109332866972&pem=635&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=y0yPd2rqCQ&p=http%3A//www.xsqishu.com&dtd=92
Frame ID: D24ADD42C52BDB01556802015534C433
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&adk=1812271804&adf=3025194257&lmt=1600999554&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1610939079139&bpp=1&bdt=14522&idt=1&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C713x90_0ads_al&nras=1&correlator=2198326585074&frm=20&pv=1&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&psts=AGkb-H_BsZAU1qs6CJhWF4uevNIiNFLfUaSGz2m8Lkv4yphO4IMpvE5tiLw%2CAGkb-H9oAbJFl-FL18Z1ngQCX4ha0DwxIDqv7c9xcoWUGfuZyWxKC9Swt2kwXnBa-Q6osFnyNIlWTyA8o_6hLA&pvsid=303109332866972&pem=635&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Frame ID: D81076D0052D6C8366BCBAF9B48C5124
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 9A8420F9D969A41AAABA661984789F20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

41
Requests

59 %
HTTPS

46 %
IPv6

11
Domains

19
Subdomains

14
IPs

4
Countries

290 kB
Transfer

627 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 62093.html
www.xsqishu.com/txt/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50488c2c096992c69035ee7a8e1e3385610cd03bf8e881f2b7ebf3c222380415

Request headers

Host
www.xsqishu.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d9b3bb058d3c011fa4c839211ed83095c1610939064; expires=Wed, 17-Feb-21 03:04:24 GMT; path=/; domain=.xsqishu.com; HttpOnly; SameSite=Lax
Last-Modified
Fri, 25 Sep 2020 02:05:54 GMT
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
07b50c77f200000b8844b9e000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0tYj%2BrE%2FjglPlr0En1CJYKCxZO8%2FsxILnVGNff4JVGylOT8sc6hW1F2h3IV3AAUYk0Y0LobBHTjKio4baYKUSR0ZeALbO1Q5DETmvLFSPu4%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6135169fec3e0b88-AMS
Content-Encoding
gzip
style.css
www.xsqishu.com/skin/blue/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.xsqishu.com/skin/blue/style.css
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87813a8ad9f7496ad08830618b1c42eab7cb66fe94df523385252ddcd7f5fd7a

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
161624
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
07b50c793000000b88e0a77000000001
Last-Modified
Fri, 25 Sep 2020 02:05:24 GMT
Server
cloudflare
ETag
W/"5f6d5064-577f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YfBSLyqObEPc8Da1YbAUFYVznqUC12SMkBZ2R23nyKiKucGtoLckuWQ7gcPz7vb%2B8I28SOEZDikm5TYbOZ3O%2BxC3j4NqxVJvXoakuuPEIS4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2678400
CF-RAY
613516a1ee460b88-AMS
common.js
www.xsqishu.com/css/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xsqishu.com/css/common.js?v=191129
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3588c05a5bcac44585d087b0ad62bd2f1e454c301a7130f656b2d463eef385e

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sun, 13 Dec 2020 15:54:35 GMT
Server
cloudflare
ETag
W/"5fd6393b-70c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A7IIhAq8bIhOxDsVSjLcjgRQ%2BryyLpkIgLG93cW%2FtcTi8DCHWyjtCfp6tioSnUluaR4sHkpFl%2FpSEWp8%2F5NqIHcNzi%2FI3uY1MRZHT%2FEK17I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
613516a1ffcd0b4b-AMS
NEL
{"report_to":"cf-nel","max_age":604800}
cf-request-id
07b50c793f00000b4bd6bd3000000001
logo.png
www.xsqishu.com/skin/blue/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xsqishu.com/skin/blue/logo.png
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fae4462b73c3a7e4343a279fdc512d3fa1b86d6608b4644e46a6e00a77bbb0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1803934
Cf-Polished
status=disabled
Connection
keep-alive
Content-Length
9401
cf-request-id
07b50c7a9800000b3323190000000001
Last-Modified
Fri, 25 Sep 2020 02:05:24 GMT
Server
cloudflare
ETag
"5f6d5064-24b9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aq4%2BTfoYhn9SsX529fvVCV9J8JaX96DywV5zPUhorNzPImbOlEeey3J2JC24TlZWxjhTnT2rUeYcvCj4%2BBSemsjH0RLgFH7SjitOJY2%2BhE8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2678400
Accept-Ranges
bytes
CF-RAY
613516a42cba0b33-AMS
Cf-Bgj
imgq:200,h2pri
z_2019091378.jpg
img.xqishu.com/pic/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xqishu.com/pic/z_2019091378.jpg
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7b99c6fc61258eb734537ed54eb1b579e75b65ea855ae0cb4b28ff3e6e911f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:25 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
10865
cf-request-id
07b50c7bfb0000c277dfad8000000001
last-modified
Thu, 12 Sep 2019 17:56:52 GMT
server
cloudflare
etag
"5d7a86e4-2a71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nWZmdqkqvk7wV0pk2AkZqpU%2FDnlg9gB4xTsyLIHSF2dhkUEEWTp2x7hEg3BXFZ8vIoD3PzqNPGX6kcCDarW2kAntMX2NZmuwjmv5en6dwcGqJKpLuD5WQ1dXgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
613516a65ff9c277-FRA
expires
Wed, 17 Feb 2021 03:04:25 GMT
/
www.xsqishu.com/e/public/ViewClick/ 		24 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xsqishu.com/e/public/ViewClick/?classid=107&id=62093&addclick=1
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
bd707dfd07f58b45fd8cea8ced05c655b1df5a955099f672d3ee24a38d736ffa

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sxjdhqoy8l%2FTca1BES%2BrTNo12xbQs670Izavibhn%2Bh06JWX8tvCHfC%2FEZT3Nu710woQcLHugdACQ%2F22Z%2BNKx6dUP0NlMtnWGkLFdd6sCWlg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=gb2312
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
613516a20e770b88-AMS
cf-request-id
07b50c794700000b884b00c000000001
jquery.min.js
libs.baidu.com/jquery/1.9.1/ 		0
0
script.js
www.xsqishu.com/skin/blue/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xsqishu.com/skin/blue/script.js
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
580eb5f3c1ffa868b23ed92028b9e8b696c7aaa782aaef493d64d282c4f08fd3

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1803934
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
07b50c7a8800000b4be2140000000001
Last-Modified
Fri, 25 Sep 2020 02:05:24 GMT
Server
cloudflare
ETag
W/"5f6d5064-c2a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4A6D%2FUytEr1noHFK3TGnMJLWzqhCFoFsHhxYTee1w0PeSlc6MfF4dEhDgtEzE1Pxt%2FfH0Py3x8oSrTmO%2BJP5eehqf78mbnslM636Of8Cbfw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=2678400
CF-RAY
613516a409c00b4b-AMS
/
www.xsqishu.com/e/public/onclick/ 		0
723 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xsqishu.com/e/public/onclick/?enews=donews&classid=107&id=62093
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:25 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pcc8CeiZv7QiVImJ1VGu5V37IgTqF6%2F0h2tYp7xVAhZUF8qy1dhx3PBbZnmTwFbbzxQ83CAUI9M%2BRVFTxg%2FMMwOZu7sO%2F%2FcCv3gp9X9YAMo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=gb2312
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
613516a42b10d8d1-AMS
cf-request-id
07b50c7a970000d8d14e1c7000000001
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/css/common.js?v=191129
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47568
x-xss-protection
0
server
cafe
etag
3101847616964972039
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Jan 2021 03:04:24 GMT
home.jpg
www.xsqishu.com/skin/blue/ 		606 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xsqishu.com/skin/blue/home.jpg
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/skin/blue/style.css
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc35ea8e71a7fa8be00ddd40ad68aeb90ef78de5588dcfea0a2575f72d631bb

Request headers

Referer
http://www.xsqishu.com/skin/blue/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
93008
Cf-Polished
status=disabled
Connection
keep-alive
Content-Length
606
cf-request-id
07b50c7a9900004c7f3712e000000001
Last-Modified
Fri, 25 Sep 2020 02:05:24 GMT
Server
cloudflare
ETag
"5f6d5064-25e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iyzFMD%2BL%2FC93ba%2BKy47C7H2eEaUHwe8DPtLQrTkScFmDuA4IomwYQbIS2P73lDjhJUN%2F%2FJbeQk2JCqtnShzB3OcmBE8GXbdZHF%2FDlNPGayo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=2678400
Accept-Ranges
bytes
CF-RAY
613516a42c474c7f-AMS
Cf-Bgj
imgq:200,h2pri
h2.png
www.xsqishu.com/skin/blue/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xsqishu.com/skin/blue/h2.png
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/skin/blue/style.css
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3fd0aa141f4c973d4dc4eef35616a4da4507d4a9d6584861a5609c9a507708

Request headers

Referer
http://www.xsqishu.com/skin/blue/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:24 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
93008
Cf-Polished
status=disabled
Connection
keep-alive
Content-Length
2800
cf-request-id
07b50c7a9900004bddf50ea000000001
Last-Modified
Fri, 25 Sep 2020 02:05:24 GMT
Server
cloudflare
ETag
"5f6d5064-af0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q3kYUiFqSadYndVW6NBbRJvS2b%2BfwawU5xhv0oBTv7AzMXV2W%2FbNTx2VeQynXhgyTfkiXwXq7ouUlIsFLY%2Bd4RZBqWMD64eDHpHxe%2BXy6kA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2678400
Accept-Ranges
bytes
CF-RAY
613516a42be84bdd-AMS
Cf-Bgj
imgq:200,h2pri
litterStar.png
www.xsqishu.com/skin/blue/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xsqishu.com/skin/blue/litterStar.png
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/skin/blue/style.css
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b

Request headers

Referer
http://www.xsqishu.com/skin/blue/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:25 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
389851
Cf-Polished
status=disabled
Connection
keep-alive
Content-Length
1706
cf-request-id
07b50c7ac400004c7f4c93a000000001
Last-Modified
Fri, 25 Sep 2020 02:05:24 GMT
Server
cloudflare
ETag
"5f6d5064-6aa"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AWJxCHbKCREWuV%2F25TlRL75DOv%2BngzrD9XMGyGtSh77Zi2tEwcnQRe87sbRpPSdaryZHNSaUDNx9OEw%2BN468SduMdqwa9pb4Av9GAD2BCWM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2678400
Accept-Ranges
bytes
CF-RAY
613516a46c9f4c7f-AMS
Cf-Bgj
imgq:200,h2pri
tabBox.png
www.xsqishu.com/skin/blue/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xsqishu.com/skin/blue/tabBox.png
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/skin/blue/style.css
Protocol
HTTP/1.1
Server
104.26.6.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202dc3319d0ef01ed3372635791e0534672f3b44eb3781c9f04087dc5316589a

Request headers

Referer
http://www.xsqishu.com/skin/blue/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:25 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
93009
Cf-Polished
status=disabled
Connection
keep-alive
Content-Length
42921
cf-request-id
07b50c7ac300000b33c1be9000000001
last-modified
Fri, 25 Sep 2020 02:05:24 GMT
Server
cloudflare
etag
"5f6d5064-a7a9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UUf3vbhEUlE1feIhxoJl6%2B2%2BwIGL7oRFXvHclANA64ENTtvT6Czb3t5QAuAGX%2BHIcYphi847%2Bs%2BulTn44PPU9wGkC20SKeAgs%2B6TskooecA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2678400
Accept-Ranges
bytes
CF-RAY
613516a46d040b33-AMS
Cf-Bgj
imgq:200,h2pri
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86268
x-xss-protection
0
server
cafe
etag
7753973667244452840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jan 2021 03:04:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/ Frame 73E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.xsqishu.com/txt/62093.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.xsqishu.com/txt/62093.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 17 Jan 2021 11:17:30 GMT
expires
Sun, 31 Jan 2021 11:17:30 GMT
content-type
text/html; charset=UTF-8
etag
12197657918578843409
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4751
x-xss-protection
0
age
56815
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ins_no_ifr&sf=true
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Jan 2021 03:04:25 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.xsqishu.com
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Jan 2021 03:04:25 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.xsqishu.com&callback=_gfp_s_&client=ca-pub-5641625243188697
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
566e56b62785ca7e1d0104ac96cdebd7100568fd7b93acab03dbb76cc9dd3aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.xsqishu.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Jan 2021 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.xsqishu.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Jan 2021 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D6C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&h=90&slotname=1186683267&adk=2779433200&adf=1839787983&pi=t.ma~as.1186683267&w=960&lmt=1600999554&psa=0&format=960x90&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&flash=0&wgl=1&dt=1610939065043&bpp=14&bdt=426&idt=75&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2198326585074&frm=20&pv=2&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=303109332866972&pem=635&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QXq5w1rsR4&p=http%3A//www.xsqishu.com&dtd=94
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&h=90&slotname=1186683267&adk=2779433200&adf=1839787983&pi=t.ma~as.1186683267&w=960&lmt=1600999554&psa=0&format=960x90&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&flash=0&wgl=1&dt=1610939065043&bpp=14&bdt=426&idt=75&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2198326585074&frm=20&pv=2&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=303109332866972&pem=635&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QXq5w1rsR4&p=http%3A//www.xsqishu.com&dtd=94
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.xsqishu.com/txt/62093.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.xsqishu.com/txt/62093.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 18 Jan 2021 03:04:25 GMT
server
cafe
content-length
23596
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 18-Jan-2021 03:19:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 18 Jan 2021 03:04:25 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1610714114181599"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28294
x-xss-protection
0
expires
Mon, 18 Jan 2021 03:04:25 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D24A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&h=90&slotname=4213846446&adk=1295335213&adf=736307295&pi=t.ma~as.4213846446&w=713&fwrn=4&lmt=1600999554&rafmt=10&psa=0&format=713x90_0ads_al&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1610939065057&bpp=3&bdt=441&idt=89&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90&correlator=2198326585074&frm=20&pv=1&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=303109332866972&pem=635&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=y0yPd2rqCQ&p=http%3A//www.xsqishu.com&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&h=90&slotname=4213846446&adk=1295335213&adf=736307295&pi=t.ma~as.4213846446&w=713&fwrn=4&lmt=1600999554&rafmt=10&psa=0&format=713x90_0ads_al&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1610939065057&bpp=3&bdt=441&idt=89&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90&correlator=2198326585074&frm=20&pv=1&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=303109332866972&pem=635&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=y0yPd2rqCQ&p=http%3A//www.xsqishu.com&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.xsqishu.com/txt/62093.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.xsqishu.com/txt/62093.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 18 Jan 2021 03:04:25 GMT
server
cafe
content-length
6492
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 18-Jan-2021 03:19:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 18 Jan 2021 03:04:25 GMT
cache-control
private
z_stat.php
s6.cnzz.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s6.cnzz.com/z_stat.php?id=1830902&web_id=1830902
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/css/common.js?v=191129
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.6.29.252 , China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
f9ad28d6d9be7a0979a353def39208b9a1099d5a31d4de4fdff866bd6232d6d1

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 18 Jan 2021 02:14:40 GMT
content-encoding
gzip
age
2997
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:12:842846273
x-swift-cachetime
5400
x-swift-savetime
Mon, 18 Jan 2021 02:14:40 GMT
content-length
4080
last-modified
Mon, 18 Jan 2021 02:14:40 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1610936080
content-type
application/javascript
via
cache49.l2cn1802[49,200-0,M], cache48.l2cn1802[50,0], cache14.cn1414[0,200-0,H], cache13.cn1414[1,0]
cache-control
max-age=5400,s-maxage=5400
timing-allow-origin
*
eagleid
af061da116109390776162182e
z_stat.php
s95.cnzz.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s95.cnzz.com/z_stat.php?id=1261416935&web_id=1261416935
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/css/common.js?v=191129
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.6.29.252 , China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
5fa31cfb78c4545031124ba5a52598d95c9b18d1f707b3adaf03c055dee962a6

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 18 Jan 2021 02:08:47 GMT
content-encoding
gzip
age
3350
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:13:849678069
x-swift-cachetime
5400
x-swift-savetime
Mon, 18 Jan 2021 02:08:47 GMT
content-length
4079
last-modified
Mon, 18 Jan 2021 02:08:47 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1610935727
content-type
application/javascript
via
cache34.l2cn1802[47,200-0,M], cache40.l2cn1802[48,0], cache14.cn1414[0,200-0,H], cache14.cn1414[1,0]
cache-control
max-age=5400,s-maxage=5400
timing-allow-origin
*
eagleid
af061da216109390776208901e
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?5473ba66d3933b56f7003287f38c5db4
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/css/common.js?v=191129
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cc89c811194e44cc8679db4cb94d92534266f1ba08319a59259e5e3da02276ea
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:37 GMT
Content-Encoding
gzip
Server
apache
Etag
a4363dc6bfeba9c9bcda4d2c097b0596
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14041
core.php
c.cnzz.com/ 		968 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1830902&t=z
Requested by
Host: s6.cnzz.com
URL: https://s6.cnzz.com/z_stat.php?id=1830902&web_id=1830902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.6.29.252 , China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
bc98691974ddb388693f8a985a5379ce59f6bbfd8e832d52d4a9f2ab90c1ebfe

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 18 Jan 2021 02:50:31 GMT
content-encoding
gzip
age
847
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-cachetime
900
x-swift-savetime
Mon, 18 Jan 2021 02:50:31 GMT
content-length
620
last-modified
Mon, 18 Jan 2021 02:50:31 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1610938231
content-type
application/javascript
via
cache7.l2cn1802[50,200-0,M], cache2.l2cn1802[50,0], cache9.cn1414[0,200-0,H], cache14.cn1414[0,0]
timing-allow-origin
*
eagleid
af061da216109390787683647e
expires
Mon, 18 Jan 2021 03:05:31 GMT
stat.htm
hzs9.cnzz.com/ 		2 B
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hzs9.cnzz.com/stat.htm?id=1830902&r=&lg=en-us&ntime=none&cnzz_eid=1398620596-1610936080-&showp=1600x1200&p=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&t=%E5%9B%9E%E5%88%B0%E6%98%8E%E6%9C%9D%E5%BD%93%E7%8E%8B%E7%88%B7%5B%E7%B2%BE%E6%A0%A1%E7%89%88%5DTXT%E4%B8%8B%E8%BD%BD%2C%E5%9B%9E%E5%88%B0%E6%98%8E%E6%9C%9D%E5%BD%93%E7%8E%8B%E7%88%B7%5B%E7%B2%BE%E6%A0%A1%E7%89%88%5D%E5%B0%8F%E8%AF%B4%E5%85%A8%E9%9B%86%E5%AE%8C%E6%95%B4%E7%89%88%E4%B8%8B%E8%BD%BD%20...&umuuid=1771373946b164-02ab4f76dcb499-1b396256-1d4c00-1771373946c689&h=1&rnd=1559785170
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:2000:20::23 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1364203222&si=5473ba66d3933b56f7003287f38c5db4&v=1.2.80&lv=1&sn=23244&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&tt=%E5%9B%9E%E5%88%B0%E6%98%8E%E6%9C%9D%E5%BD%93%E7%8E%8B%E7%88%B7%5B%E7%B2%BE%E6%A0%A1%E7%89%88%5DTXT%E4%B8%8B%E8%BD%BD%2C%E5%9B%9E%E5%88%B0%E6%98%8E%E6%9C%9D%E5%BD%93%E7%8E%8B%E7%88%B7%5B%E7%B2%BE%E6%A0%A1%E7%89%88%5D%E5%B0%8F%E8%AF%B4%E5%85%A8%E9%9B%86%E5%AE%8C%E6%95%B4%E7%89%88%E4%B8%8B%E8%BD%BD%20-%20%E6%96%B0%E5%A5%87%E4%B9%A6%E7%BD%91
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Jan 2021 03:04:39 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
9.gif
cnzz.mmstat.com/ 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=1183025633
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.88.68.21 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 03:04:39 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control
no-cache
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
core.php
c.cnzz.com/ 		969 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1261416935&t=z
Requested by
Host: s95.cnzz.com
URL: https://s95.cnzz.com/z_stat.php?id=1261416935&web_id=1261416935
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.6.29.252 , China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
7aa0ec4fc40289e6c6e0d77cd88a7bb9fa1f994f8c6e6c7c3b4cad5da7ddfc11

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 18 Jan 2021 02:56:41 GMT
content-encoding
gzip
age
478
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-cachetime
900
x-swift-savetime
Mon, 18 Jan 2021 02:56:41 GMT
content-length
619
last-modified
Mon, 18 Jan 2021 02:56:41 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1610938601
content-type
application/javascript
via
cache28.l2cn1802[42,200-0,M], cache9.l2cn1802[43,0], cache16.cn1414[0,200-0,H], cache14.cn1414[1,0]
timing-allow-origin
*
eagleid
af061da216109390790214320e
expires
Mon, 18 Jan 2021 03:11:41 GMT
stat.htm
z4.cnzz.com/ 		2 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z4.cnzz.com/stat.htm?id=1261416935&r=&lg=en-us&ntime=none&cnzz_eid=504934085-1610935727-&showp=1600x1200&p=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&t=%E5%9B%9E%E5%88%B0%E6%98%8E%E6%9C%9D%E5%BD%93%E7%8E%8B%E7%88%B7%5B%E7%B2%BE%E6%A0%A1%E7%89%88%5DTXT%E4%B8%8B%E8%BD%BD%2C%E5%9B%9E%E5%88%B0%E6%98%8E%E6%9C%9D%E5%BD%93%E7%8E%8B%E7%88%B7%5B%E7%B2%BE%E6%A0%A1%E7%89%88%5D%E5%B0%8F%E8%AF%B4%E5%85%A8%E9%9B%86%E5%AE%8C%E6%95%B4%E7%89%88%E4%B8%8B%E8%BD%BD%20...&umuuid=177137398e7642-07458cc651ddae-1b396256-1d4c00-177137398e86c7&h=1&rnd=1603374989
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:2000:20::23 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Tue, 18 Jan 2022 03:04:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ins_no_ifr&sf=true
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Jan 2021 03:04:39 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D810 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&adk=1812271804&adf=3025194257&lmt=1600999554&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1610939079139&bpp=1&bdt=14522&idt=1&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C713x90_0ads_al&nras=1&correlator=2198326585074&frm=20&pv=1&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&psts=AGkb-H_BsZAU1qs6CJhWF4uevNIiNFLfUaSGz2m8Lkv4yphO4IMpvE5tiLw%2CAGkb-H9oAbJFl-FL18Z1ngQCX4ha0DwxIDqv7c9xcoWUGfuZyWxKC9Swt2kwXnBa-Q6osFnyNIlWTyA8o_6hLA&pvsid=303109332866972&pem=635&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5641625243188697&output=html&adk=1812271804&adf=3025194257&lmt=1600999554&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fwww.xsqishu.com%2Ftxt%2F62093.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1610939079139&bpp=1&bdt=14522&idt=1&shv=r20210112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=960x90%2C713x90_0ads_al&nras=1&correlator=2198326585074&frm=20&pv=1&ga_vid=1365351704.1610939065&ga_sid=1610939065&ga_hid=1150186891&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&psts=AGkb-H_BsZAU1qs6CJhWF4uevNIiNFLfUaSGz2m8Lkv4yphO4IMpvE5tiLw%2CAGkb-H9oAbJFl-FL18Z1ngQCX4ha0DwxIDqv7c9xcoWUGfuZyWxKC9Swt2kwXnBa-Q6osFnyNIlWTyA8o_6hLA&pvsid=303109332866972&pem=635&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.xsqishu.com/txt/62093.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.xsqishu.com/txt/62093.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 18 Jan 2021 03:04:39 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 18-Jan-2021 03:19:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 18 Jan 2021 03:04:39 GMT
cache-control
private
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://www.xsqishu.com/txt/62093.html
Requested by
Host: www.xsqishu.com
URL: http://www.xsqishu.com/txt/62093.html
Protocol
HTTP/1.1
Server
39.156.68.163 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 03:04:39 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08c043a19bbfb8d61867ea65e1451618b7c7ffb90340a4d45b0a122f90139f92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Jan 2021 03:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6750
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Mon, 18 Jan 2021 03:04:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 9A84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.xsqishu.com/txt/62093.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.xsqishu.com/txt/62093.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Mon, 18 Jan 2021 00:14:44 GMT
expires
Tue, 18 Jan 2022 00:14:44 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10196
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210112&jk=303109332866972&bg=!6-il6KvNAAWtJAQVrTsAKQB2-DxaTtpyvuKdAsGueeSN6xgB-qJpCv5yz9SZJAmfjGo84jDEGdqnAgAAAFNSAAAADWgBBwoAhWj5MLGOFsN9n1oRHqk9pup6_H8QqUX5ni_O6uKVzL8BBbP3lYdeg_O6NypBU6wawpzdHisLMgNxMyazNqmbGraHL1F3xSDiffCUFddevS4zainckZJZFolVNIht2Ze1c1RVzNbYLSVg25P7a4wN15uWEfhsBUoFi0P8XYi03DGnEKwI5fWZAdpqJEmcDTGDxR-pnuktue9h-BKnHBSQqJTxkGtWNgeMi255LWjtUb4ILTvZrghNPswGOFEUfVIqGDWIFWho5ohf8YgD3FIj3yQdR8cBtdAPlvJJrjO6PfFEmd_7j3SB16UtJedHkfuffZgHj5jNFEDfBbiQGFkRfeYmXsxTnnssMNHsxn8CBUjUWSxTzUl6PQW2Akpn_WZ-9KOLqGGJIWdTRtQjyzL68YTasTePb2zhyKvX0A4qTMxxLYaLs-qtuy2RlWrQcH2ItZksL3RIdS088uRmzh14y4JBgeVjz0QnZVV0WSAGHMy9RQQPkOuS6GGp3bXCJ0v6VgfMlBKnR-zDG46eVgIuruUTeBHQHcHLwVwm0tEQYodJQL5lKYw4ZtIzyqYqkgr3UrHztV1QjfODBXQXZeYkGR-ekife9nWgPxG21Af4LcILEMz3OTamuzmGoMh3MEYaJzHqlae0oP3zHU58IKTNgNcz5ygtvkaxwsvABTLh-TOc_dKLEG0bDYBzba_qU1iDiIxdK9iw5DK1YGO9_szRCtfB72bx8Nuo96uTdvnDdDwJyIsYeZnO5LmsbhxBQLx3pnyGiI8uHPu7jzgc7frjvKxQl3mx8dWTrmRjJhtim487s70
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.xsqishu.com/txt/62093.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 03:04:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
libs.baidu.com
URL
http://libs.baidu.com/jquery/1.9.1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| show function| head function| tongji object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| google_image_requests object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| downRank function| marquee object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1830902 object| cnzz_image_1723925057 boolean| _bdhm_loaded_5473ba66d3933b56f7003287f38c5db4 object| _hmt object| mini_tangram_log_n6aoqk object| cnzz_image_1709738190 object| _CNZZDbridge_1261416935 object| cnzz_image_119700550 object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
www.xsqishu.com/ Name: CNZZDATA1261416935
Value: 504934085-1610935727-%7C1610935727
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.xsqishu.com/ Name: UM_distinctid
Value: 177137398e7642-07458cc651ddae-1b396256-1d4c00-177137398e86c7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.share.baidu.com
c.cnzz.com
cnzz.mmstat.com
googleads.g.doubleclick.net
hm.baidu.com
hzs9.cnzz.com
img.xqishu.com
libs.baidu.com
pagead2.googlesyndication.com
partner.googleadservices.com
push.zhanzhang.baidu.com
s6.cnzz.com
s95.cnzz.com
tpc.googlesyndication.com
www.googletagservices.com
www.xsqishu.com
z4.cnzz.com
libs.baidu.com
103.235.46.191
104.26.6.219
142.250.74.194
175.6.29.252
182.61.201.93
2401:b180:2000:20::23
2606:4700:3030::ac43:8633
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81c::2001
39.156.68.163
47.88.68.21
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
08c043a19bbfb8d61867ea65e1451618b7c7ffb90340a4d45b0a122f90139f92
1f3fd0aa141f4c973d4dc4eef35616a4da4507d4a9d6584861a5609c9a507708
202dc3319d0ef01ed3372635791e0534672f3b44eb3781c9f04087dc5316589a
34f6573f8ad85246932ff4cc59aa5dec3f2117a5b85a7ea9fc38b6de279397f9
50488c2c096992c69035ee7a8e1e3385610cd03bf8e881f2b7ebf3c222380415
520c3f5772ade6af389a5cfb08534bbd6dbdaaa68bc2cac9de395efc800f243e
566e56b62785ca7e1d0104ac96cdebd7100568fd7b93acab03dbb76cc9dd3aec
580eb5f3c1ffa868b23ed92028b9e8b696c7aaa782aaef493d64d282c4f08fd3
5fa31cfb78c4545031124ba5a52598d95c9b18d1f707b3adaf03c055dee962a6
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
7aa0ec4fc40289e6c6e0d77cd88a7bb9fa1f994f8c6e6c7c3b4cad5da7ddfc11
87813a8ad9f7496ad08830618b1c42eab7cb66fe94df523385252ddcd7f5fd7a
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
afc35ea8e71a7fa8be00ddd40ad68aeb90ef78de5588dcfea0a2575f72d631bb
b3588c05a5bcac44585d087b0ad62bd2f1e454c301a7130f656b2d463eef385e
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bc98691974ddb388693f8a985a5379ce59f6bbfd8e832d52d4a9f2ab90c1ebfe
bd707dfd07f58b45fd8cea8ced05c655b1df5a955099f672d3ee24a38d736ffa
c7b99c6fc61258eb734537ed54eb1b579e75b65ea855ae0cb4b28ff3e6e911f1
cc89c811194e44cc8679db4cb94d92534266f1ba08319a59259e5e3da02276ea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9ad28d6d9be7a0979a353def39208b9a1099d5a31d4de4fdff866bd6232d6d1
f9fae4462b73c3a7e4343a279fdc512d3fa1b86d6608b4644e46a6e00a77bbb0